From c7a29ca1b01aa4681f4a7f8f7ac3704c939b9f9d Mon Sep 17 00:00:00 2001
From: Owen <103096885+owen-reorg@users.noreply.github.com>
Date: Fri, 31 Jan 2025 00:24:31 +0800
Subject: [PATCH] crypto: add IsOnCurve check (#261)

---
 CHANGELOG.md     | 5 +++++
 crypto/crypto.go | 3 +++
 2 files changed, 8 insertions(+)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 5698832ed4..66d1c73b32 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,5 +1,10 @@
 # Changelog
 
+## v0.5.5
+
+This is a hot fix release, the detail about this fix will be revealed later.
+Please upgrade your node to this version if your node is exposed to the public network via p2p.
+
 ## v0.5.4
 
 This is a minor release for opBNB Mainnet and Testnet.
diff --git a/crypto/crypto.go b/crypto/crypto.go
index 4d69768bc8..f3e30de4cc 100644
--- a/crypto/crypto.go
+++ b/crypto/crypto.go
@@ -197,6 +197,9 @@ func UnmarshalPubkey(pub []byte) (*ecdsa.PublicKey, error) {
 	if x == nil {
 		return nil, errInvalidPubkey
 	}
+	if !S256().IsOnCurve(x, y) {
+		return nil, errInvalidPubkey
+	}
 	return &ecdsa.PublicKey{Curve: S256(), X: x, Y: y}, nil
 }