Corrupted signature or message sometimes leads to invalid nonce error

How to reproduce:

1. Start a new instance of ganache-cli (v6.2.5/docker)
2. Use account A from the auto-generated accounts with funds
3. Send some valid transactions to the blockchain
4. Query latest nonce, send an ETH send transaction with (a) corrupted signature or (b) corrupted data field

Instead of a “invalid signature” message this leads to:

{
  "code": -32000,
  "message": "the tx doesn't have the correct nonce. account has nonce of: 0 tx has nonce of: 14",
  "data": {
    "stack": "n: the tx doesn't have the correct nonce. account has nonce of: 0 tx has nonce of: 14\n    at i (/app/ganache-core.docker.cli.js:37:300962)\n    at blockchain.getQueuedNonce (/app/ganache-core.docker.cli.js:37:301093)\n    at /app/ganache-core.docker.cli.js:25:150975\n    at /app/ganache-core.docker.cli.js:37:630596\n    at /app/ganache-core.docker.cli.js:37:634357\n    at Object.return (/app/ganache-core.docker.cli.js:37:633934)\n    at /app/ganache-core.docker.cli.js:37:632186\n    at e (/app/ganache-core.docker.cli.js:37:634305)\n    at /app/ganache-core.docker.cli.js:37:634316\n    at /app/ganache-core.docker.cli.js:37:631398\n    at process._tickCallback (internal/process/next_tick.js:61:11)",
    "name": "n"
  }
}

However, there is probably a race condition involved since sometimes instead I get

{
  "code": -32000,
  "message": "Invalid Signature",
  "data": {
    "stack": "Error: Invalid Signature\n    at e.getSenderPublicKey (/app/ganache-core.docker.cli.js:10:88137)\n    at e.getSenderAddress (/app/ganache-core.docker.cli.js:10:87941)\n    at A.queueRawTransaction (/app/ganache-core.docker.cli.js:37:292154)\n    at u.eth_sendRawTransaction (/app/ganache-core.docker.cli.js:37:283039)\n    at u.handleRequest (/app/ganache-core.docker.cli.js:37:280006)\n    at t (/app/ganache-core.docker.cli.js:37:143367)\n    at a.handleRequest (/app/ganache-core.docker.cli.js:37:278371)\n    at t (/app/ganache-core.docker.cli.js:37:143367)\n    at s.f.handleRequest (/app/ganache-core.docker.cli.js:37:271502)\n    at s.handleRequest (/app/ganache-core.docker.cli.js:37:269329)\n    at t (/app/ganache-core.docker.cli.js:37:143367)\n    at c.handleRequest (/app/ganache-core.docker.cli.js:37:277385)\n    at t (/app/ganache-core.docker.cli.js:37:143367)\n    at a.handleRequest (/app/ganache-core.docker.cli.js:37:276832)\n    at t (/app/ganache-core.docker.cli.js:37:143367)\n    at d._handleAsync (/app/ganache-core.docker.cli.js:37:143403)\n    at Timeout._onTimeout (/app/ganache-core.docker.cli.js:37:142828)\n    at ontimeout (timers.js:436:11)\n    at tryOnTimeout (timers.js:300:5)\n    at listOnTimeout (timers.js:263:5)\n    at Timer.processTimers (timers.js:223:10)",
    "name": "Error"
  }
}

The ratio incorrect nonce to invalid signature is about half half.

I suspect the following: the sender is calculated from signature+message via the secp256k1 public key recovery algorithm. Now before the signature is checked for validity, the nonce is compared to the nonce of a wrong account B != A.

On Rinkeby I observe the same problem. They just report {"code":-32000,"message":"invalid sender"} which is a little bit less confusing but still not great.