From e7250d83ff2793c35c9627f8b5a7ee47057d2c9e Mon Sep 17 00:00:00 2001
From: Pawel Zelawski <pawel.zelawski@outlook.com>
Date: Fri, 23 Jan 2026 11:57:07 +0100
Subject: fix: correct bech32 address verification to use compressed public key

- Ensure compressed public key format for bech32 witness v0 addresses
- Convert uncompressed (65 bytes) to compressed (33 bytes) when needed
- Properly compute hash160 of compressed key for P2WPKH addresses
- Fixes signature verification for dgb1 (bech32) addresses
---
 src/digiid.ts | 12 +++++++++++-
 1 file changed, 11 insertions(+), 1 deletion(-)

(limited to 'src')

diff --git a/src/digiid.ts b/src/digiid.ts
index 168e097..c8a1eda 100644
--- a/src/digiid.ts
+++ b/src/digiid.ts
@@ -255,7 +255,17 @@ function verifyAddress(address: string, publicKey: Uint8Array): boolean {
       const { version, program } = decoded;
 
       if (version === 0) {
-        const computedHash = hash160(publicKey);
+        // For witness v0 P2WPKH, use hash160 of compressed public key
+        let pkToHash = publicKey;
+        // If uncompressed (65 bytes), convert to compressed (33 bytes)
+        if (publicKey.length === 65) {
+          const isEven = publicKey[64]! % 2 === 0;
+          pkToHash = new Uint8Array(33);
+          pkToHash[0] = isEven ? 0x02 : 0x03;
+          pkToHash.set(publicKey.slice(1, 33), 1);
+        }
+
+        const computedHash = hash160(pkToHash);
         return program.every((byte, i) => byte === computedHash[i]);
       }
 
-- 
cgit v1.2.3