From 4261a46f03af207032f803c1fb8e795c3b0d4ce7 Mon Sep 17 00:00:00 2001
From: Aniketh Varma <aaniketh_varma@yahoo.com>
Date: Sat, 5 Oct 2024 03:03:10 +0530
Subject: [PATCH] Setting `lowS: false` by default for verification of
 secp256k1 signatures (#811)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

<!--
  For Work In Progress Pull Requests, please use the Draft PR feature,
see https://github.blog/2019-02-14-introducing-draft-pull-requests/ for
further details.

  For a timely review/response, please avoid force-pushing additional
  commits if your PR already received reviews or comments.

Before submitting a Pull Request, please ensure you've done the
following:
- 📖 Read the TBD Developer Website Contributing Guide:
https://github.com/TBD54566975/developer.tbd.website/blob/main/CONTRIBUTING.md.
- 📖 Read the TBD Developer Website Code of Conduct:
https://github.com/TBD54566975/developer.tbd.website/blob/main/CODE_OF_CONDUCT.md.
  - 👷‍♀️ Create small PRs. In most cases, this will be possible.
  - ✅ Provide tests for your changes.
  - 📝 Use descriptive commit messages.
- 📗 Update any related documentation and include any relevant
screenshots.
-->

## What type of PR is this? (check all applicable)

- [ ] ♻️ Refactor
- [x] ✨ New Feature
- [ ] 🐛 Bug Fix
- [ ] 📝 Documentation Update
- [ ] 👷 Example Application
- [ ] 🧑‍💻 Code Snippet
- [ ] 🎨 Design
- [ ] 📖 Content
- [ ] 🧪 Tests
- [ ] 🔖 Release
- [ ] 🚩 Other

## Description

<!-- Please do not leave this blank -->

This PR adds the feature of setting the `lowS` flag to be `false` by
default for the verification of secp256k1 signatures.

## Related Tickets & Documents
<!--
Please use this format link issue numbers: Resolves #123

https://docs.github.com/en/free-pro-team@latest/github/managing-your-work-on-github/linking-a-pull-request-to-an-issue#linking-a-pull-request-to-an-issue-using-a-keyword
-->
Resolves #714

## Mobile & Desktop Screenshots/Recordings

<!-- Visual changes require screenshots -->

## Added code snippets?
- [x] 👍 yes
- [ ] 🙅 no, because they aren't needed

## Added tests?

- [ ] 👍 yes
- [ ] 🙅 no, because they aren't needed
- [x] 🙋 no, because I need help

### No tests? Add a note
<!--
If you didn't provide tests with this PR, please explain here why they
aren't needed.
-->

## Added to documentation?

- [ ] 📜 readme
- [ ] 📜 contributing.md
- [ ] 📓 general documentation
- [x] 🙅 no documentation needed

### No docs? Add a note
<!--
If you didn't provide documentation with this PR, please explain here
why it's not needed.
-->

## [optional] Are there any post-deployment tasks we need to perform?



## [optional] What gif best describes this PR or how it makes you feel?



<!-- note: PRs with deletes sections will be marked invalid -->
---
 src/utils/secp256k1.ts | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/src/utils/secp256k1.ts b/src/utils/secp256k1.ts
index f8279d522..d94ad94f1 100644
--- a/src/utils/secp256k1.ts
+++ b/src/utils/secp256k1.ts
@@ -110,7 +110,7 @@ export class Secp256k1 {
 
     const publicKeyBytes = Secp256k1.publicJwkToBytes(publicJwk);
     const hashedContent = await sha256.encode(content);
-    return secp256k1.verify(signature, hashedContent, publicKeyBytes);
+    return secp256k1.verify(signature, hashedContent, publicKeyBytes, { lowS: false });
   }
 
   /**