online resources

bip143 example signature doesn’t validate?

in bip 143 the first example https://github.com/bitcoin/bips/blob/master/bip-0143.mediawiki has a witness signature and it doesn't appear to validate/be correct?! I wrote a super simple python program to demonstrate import ecdsa import asn1 #Importing the 3 pieces of data from the example to byte arrays pub = bytearray.fromhex("025476c2e83188368da1ff3e292e7acafcdb3566bb0ad253f62fc70f07aeee6357") sighash = bytearray.fromhex("c37af31116d1b27caf68aae9e3ac82f1477929014d5b917657d0eb49478cb670") dersigscript = bytearray.fromhex("304402203609e17b84f6a7d30c80bfa610b5b4542f32a8a0d5447a12fb1366d7f01cc44a0220573a954c4518331561406f90300e8f3358f51928d43c212a8caed02de67eebee") #deocding the DEC encoding decoder = asn1.Decoder() decoder.start(bytes(dersigscript)) tag, sigscript = decoder.read() #stripping off the script potion so we just have a signature sig = bytearray(sigscript)[2:66] vk = ecdsa.VerifyingKey.from_string(pub, curve=ecdsa.SECP256k1) vk.verify(sig, sighash) If anyone can shed some light on what stupid thing I am doing, or an example…

Continue Reading bip143 example signature doesn’t validate?

The example signature in BIP143 doesn’t validate?

In BIP143 the first example has a witness signature and it doesn't appear to validate/be correct?! I wrote a super simple python program to demonstrate import ecdsa import asn1 #Importing the 3 pieces of data from the example to byte arrays pub = bytearray.fromhex("025476c2e83188368da1ff3e292e7acafcdb3566bb0ad253f62fc70f07aeee6357") sighash = bytearray.fromhex("c37af31116d1b27caf68aae9e3ac82f1477929014d5b917657d0eb49478cb670") dersigscript = bytearray.fromhex("304402203609e17b84f6a7d30c80bfa610b5b4542f32a8a0d5447a12fb1366d7f01cc44a0220573a954c4518331561406f90300e8f3358f51928d43c212a8caed02de67eebee") #deocding the DEC encoding decoder = asn1.Decoder() decoder.start(bytes(dersigscript)) tag, sigscript = decoder.read() #stripping off the script potion so we just have a signature sig = bytearray(sigscript)[2:66] vk = ecdsa.VerifyingKey.from_string(pub, curve=ecdsa.SECP256k1) vk.verify(sig, sighash) If anyone can shed some light on what stupid thing I am doing, or an example reference that…

Continue Reading The example signature in BIP143 doesn’t validate?

bip143 witness formatting

in bip143 thet define a witness signature. In the first example there is a witness broken down witness 00 02 47304402203609e17b84f6a7d30c80bfa610b5b4542f32a8a0d5447a12fb1366d7f01cc44a0220573a954c4518331561406f90300e8f3358f51928d43c212a8caed02de67eebee01 21025476c2e83188368da1ff3e292e7acafcdb3566bb0ad253f62fc70f07aeee6357 this formatting doesn't appear to be defined anywhere in this document? my question is specifically what is the entire second piece "21025476c2e83188368da1ff3e292e7acafcdb3566bb0ad253f62fc70f07aeee6357" the first part is the signature but what are the extra bytes on the front and end specifically 0x47 and 0x01 Most importantly the signature is too long?! it is 70 bytes instead of 64. "304402203609e17b84f6a7d30c80bfa610b5b4542f32a8a0d5447a12fb1366d7f01cc44a0220573a954c4518331561406f90300e8f3358f51928d43c212a8caed02de67eebee" I was able to take the example private key, public key, and sighash and sign and verify so I know…

