Using the notation in the ECDSA wikipedia article

http://en.wikipedia.org/wiki/ECDSAAn ECDSA signature is (r,s).

When verifying the signature, one of the first things calculated is the modular inverse of "s" and "s" is not otherwise used.

Since the signature is generated once and verified thousands of times (at least once by each client) , why isn't the signature (r, inverse(s)) instead?

This would save one inversion per verification.

On the signing side, if you look at the way s is calculated, inverse(s) could be calculated just as quickly. Instead of inverting the random k parameter you'd invert z+rd

Is there something I'm missing? Did they really just overlook this?

ByteCoin