From e7250d83ff2793c35c9627f8b5a7ee47057d2c9e Mon Sep 17 00:00:00 2001
From: Pawel Zelawski <pawel.zelawski@outlook.com>
Date: Fri, 23 Jan 2026 11:57:07 +0100
Subject: fix: correct bech32 address verification to use compressed public key

- Ensure compressed public key format for bech32 witness v0 addresses
- Convert uncompressed (65 bytes) to compressed (33 bytes) when needed
- Properly compute hash160 of compressed key for P2WPKH addresses
- Fixes signature verification for dgb1 (bech32) addresses
---
 package.json  |  2 +-
 src/digiid.ts | 12 +++++++++++-
 2 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/package.json b/package.json
index 1edba61..1c618f8 100644
--- a/package.json
+++ b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "digiid-ts",
-  "version": "2.0.1-beta.0",
+  "version": "2.0.1-beta.1",
   "description": "A modern TypeScript implementation of the DigiID authentication protocol.",
   "main": "dist/digiid-ts.umd.js",
   "module": "dist/digiid-ts.es.js",
diff --git a/src/digiid.ts b/src/digiid.ts
index 168e097..c8a1eda 100644
--- a/src/digiid.ts
+++ b/src/digiid.ts
@@ -255,7 +255,17 @@ function verifyAddress(address: string, publicKey: Uint8Array): boolean {
       const { version, program } = decoded;
 
       if (version === 0) {
-        const computedHash = hash160(publicKey);
+        // For witness v0 P2WPKH, use hash160 of compressed public key
+        let pkToHash = publicKey;
+        // If uncompressed (65 bytes), convert to compressed (33 bytes)
+        if (publicKey.length === 65) {
+          const isEven = publicKey[64]! % 2 === 0;
+          pkToHash = new Uint8Array(33);
+          pkToHash[0] = isEven ? 0x02 : 0x03;
+          pkToHash.set(publicKey.slice(1, 33), 1);
+        }
+
+        const computedHash = hash160(pkToHash);
         return program.every((byte, i) => byte === computedHash[i]);
       }
 
-- 
cgit v1.2.3