Skip to content

Signature Malleability#


Signature malleability occurs when there are multiple valid signatures for the same data and public key.

ecrecover allows for malleable signatures. (r,s,v) and (r,s',v) from two "Y" points for a given "X" on the elliptic curve.

ecrecover is used throughout the codebase. No meaningful exploits were found as a result of signature malleability.


Even so, consider using Open Zeppelin's ECDSA library to recover signature public keys, as they have an explicit check which prevents malleability.