summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--CHANGELOG.md19
-rw-r--r--README.md3
2 files changed, 13 insertions, 9 deletions
diff --git a/CHANGELOG.md b/CHANGELOG.md
index d0ce403..c9d6fa3 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,18 +1,21 @@
# Changelog
All notable changes to this project will be documented in this file.
-The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/),
+The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.1.0/),
and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0.html).
-## [Unreleased]
+## [1.1.0] - YYYY-MM-DD
+### Fixed
+- Corrected signature verification for DigiByte Bech32 addresses (starting with `dgb1...`). Signatures from these addresses were previously unverifiable due to issues in the underlying `digibyte-message` dependency.
-## [1.0.1] - YYYY-MM-DD
-### Security
-- Fixed multiple security vulnerabilities by overriding transitive dependencies:
- - `elliptic` updated to `^6.6.1` to address CVE related to malformed input signature.
- - `lodash` updated to `^4.17.21` to address CVE related to Prototype Pollution.
+### Changed
+- Replaced internal `digibyte-message` dependency with `bitcoinjs-message` to enable correct verification across all address types (Legacy, SegWit P2SH, Bech32).
-## [1.0.0] - YYYY-MM-DD
+## [1.0.1] - 2024-07-25
+### Fixed
+- Correct type exports for CJS/UMD builds.
+
+## [1.0.0] - 2024-07-25
### Added
- Initial release of `digiid-ts`.
- Core functionality for generating Digi-ID URIs (`generateDigiIDUri`).
diff --git a/README.md b/README.md
index d33c152..2be985c 100644
--- a/README.md
+++ b/README.md
@@ -8,9 +8,10 @@ Provides utilities for generating Digi-ID URIs for QR code display and verifying
* Generates Digi-ID URIs according to the specification.
* Verifies Digi-ID callback signatures and data.
+* Verifies signatures from all standard DigiByte address types (Legacy, SegWit P2SH, Native SegWit/Bech32).
* Full TypeScript support with comprehensive type definitions.
* Modern ES modules support.
-* Zero dependencies (except for Node.js built-ins).
+* Minimal dependencies, relying on standard cryptographic libraries.
* Comprehensive test coverage.
* Detailed error messages for debugging.
generated by cgit v1.2.3 (git 2.39.1) at 2025-05-12 13:28:20 +0000