Merricx

**Name of the Vulnerable Software and Affected Versions** ecies versions prior to 2.0.8 **Description** The issue allows an attacker to recover any private key that interacts with the vulnerable functions. This is due to a bug in the ECDH function where it does not check whether the provided public key is on the curve, allowing an attacker to create a public key not on the curve and use it to recover the private key. The vulnerable functions include `Encapsulate()`, `Decapsulate()`, and `ECDH()`. As a mitigation measure, users can manually check public keys by calling the `IsOnCurve()` function from secp256k1 libraries. **Recommendations** For versions prior to 2.0.8, upgrade to version 2.0.8 or later to resolve the issue. As a temporary workaround, consider manually checking public keys by calling the `IsOnCurve()` function from secp256k1 libraries to minimize the risk of exploitation.