From a50e50206194fb047283621f865c00d56f7e92d0 Mon Sep 17 00:00:00 2001 From: sashass1315 Date: Sat, 13 Sep 2025 22:10:35 +0300 Subject: [PATCH] fix: correct typo in batch verification malleability comment --- ed25519-dalek/src/batch.rs | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ed25519-dalek/src/batch.rs b/ed25519-dalek/src/batch.rs index dc8a5d1f1..670dfe71b 100644 --- a/ed25519-dalek/src/batch.rs +++ b/ed25519-dalek/src/batch.rs @@ -113,7 +113,7 @@ fn gen_u128(rng: &mut R) -> u128 { /// /// The latter prevents a malleability attack wherein an adversary, without access /// to the signing key(s), can take any valid signature, `(s,R)`, and swap -/// `s` with `s' = -z1`. This doesn't constitute a signature forgery, merely +/// `s` with `s' = -s`. This doesn't constitute a signature forgery, merely /// a vulnerability, as the resulting signature will not pass single /// signature verification. (Thanks to Github users @real_or_random and /// @jonasnick for pointing out this malleability issue.)