Signature checking is too weak #7
Description
@sipa points out:
sipa: you need a slightly stronger check
sipa: the low-s requirement is that s is below n/2
sipa: and n is around 2^256 - 2^128
You could screw the current code up by making me think you had given me a valid sig, but actually hadn't, and I'd lose.