Merge pull request #406 from bsv-blockchain/TOB-23-ESDCA

ty-everett · web-flow · commit d50981532e68 · 2025-12-04T09:25:08.000-08:00
Fix ECDSA nonce boundary checks (TOB-BSV-23) and add validation tests
diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -5,6 +5,7 @@ All notable changes to this project will be documented in this file. The format
 ## Table of Contents
 
 - [Unreleased](#unreleased)
+- [1.9.20 - 2025-12-02](#1920---2025-12-02)
 - [1.9.19 - 2025-12-02](#1919---2025-12-02)
 - [1.9.18 - 2025-12-02](#1918---2025-12-02)
 - [1.9.17 - 2025-12-01](#1917---2025-12-01)
@@ -191,6 +192,21 @@ All notable changes to this project will be documented in this file. The format
 ### Security
 ---
 
+### [1.9.20] - 2025-12-02
+
+### Security
+
+- Corrected ECDSA nonce range validation to strictly follow the specification.
+  The implementation now correctly accepts `k = 1` and `k = n-1` when generating or
+  validating nonces, resolving the issue raised in TOB-23.
+
+### Fixed
+
+- Updated both locations in the ECDSA sign function where the incorrect bound
+  check was performed, ensuring consistent and standards-compliant behavior.
+
+---
+
 ### [1.9.19] - 2025-12-02
 
 ### Added
diff --git a/package-lock.json b/package-lock.json
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@bsv/sdk",
-  "version": "1.9.18",
+  "version": "1.9.19",
   "type": "module",
   "description": "BSV Blockchain Software Development Kit",
   "main": "dist/cjs/mod.js",
diff --git a/src/primitives/ECDSA.ts b/src/primitives/ECDSA.ts
@@ -87,7 +87,7 @@ export const sign = (
     if (kBN == null) throw new Error('k is undefined')
     kBN = truncateToN(kBN, true)
 
-    if (kBN.cmpn(1) <= 0 || kBN.cmp(ns1) >= 0) {
+    if (kBN.cmpn(1) < 0 || kBN.cmp(ns1) > 0) {
       if (BigNumber.isBN(customK)) {
         throw new Error('Invalid fixed custom K value (must be >1 and <N‑1)')
       }
diff --git a/src/primitives/__tests/ECDSA.test.ts b/src/primitives/__tests/ECDSA.test.ts
@@ -61,4 +61,33 @@ describe('ECDSA', () => {
     const signature = ECDSA.sign(msg, key)
     expect(ECDSA.verify(msg, signature, wrongPub)).toBeFalsy()
   })
+
+  it('should accept custom k = 1 and k = n-1', () => {
+    const n = curve.n
+    const one = new BigNumber(1)
+
+    // k = 1 → valid
+    const k1 = one
+    const sig1 = ECDSA.sign(msg, key, undefined, k1)
+    expect(ECDSA.verify(msg, sig1, pub)).toBeTruthy()
+
+    // k = n-1 → valid
+    const km1 = n.subn(1)
+    const sig2 = ECDSA.sign(msg, key, undefined, km1)
+    expect(ECDSA.verify(msg, sig2, pub)).toBeTruthy()
+  })
+
+  it('should reject custom k < 1 or k > n-1', () => {
+    const n = curve.n
+
+    // k = 0 → invalid
+    expect(() =>
+      ECDSA.sign(msg, key, undefined, new BigNumber(0))
+    ).toThrow()
+
+    // k = n → invalid
+    expect(() =>
+      ECDSA.sign(msg, key, undefined, n)
+    ).toThrow()
+  })
 })

Original file line number	Diff line number	Diff line change
`@@ -1,6 +1,6 @@`
`1`	`1`	`{`
`2`	`2`	`"name": "@bsv/sdk",`
`3`		`- "version": "1.9.18",`
	`3`	`+ "version": "1.9.19",`
`4`	`4`	`"type": "module",`
`5`	`5`	`"description": "BSV Blockchain Software Development Kit",`
`6`	`6`	`"main": "dist/cjs/mod.js",`
Original file line number	Diff line number	Diff line change
`@@ -87,7 +87,7 @@ export const sign = (`
`87`	`87`	`if (kBN == null) throw new Error('k is undefined')`
`88`	`88`	`kBN = truncateToN(kBN, true)`
`89`	`89`
`90`		`- if (kBN.cmpn(1) <= 0 \|\| kBN.cmp(ns1) >= 0) {`
	`90`	`+ if (kBN.cmpn(1) < 0 \|\| kBN.cmp(ns1) > 0) {`
`91`	`91`	`if (BigNumber.isBN(customK)) {`
`92`	`92`	`throw new Error('Invalid fixed custom K value (must be >1 and <N‑1)')`
`93`	`93`	`}`