You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In Qtum, bitcoin style pubkeyhash addresses are typically used as msg.sender. In this proposal it is made possible to test the signature produced by a pubkeyhash address and to recover that address from signed data.
Motivation
Currently in Qtum, by using the ecrecover function in Solidity, it is impossible to compare the address returned from it, to the pay-to-pubkeyhash address in msg.sender. This has been worked around by some projects by using a solidity Secp256K1.sol library contract. This is of course very expensive and cumbersome.
Specification
A new precompiled contract will be added to Qtum's version of the EVM, along with a library contract to allow it easy access to the precompiled contract function within contracts.
The interface should exactly match ecrecover, but instead is called btc_ecrecover. The recovered public key should be hashed using the pubkeyhash format: RIPEMD160(SHA256(SHA256(public key))). The gas costs and any other interface considerations should exactly match ecrecover.
Rationale
Though this is trivial to change, it is already a live network and there could be contracts making use of the current ecrecover functionality. Thus, it is unsafe to make a retroactive change of this magnitude. It is much safer, though slightly harder to use, to instead add a new precompiled contract with this functionality.
Strategy
This should be implemented in a hard fork at the same time as the EVM upgrades
The text was updated successfully, but these errors were encountered:
Abstract
In Qtum, bitcoin style pubkeyhash addresses are typically used as
msg.sender. In this proposal it is made possible to test the signature produced by a pubkeyhash address and to recover that address from signed data.Motivation
Currently in Qtum, by using the
ecrecoverfunction in Solidity, it is impossible to compare the address returned from it, to the pay-to-pubkeyhash address in msg.sender. This has been worked around by some projects by using a solidity Secp256K1.sol library contract. This is of course very expensive and cumbersome.Specification
A new precompiled contract will be added to Qtum's version of the EVM, along with a library contract to allow it easy access to the precompiled contract function within contracts.
The interface should exactly match
ecrecover, but instead is calledbtc_ecrecover. The recovered public key should be hashed using the pubkeyhash format:RIPEMD160(SHA256(SHA256(public key))). The gas costs and any other interface considerations should exactly match ecrecover.Rationale
Though this is trivial to change, it is already a live network and there could be contracts making use of the current
ecrecoverfunctionality. Thus, it is unsafe to make a retroactive change of this magnitude. It is much safer, though slightly harder to use, to instead add a new precompiled contract with this functionality.Strategy
This should be implemented in a hard fork at the same time as the EVM upgrades
The text was updated successfully, but these errors were encountered: