Merge #592: Document sig verify's intentional limitation

6e0ae2a Document sig verify's intentional limitation (Thomas M. DuBuisson) Pull request description: This bit of documentation is similar to the secp256k1 C lib comment: ``` * To avoid accepting malleable signatures, only ECDSA signatures in lower-S * form are accepted. ``` ACKs for top commit: apoelstra: ACK 6e0ae2a Tree-SHA512: 3259898c497b33cb967eac910ce746d6ccf2706adb0563ce862737156ef82e65d486d1b83c62dd474350a1fce4a2f9f5da20509ed85af2c138f4ea3a29cc240c
rust-bitcoin · Mar 29, 2023 · 57a4dbc · 57a4dbc
2 parents d738998 + 6e0ae2a
commit 57a4dbc
Showing 1 changed file with 1 addition and 0 deletions.
diff --git a/src/ecdsa/mod.rs b/src/ecdsa/mod.rs
@@ -190,6 +190,7 @@ impl Signature {
     }
 
     /// Verifies an ECDSA signature for `msg` using `pk` and the global [`SECP256K1`] context.
+    /// The signature must be normalized or verification will fail (see [`normalize_s`]).
     #[inline]
     #[cfg(feature = "global-context")]
     #[cfg_attr(docsrs, doc(cfg(feature = "global-context")))]