From f4255fd5771732e47c481f61926b1c3e98ff121f Mon Sep 17 00:00:00 2001
From: Leem <leem.yang@tron.network>
Date: Fri, 19 Sep 2025 11:29:36 +0800
Subject: [PATCH] sig normalization

---
 docs/mechanism-algorithm/account.md | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/docs/mechanism-algorithm/account.md b/docs/mechanism-algorithm/account.md
index f2134c3f..24c78286 100644
--- a/docs/mechanism-algorithm/account.md
+++ b/docs/mechanism-algorithm/account.md
@@ -108,3 +108,6 @@ When a Fullnode receives a transaction, it uses the transaction hash and signatu
 
 ### Example
 Signature verification is performed by the Fullnode. For [ECDSA algorithm signature verification](https://github.com/tronprotocol/java-tron/blob/master/crypto/src/main/java/org/tron/common/crypto/ECKey.java), you can refer to java-tron, and the core function is `signatureToAddress`.
+
+### Signature normalization
+`ECDSA` signatures (using the `secp256k1` curve) are malleable, meaning that for a signature $(r, s)$, where $r, s \in [1, n-1]$, the pair $(r, n - s)$ is also a valid signature. Since signatures affect transaction id in both Bitcoin and Ethereum, [BIP-62](https://github.com/bitcoin/bips/blob/master/bip-0062.mediawiki) and [EIP-2](https://eips.ethereum.org/EIPS/eip-2) require signatures to be normalized, i.e., $s \leq n/2$. However, for the TRON network, the transaction id does not include signature information, so there is no strict requirement for signature normalization, and signature verification does not need to check whether the signature is normalized. Although there is no strict restriction, both `java-tron` and `wallet-cli` currently perform signature normalization.