diff --git a/src/pubkey.h b/src/pubkey.h
--- a/src/pubkey.h
+++ b/src/pubkey.h
@@ -123,6 +123,9 @@
         unsigned int len = ::ReadCompactSize(s);
         if (len <= SIZE) {
             s.read((char *)vch, len);
+            if (len != size()) {
+                Invalidate();
+            }
         } else {
             // invalid pubkey, skip available data
             char dummy;
diff --git a/src/test/key_tests.cpp b/src/test/key_tests.cpp
--- a/src/test/key_tests.cpp
+++ b/src/test/key_tests.cpp
@@ -6,6 +6,7 @@
 
 #include <chainparams.h> // For Params()
 #include <key_io.h>
+#include <streams.h>
 #include <uint256.h>
 #include <util/strencodings.h>
 #include <util/string.h>
@@ -404,4 +405,45 @@
     BOOST_CHECK(key.GetPubKey().data()[0] == 0x03);
 }
 
+static CPubKey UnserializePubkey(const std::vector<uint8_t> &data) {
+    CDataStream stream{SER_NETWORK, INIT_PROTO_VERSION};
+    stream << data;
+    CPubKey pubkey;
+    stream >> pubkey;
+    return pubkey;
+}
+
+static unsigned int GetLen(uint8_t chHeader) {
+    if (chHeader == 2 || chHeader == 3) {
+        return CPubKey::COMPRESSED_SIZE;
+    }
+    if (chHeader == 4 || chHeader == 6 || chHeader == 7) {
+        return CPubKey::SIZE;
+    }
+    return 0;
+}
+
+static void CmpSerializationPubkey(const CPubKey &pubkey) {
+    CDataStream stream{SER_NETWORK, INIT_PROTO_VERSION};
+    stream << pubkey;
+    CPubKey pubkey2;
+    stream >> pubkey2;
+    BOOST_CHECK(pubkey == pubkey2);
+}
+
+BOOST_AUTO_TEST_CASE(pubkey_unserialize) {
+    for (uint8_t i = 2; i <= 7; ++i) {
+        CPubKey key = UnserializePubkey({0x02});
+        BOOST_CHECK(!key.IsValid());
+        CmpSerializationPubkey(key);
+        key = UnserializePubkey(std::vector<uint8_t>(GetLen(i), i));
+        CmpSerializationPubkey(key);
+        if (i == 5) {
+            BOOST_CHECK(!key.IsValid());
+        } else {
+            BOOST_CHECK(key.IsValid());
+        }
+    }
+}
+
 BOOST_AUTO_TEST_SUITE_END()