pallet-cosmwasm::crypto::do_secp256k1_verify() fails for signatures with recovery ID 1

[conr2d]

Description

The current implementation of do_secp256k1_verify() adds a dummy byte 0x00 to the end of the secp256k1 signature to convert a 64-byte signature to a 65-byte Substrate ECDSA signature.

For verifying a secp256k1 signature, the recovery ID is not needed when the public key is known. However, sp_io::crypto::ecdsa_verify_prehashed() internally recovers a public key from the signature, so it doesn't work as expected.

conr2d@49efc1a

In the attached example, the newly added test secp256k1_recover_pubkey_recovers() shows the given signature is valid, but it causes secp256k1_verify_verifies() to fail.

Possible Solutions

• Submit a PR to polkadot-sdk to change the behavior of sp_io::crypto::ecdsa_verify_prehashed().
• Add a new host function for secp256k1 signature verification.

If you would like, I can submit a pull request to resolve this issue.

[conr2d]

This issue is related to paritytech/polkadot-sdk#5217.

[github-actions]

stale-issue

[github-actions]

close-issue