Draft: dash tx value signing #95
Conversation
Mayoreee dash tx value signing
thephez
left a comment
thephez
left a comment
There was a problem hiding this comment.
A few initial comments.
|
|
||
| # Abstract | ||
|
|
||
| This DIP describes a digest algorithm that implements the signature covers value when signing Dash transactions. It opens the path for more efficient signing of Dash transactions on hardware wallets. |
There was a problem hiding this comment.
The first sentence is not very clear to me. Looks like it may be part of 2 sentences that got mixed together during editing?
| sigHash: c37af31116d1b27caf68aae9e3ac82f1477929014d5b917657d0eb49478cb670 | ||
| signature: 304402203609e17b84f6a7d30c80bfa610b5b4542f32a8a0d5447a12fb1366d7f01cc44a0220573a954c4518331561406f90300e8f3358f51928d43c212a8caed02de67eebee | ||
|
|
||
| The serialized signed transaction is: 01000000000102fff7f7881a8099afa6940d42d1e7f6362bec38171ea3edf433541db4e4ad969f00000000494830450221008b9d1dc26ba6a9cb62127b02742fa9d754cd3bebf337f7a55d114c8e5cdd30be022040529b194ba3f9281a99f2b1c0a19c0489bc22ede944ccf4ecbab4cc618ef3ed01eeffffffef51e1b804cc89d182d279655c3aa89e815b1b309fe287d9b2b55d57b90ec68a0100000000ffffffff02202cb206000000001976a9148280b37df378db99f66f85c95a783a76ac7a6d5988ac9093510d000000001976a9143bde42dbee7e4dbe6a21b2d50ce2f0167faa815988ac000247304402203609e17b84f6a7d30c80bfa610b5b4542f32a8a0d5447a12fb1366d7f01cc44a0220573a954c4518331561406f90300e8f3358f51928d43c212a8caed02de67eebee0121025476c2e83188368da1ff3e292e7acafcdb3566bb0ad253f62fc70f07aeee635711000000 |
There was a problem hiding this comment.
Not sure if this matters (perhaps @UdjinM6 or @PastaPastaPasta can provide input), but this isn't a valid Dash transaction. Putting it into decoderawtransaction returns TX decode failed (code -22). It appears that this is just the example for a Native P2WPKH tx from BIP-143.
| @@ -0,0 +1,250 @@ | |||
| <pre> | |||
| DIP: tx-value-signing | |||
| Title: Transaction value signing analogous to BIP143 as implemented in Bitcoin Cash | |||
There was a problem hiding this comment.
This mentions Bitcoin Cash yet there is no link to the corresponding spec (https://github.com/bitcoincashorg/bitcoincash.org/blob/master/spec/replay-protected-sighash.md ?) and in general it looks more like bip143 with segwit related parts removed.
| * For the verification of each signature, the amount of data hashing is proportional to the size of the transaction. Therefore, data hashing grows in O(n<sup>2</sup>) as the number of sigops in a transaction increases. This could be fixed by optimizing the digest algorithm by introducing some reusable “midstate”, so the time complexity becomes O(n). | ||
| * The algorithm does not involve the amount of DASH being spent by the input. This is usually not a problem for online network nodes as they could request for the specified transaction to acquire the output value. For an offline transaction signing device (cold wallet"), however, the unknowing of input amount makes it impossible to calculate the exact amount being spent and the transaction fee. To cope with this problem a cold wallet must also acquire the full transaction being spent, which could be a big obstacle in the implementation of lightweight, air-gapped wallet. By including the input value of part of the transaction digest, a cold wallet may safely sign a transaction by learning the value from an untrusted source. In the case that a wrong value is provided and signed, the signature would be invalid and no funding might be lost. <ref>[https://bitcointalk.org/index.php?topic=181734.0 SIGHASH_WITHINPUTVALUE: Super-lightweight HW wallets and offline data]</ref> | ||
|
|
||
| # Specification |
There was a problem hiding this comment.
The upgrade path is not described: btc used segwit as an activation path and bch used SIGHASH_FORKID+SCRIPT_ENABLE_SIGHASH_FORKID https://github.com/bitcoincashorg/bitcoincash.org/blob/master/spec/replay-protected-sighash.md#activation. What is the proposed way to activate this DIP in Dash?
|
@mayoreee Are you still working on this? |
|
@thephez Yes, I'm still looking into the issues raised. I'll push some changes soon. |
Co-authored-by: thephez <thephez@users.noreply.github.com>
4 participants
This DIP describes a digest algorithm that implements the signature covers value when signing Dash transactions.
It opens the path for more efficient signing of Dash transactions on hardware wallets.