Verify signatures after signing

Open quad opened this issue 3 years ago • 0 comments

Description

Verifying the signature before leaving the signer prevents random or attacker provoked computation errors. This prevents publishing invalid signatures which may leak information about the secret key. It is recommended, but can be omitted if the computation cost is prohibitive.

Notes to the reviewers

How do we test this?

Checklists

All Submissions:

[ ] I've signed all my commits
[x] I followed the contribution guidelines
[x] I ran cargo fmt and cargo clippy before committing

Aug 15 '22 05:08 quad