feat: use recoverable signature to reduce tx size #15
Conversation
BREAKING CHANGE: witness data is changed
nervos-bot
bot
added
the
breaking change
|
Edit: After a second thought, this change won't affect security as we still use pubkey hash as address and only reveal pubkey on spending.
|
|
@ashchan please assign issues to SDKs. |
|
Can we add test here? It's insane that we don't have a test on such important code. cc @xxuejie |
|
I reject adding the binary into repo. Ask developers to build them. Build them before test in CI. |
|
See here for a way to build the scripts. |
jjyr
force-pushed
the
try-sign-with-recoverable
branch
from
77049ab
to
d6d811c
Compare
|
Updated, use |
|
Could you setup Travis to run the tests? |
jjyr
force-pushed
the
try-sign-with-recoverable
branch
5 times, most recently
from
09ed346
to
afbfc2d
Compare
|
As @quake suggested, we can port the existing test suites for secp256k1 recoverable signature. But it does not block this issue, we can start a new PR for this. |
jjyr
force-pushed
the
try-sign-with-recoverable
branch
from
afbfc2d
to
f889685
Compare
| language: rust | ||
| rust: 1.34.2 | ||
| dist: xenial | ||
| sudo: true |
There was a problem hiding this comment.
Why do we need sudo here?
There was a problem hiding this comment.
Not sure, I just copy the .travis.yml template from CKB
By using secp256k1 recoverable signing, we can significantly reduce tx size by removing the pubkey from tx witness. The total cycles for verification increased from 2660252 to 2739437 for a typical 2-in-2-out tx. discussion is on nervosnetwork/ckb-system-scripts#15 The default secp256k1_blake160_sighash_all lock script is compiled from the following source: https://github.com/nervosnetwork/ckb-system-scripts/blob/517e667a3ce496b58ba948e22b34d1e5c9e79710/c/secp256k1_blake160_sighash_all.c The exact gcc version used in the compilation can be located in the following docker image: xxuejie/riscv-gnu-toolchain-rv64imac: 20190606
By using secp256k1 recoverable signing, we can significantly reduce tx size by removing the pubkey from tx witness. The total cycles for verification increased from 2660252 to 2739437 for a typical 2-in-2-out tx. discussion is on nervosnetwork/ckb-system-scripts#15 The default secp256k1_blake160_sighash_all lock script is compiled from the following source: https://github.com/nervosnetwork/ckb-system-scripts/blob/517e667a3ce496b58ba948e22b34d1e5c9e79710/c/secp256k1_blake160_sighash_all.c The exact gcc version used in the compilation can be located in the following docker image: xxuejie/riscv-gnu-toolchain-rv64imac: 20190606
BREAKING CHANGE: witness data is changed
This PR replace normal signature with recoverable signature. So instead of reading pubkey from witness, the contract recovers a pubkey from the signature, this change can reduce 33 bytes tx size for each witness.
However, due to the additional
recover signatureoperation, the total cycles increased from2660252to2739437for a typical 2-in-2-out tx.The
secp256k1_blake160_sighash_allbinary size increased from1190704bytes to1193224bytes.I think it worth the change, Please leave your opinion in comments.
Changes:
[<pubkey>, <sig>]changed to[<sig>].secp256k1_ecdsa_sign_recoverablemethod.