Merge rust-bitcoin/rust-secp256k1#711: Improve from digest comment

72e09c1a7c Improve the comment on `Message::from_digest` (Martin Habovstiak) Pull request description: Minor improvement on top of #712 ACKs for top commit: apoelstra: ACK 72e09c1a7c Tree-SHA512: 06e8e706bb9732ea46ef3488ed33f7c7c84ea5afa5b1b2bca03cd2641524ff61156133436c1dd62df62769c8544644e1a4453fbacf4413fece73282ae154a387
2024-07-29 10:45:05 +00:00 · 2024-07-29 10:45:05 +00:00 · 2753b9e767
parent 3f067d5b1a 72e09c1a7c
commit 2753b9e767
1 changed files with 4 additions and 2 deletions
--- a/src/lib.rs
+++ b/src/lib.rs
@ -66,12 +66,14 @@
 //! ```rust
 //! # #[cfg(feature = "alloc")] {
 //! use secp256k1::{Secp256k1, Message, SecretKey, PublicKey};
+//! # fn compute_hash(_: &[u8]) -> [u8; 32] { [0xab; 32] }
 //!
 //! let secp = Secp256k1::new();
 //! let secret_key = SecretKey::from_slice(&[0xcd; 32]).expect("32 bytes, within curve order");
 //! let public_key = PublicKey::from_secret_key(&secp, &secret_key);
-//! // This is unsafe unless the supplied byte slice is the output of a cryptographic hash function.
-//! let message = Message::from_digest([0xab; 32]);
+//! // If the supplied byte slice was *not* the output of a cryptographic hash function this would
+//! // be cryptographically broken. It has been trivially used in the past to execute attacks.
+//! let message = Message::from_digest(compute_hash(b"CSW is not Satoshi"));
 //!
 //! let sig = secp.sign_ecdsa(&message, &secret_key);
 //! assert!(secp.verify_ecdsa(&message, &sig, &public_key).is_ok());