Continue Reading bip143 witness formatting

Cannot create signature to redeem P2SH output

Pay TX: 02000000000101324d370ae154899320ba315a48d4904664cab1fd35568dbf12635cb5cf8a1f490100000000000000000240420f000000000017a914b030803afe82d7cc67999e68c1e8776fbc6064c3870a2d2f3b00000000160014ba31c63dfda8011544817c1a1278bbd00f5010490247304402200372d680cdf8cc451632fd948813cd5f1ec261a22f4cfe77aebc8ca19ce74485022022ebb589ff996276cff6199eb778e4df3e01c2ea1102b85cc608466d3c6d03f801210362351823238b726ad8bdb14a168d20b0050078ddbde03dfed75e11d3747712ac00000000 { "addresses": [ "3HkcxCzPMCEBKugktCu5gtZJEkqMe7qFeF", "bc1qhgcuv00a4qq323yp0sdpy79m6q84qyzf2lgt4j" ], "block_height": -1, "block_index": -1, "confirmations": 0, "double_spend": false, "fees": 0, "hash": "1a4d84fe267e27ae8f08964567c3d81eef4d25e8a4fbb2b8a650228ccf5409d5", "inputs": [ { "age": 0, "output_index": 1, "prev_hash": "491f8acfb55c6312bf8d5635fdb1ca644690d4485a31ba20938954e10a374d32", "script_type": "empty", "sequence": 0 } ], "opt_in_rbf": true, "outputs": [ { "addresses": [ "3HkcxCzPMCEBKugktCu5gtZJEkqMe7qFeF" ], "script": "a914b030803afe82d7cc67999e68c1e8776fbc6064c387", "script_type": "pay-to-script-hash", "value": 1000000 }, { "addresses": [ "bc1qhgcuv00a4qq323yp0sdpy79m6q84qyzf2lgt4j" ], "script": "0014ba31c63dfda8011544817c1a1278bbd00f501049", "script_type": "pay-to-witness-pubkey-hash", "value": 992947466 } ], "size": 223, "total": 993947466, "ver": 2, "vin_sz": 1, "vout_sz": 2, "vsize": 142 } Redeem TX: 0200000001d50954cf8c2250a6b8b2fba4e8254def1ed8c3674596088fae277e26fe844d1a000000008447304402206128ea40e6c16a9204b7737e39db01f57537b65d56378e09791b7f156845a868022068b33a02913f521072b65cbb30b6bba17a7ef9ccf977155c1b9db47c7f9c067a0121025f18a96004f26d16747c1670c056e801e04eb5633b45ce4919f2b188ce6870b91976a91411e4aff6f9dc16bc60a839ead318d72fe06e9d5a88ac0000000001b42e0f0000000000160014bb45633968fb1d1b9f96e4974409a4a6d802ab5600000000 { "addresses": [ "bc1qhdzkxwtglvw3h8ukujt5gzdy5mvq926k48mpr8" ], "block_height": -1, "block_index": -1, "confirmations": 0, "double_spend": false, "fees": 0, "hash": "6fd2fa0a87dfdb08de86e6b9803becf0a5234dd94110d59c6a2830b851d4481e", "inputs": […

Continue Reading Cannot create signature to redeem P2SH output

What does bitcoin do that prevents someone from using your coins by just generating a key pair and saying “you” sent those coins?

I think I'm missing and understanding about the current process of how your wallet works and how the transactions are signed. For example, if I'm user "A" and there exists a transaction from user "B" where I received 10 BTC that has been written into a block. Then for me to use it I just generate a random public/private key pair and sign the transaction with the private key. What is stopping user "B" from generating a public/private key pair then creating and signing a transaction saying that I, user "A" sent them 10 BTC? I've read that some wallet…

Continue Reading What does bitcoin do that prevents someone from using your coins by just generating a key pair and saying “you” sent those coins?

What is the data structure of the signature cache in Bitcoin?

There is a signature cache in Bitcoin, which is used to cache the result of signature verification to avoid extra signature verification. What data is stored in the signature cache? Is it stored in the form of key-value pairs or other forms? When a Bitcoin node performs block validation, how does it determine that the signature verification result of a transaction is already in the signature cache?

Continue Reading What is the data structure of the signature cache in Bitcoin?

Orderly Transition Away from ECC? Or Bitcoin to zero?

Let's say asymmetric public key cryptography is wide open, and can be broken using a public key or the signature. Namely, that I can determine the private key using the information revealed in a public key or the signature. Let's also say that this can be done today using a classical computer. Not the quantum computing paradigm, which was designed to trick nerds into using unreliable computers when classical computers are sufficient, but people just don't publicly or widely know how. Let's say that this means I can steal any Bitcoin today from anyone - whether it is Pieter Wuille's,…

Continue Reading Orderly Transition Away from ECC? Or Bitcoin to zero?

Are high-s ECDSA signatures forbidden in segwit witnesses?

