To generate fake r,s,z you can use public point and calculate 2 random and add it.
For example G is ecdsa SECP256k1 generator, PublicKey is ecdsa point, N is order
u = randint(1, N)
v = randint(1, N)
r = (u*G+v*PublicKey).x.num % N;
s = r * pow(v, N-2, N) % N
z = u * s % N
Now you have valid r,s,z pair for that public key.
@fxsniper
lattice attacks script leak 6 bit when use gen_data.py but you can use 4 bit too its minimum and 100 r,s,z,leak data need else this attack will not work.
Still there is no way to leak or know 4 bit even for generated or original signed R.
I thinnk posible try with MSB OR LSB 0000 OR 0000 0000
Z IS a sighned message, i thin it is in data(i dont remember exact)