Audit fails for elliptic package

[damianobarbati]

$ pnpm audit
┌─────────────────────┬────────────────────────────────────────────────────────┐
│ low                 │ Valid ECDSA signatures erroneously rejected in         │
│                     │ Elliptic                                               │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Package             │ elliptic                                               │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Vulnerable versions │ <=6.5.7                                                │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Patched versions    │ <0.0.0                                                 │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ Paths               │ services/bcm >                                         │
│                     │ @nomicfoundation/hardhat-chai-matchers@2.0.8 >         │
│                     │ @nomicfoundation/hardhat-ethers@3.0.8 >                │
│                     │ hardhat@2.22.13 > @ethersproject/abi@5.7.0 >           │
│                     │ @ethersproject/hash@5.7.0 >                            │
│                     │ @ethersproject/abstract-signer@5.7.0 >                 │
│                     │ @ethersproject/abstract-provider@5.7.0 >               │
│                     │ @ethersproject/transactions@5.7.0 >                    │
│                     │ @ethersproject/signing-key@5.7.0 > elliptic@6.5.7      │
│                     │                                                        │
│                     │ services/bcm >                                         │
│                     │ @nomicfoundation/hardhat-chai-matchers@2.0.8 >         │
│                     │ @nomicfoundation/hardhat-ethers@3.0.8 >                │
│                     │ hardhat@2.22.13 > @metamask/eth-sig-util@4.0.1 >       │
│                     │ ethereumjs-abi@0.6.8 > ethereumjs-util@6.2.1 >         │
│                     │ elliptic@6.5.7                                         │
│                     │                                                        │
│                     │ services/bcm >                                         │
│                     │ @nomicfoundation/hardhat-chai-matchers@2.0.8 >         │
│                     │ @nomicfoundation/hardhat-ethers@3.0.8 >                │
│                     │ hardhat@2.22.13 > @metamask/eth-sig-util@4.0.1 >       │
│                     │ ethereumjs-abi@0.6.8 > ethereumjs-util@6.2.1 >         │
│                     │ ethereum-cryptography@0.1.3 > secp256k1@4.0.4 >        │
│                     │ elliptic@6.5.7                                         │
│                     │                                                        │
│                     │ ... Found 286 paths, run `pnpm why elliptic` for more  │
│                     │ information                                            │
├─────────────────────┼────────────────────────────────────────────────────────┤
│ More info           │ https://github.com/advisories/GHSA-fc9h-whq2-v747      │
└─────────────────────┴────────────────────────────────────────────────────────┘
1 vulnerabilities found
Severity: 1 low

[fanatid]

why do we need copy-pasted text here? read more info on the provided link and find that the issue/pr already opened

#321
#322

[chadlwilson]

Fixed in 6.6.0 via #326 - you can close this issue now.