From f6c68ec3299412e2bb4997572af29be76b771950 Mon Sep 17 00:00:00 2001
From: Matt Corallo <git@bluematt.me>
Date: Thu, 20 Apr 2023 02:46:18 +0000
Subject: [PATCH] Clarify the documentation of `normalize_s`

I was reading the docs for `normalize_s` and got confused what the
point was - it says that libsecp "will only accept" signatures that
are normalized, which led me to believe it would refuse to
deserialize such signatures. This is untrue, it only refuses to
*validate* such signatures.
---
 src/ecdsa/mod.rs | 4 ++--
 1 file changed, 2 insertions(+), 2 deletions(-)

diff --git a/src/ecdsa/mod.rs b/src/ecdsa/mod.rs
index eb9c668..16ce96b 100644
--- a/src/ecdsa/mod.rs
+++ b/src/ecdsa/mod.rs
@@ -124,8 +124,8 @@ impl Signature {
     /// changing even the signature itself can be a problem. Such applications
     /// require a "strong signature". It is believed that ECDSA is a strong
     /// signature except for this ambiguity in the sign of s, so to accommodate
-    /// these applications libsecp256k1 will only accept signatures for which
-    /// s is in the lower half of the field range. This eliminates the
+    /// these applications libsecp256k1 considers signatures for which s is in
+    /// the upper half of the field range invalid. This eliminates the
     /// ambiguity.
     ///
     /// However, for some systems, signatures with high s-values are considered