I must have looked that up five times by now, but did segwit actually forbid high-s ECDSA signatures in witnesses, esp. in standard single-sig constructions such as P2SH-P2WPKH or P2WPKH? Or are high-s signatures still only non-standard even in segwit inputs? (I'm aware that the transaction malleability problem due to low-s/high-s is mitigated by moving the signature into the witness, that's not my question.)

Continue Reading Are high-s ECDSA signatures forbidden in segwit witnesses?

How to verify a transaction signature?

Context I would like to verify being A has access to a wallet and hence would like to ask them to pay a minimum amount to a particular wallet address owned by someone other than me, e.g. 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa, with a signature ThisIsUnexpected that I gave to the being A. The basic concept I believe is quite simple, if being A agrees, they share with me their bitcoin wallet address:being_A_bitcoin_wallet_address. Next, I would share the expected signature, and selected recipient address (e.g. 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa) with being A. Being A then pays a minimal amount of bitcoin to 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa. After the transaction is…

Continue Reading How to verify a transaction signature?

Are UTXOs signed with a private key?

Are UTXOs signed by a private key? I'm trying to understand exactly which parts of Bitcoin use public and private keys. You need a private key in order to generate transaction output, and to create a transaction that uses those outputs, but I'm not sure what happens in the middle. My current guess is that they aren't signed. The transactions generating the UTXOs are signed, and the block containing the transactions can be validated and then traced back to the miner. It doesn't seem necessary to sign the UTXOs, and even if we wanted to, the only private key available…

Continue Reading Are UTXOs signed with a private key?

Locally Sign transactions Blockcypher API

I'm having a problem that I can't solve since yesterday with the blockCypher APIs when I try to create a new transaction and submit it. https://www.blockcypher.com/dev/bitcoin/?shell#creating-transactions i have to sign locally but their php or cURL code don't work (they give me several problems) I searched the internet but found nothing suitable. many signing tools found online tell me to enter a message in addition to the private key, what message should I enter? does not refer to any messages here: # next, you sign the data returned in the tosign array locally # any ECDSA secp256k1 signing tool should…

Continue Reading Locally Sign transactions Blockcypher API

How to verify a lnurl-auth callback with python

I want to create a Python implementation of an lnurl-auth server. I started a quick HTTP server to be the callback url, and captured the signed callback sent by BLW on Android. ?tag=login &k1=7c27131e7fb37df50d12b0cb56ac1b76f817a5ba535b15afe43390a1f6b55d4d &sig=30450221008172a00276a4724909b37051e98b36ba4f465aac82dd4d9609f91a3cd3be1a32022075bffd8d7697d140055b27e67d31a606435fdf5073c9c96d46a02cae06a5abc4&key=030f12794ae14407b8e1bfa1cbc297bb68ce6b24455ceab52c02da7a92782b6b14 Here is some python that attempts to verify that signature. import secp256k1 k1 = bytes.fromhex("7c27131e7fb37df50d12b0cb56ac1b76f817a5ba535b15afe43390a1f6b55d4d") key = bytes.fromhex('030f12794ae14407b8e1bfa1cbc297bb68ce6b24455ceab52c02da7a92782b6b14') sig = bytes.fromhex('30450221008172a00276a4724909b37051e98b36ba4f465aac82dd4d9609f91a3cd3be1a32022075bffd8d7697d140055b27e67d31a606435fdf5073c9c96d46a02cae06a5abc4') pubkey = secp256k1.PublicKey(key, raw=True) sig = pubkey.ecdsa_deserialize(sig) print(pubkey.ecdsa_verify(k1, sig)) Output: False I don't know enough to tell what I'm doing wrong. It seems like this should be fairly standard use of the secp256k1 library.

Continue Reading How to verify a lnurl-auth callback with python

How to use Digital Signature to Sign Unsigned Transaction?

so I was trying to sign my unsigned transaction: 010000000194d612f5ec40d483ed82bf346d8f08961d61fdf2d6b9804d7731e608d816e5330000000000ffffffff01204e0000000000001600143b36ddb4d9f75f4010450b25a8952a6725981bfb00000000 with a digital signature (ECDSA SIGNATURE in hex representation) I created based on this unsigned transaction which is: 3044022098f9780241fdd9f87a222a85cc65140f61913476c2d3c0f886e328a03f897ea4022089388ea886bb4d2440893665dc54fb7d4a0498766b4752b15415fb18dc38b72a. How to serialize these two so that I can use this digital signature to sign the unsigned transaction. Any explanation, example or any package (in Node.js) or otherwise also would be really helpful. I tried finding examples and test cases and even went through code for bitcoinjs-lib but I've not been able to find a single example of using a digital signature to sign and send a transaction. Most of them…

Continue Reading How to use Digital Signature to Sign Unsigned Transaction?

