From f114f19107835409cef452319f22648cf3476b6a Mon Sep 17 00:00:00 2001
From: 0xcontagiante <135531107+0xhashiman@users.noreply.github.com>
Date: Sat, 1 Feb 2025 14:26:04 -0700
Subject: [PATCH] fix: Add IsOnCurve check when unmarshaling

---
 crypto/crypto.go | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/crypto/crypto.go b/crypto/crypto.go
index f7bfd34e29..36ce7c753c 100644
--- a/crypto/crypto.go
+++ b/crypto/crypto.go
@@ -212,6 +212,9 @@ func UnmarshalPubkey(pub []byte) (*ecdsa.PublicKey, error) {
 	if x == nil {
 		return nil, errInvalidPubkey
 	}
+	if !S256().IsOnCurve(x, y) {
+		return nil, errInvalidPubkey
+	}
 	return &ecdsa.PublicKey{Curve: S256(), X: x, Y: y}, nil
 }