Description
Ed25519 signature verification calls ed25519_dalek::VerifyingKey::verify rather than the stricter verify_strict. verify_strict rejects malleable/non-canonical encodings and torsion-point edge cases documented in RFC 8032 §8.4. Permissive verification can accept signatures that rippled rejects (or vice versa).
Location
Impact / Severity
Medium — Consensus divergence. A client that accepts signatures rippled rejects (or vice versa) will disagree on transaction validity, with downstream effects on hashing, relaying, and confirmation logic.
Adversarial Agent Notes
Verdict: ACCEPT. Call site uses value.verify(...) — the dalek 2.x docs explicitly call this permissive.
Description
Ed25519 signature verification calls
ed25519_dalek::VerifyingKey::verifyrather than the stricterverify_strict.verify_strictrejects malleable/non-canonical encodings and torsion-point edge cases documented in RFC 8032 §8.4. Permissive verification can accept signatures that rippled rejects (or vice versa).Location
Impact / Severity
Medium — Consensus divergence. A client that accepts signatures rippled rejects (or vice versa) will disagree on transaction validity, with downstream effects on hashing, relaying, and confirmation logic.
Adversarial Agent Notes
Verdict: ACCEPT. Call site uses
value.verify(...)— the dalek 2.x docs explicitly call this permissive.