Using a bitcoin library to create digital signatures in TypeScript/Javascript

I have been trying to sign my transactions with a digital signature for the past few days but seems that libraries in bitcoin, as far as to my knowledge do not provide a simple way to sign the transactions with digital signatures. I have been trying to use bitcoinjs-lib to achieve my result. Bitcoinjs-lib came out with a new way of signing transactions with the class Psbt (partially signed bitcoin transaction) and I have been trying to serialize the unsigned transaction and then create a signature with the unsigned transaction and then finally sign the transaction with the signature. These…

Continue Reading Using a bitcoin library to create digital signatures in TypeScript/Javascript

How to get the raw signature data of a transaction?

With the use of segwit, signature data is no longer part of transaction body and thus can’t be retrieved from block explorers. So is there a Bitcoin rpc method in order to get it directly without having to extract it from transaction manually? My aim is to retrieve the public key behind segwit Bitcoin addresses from EC signature which requires the signature along signed data.

Continue Reading How to get the raw signature data of a transaction?

Sign transaction externally

I create a transaction with inputs from a given address / public key without signatures. Every input needs to be signed. I use a different method to generate the signatures so I can't provide a private key to sign the transaction. Much like the blockcypher API I want to extract a list of strings (called "tosigns" in blockcypher API), sign them externally and combine them with the partial transaction I generated before. Question 1: What field(s) do I have to take out of the bitcoin transaction json and how do they need to be processed to receive a string (or…

Continue Reading Sign transaction externally

How to sign a transaction and also get the signature part from it using electrum console?

How do I sign a transaction with following things: Unsigned Tx: 0100000001e939fb23e9991ebbc75fd08c736da32ca12d98a4ff1b8e970e97f5661927ee410000000000ffffffff01db400f00000000001600147f6757aebaf775d9ce50b2005d551e2501b1e80d00000000 Private key associated with one of the public keys used for creating 2-of-3 multisig: p2wpkh:cQ8KpCuZ11wm8ARD3pPeaqyuUBPusrH9pnVRwDu47kLpxwCZ4ap6 Once the tx is signed, how do I get the 'signature' part from it? Public key: 0318370919cfceb3d260081eeca3cae19f941eec321f597c48a64839178ea1e3e0 I tried signing the transaction with unsigned tx and private key however it returns something that doesn't make sense. Whats wrong here and how do I resolve this? signtransaction(tx, opt_privkey) >> signtransaction('0100000001e939fb23e9991ebbc75fd08c736da32ca12d98a4ff1b8e970e97f5661927ee410000000000ffffffff01db400f00000000001600147f6757aebaf775d9ce50b2005d551e2501b1e80d00000000','cQ8KpCuZ11wm8ARD3pPeaqyuUBPusrH9pnVRwDu47kLpxwCZ4ap6') "02000000000000000000"

Continue Reading How to sign a transaction and also get the signature part from it using electrum console?

How to convert High-S value to low-S value without signing the transaction again?

I created a bitcoin transaction but I'm getting an error when trying to broadcast it: mandatory-script-verify-flag-failed (Non-canonical signature: S value is unnecessarily high) (code 16) I googled it and seems the problem is that S value in ScriptSig is High. I didn't find a working method to convert my High-S value to Low-s value. Could someone help me with that? Any help would be appreciated and well rewarded Cheesy. Maybe there is some python script that can convert High-S value to Low without signing this transaction again?

Continue Reading How to convert High-S value to low-S value without signing the transaction again?

Is there any ‘Metamask-like’ app for Bitcoin?

9 months ago someone asked this same question: Metamask-like web3 inject for bitcoin but I was wondering if there had been be any changes since then. I'm currently looking for a Chrome extension that allows you to validate Bitcoin users based on their wallets, It does not matter if it's not a Chrome extension, I just need some app that could accomplish this. I'm working in a project using Metamask for login users, and I need to find out if there is a way of archieving this with Bitcoin (and other cryptocurrencies), so if you know something about the topic…

Continue Reading Is there any ‘Metamask-like’ app for Bitcoin?

End of content

No more pages to load