-
Notifications
You must be signed in to change notification settings - Fork 3k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Segwit message signing is not compatible with other software #3861
Comments
I don't mind following what trezor does. |
at the moment Trezor-generated signatures will fail to verify in Electrum because how |
Is there any consensus yet on test vectors? |
There have been two related new BIPs submitted in recent months:
Do we know of anyone else that is compatible with Trezor? If so, maybe we should do that too to make some progress... :) |
Perhaps on verification, you can attempt the process on both forms of the signature header-byte. It is trivial to to determine if the address presented to verify against is P2PKH, P2SH, or P2WPKH. If your verifying against a P2WPKH address with a signature header byte between 39-42, just subtract 8 from the header byte and do the verification as it exists today. If you have a P2SH address with a signature header byte between 35 and 28, just subtract 4 from the header byte and do the verification. This would make your message verification both BIP-0137 complaint and backward compatible with messages already generated. Perhaps ask for similar flexibility of the Trezor FW then both BIP-0137 and non-BIP-0137 signatures can be interchangeable regardless of what standard is used in their generation. |
Regarding BIP-0322, to me it looks really scary. I am not sure how we would implement that. It seems to properly implement it, we would need a full fledged consensus validator and a script interpreter. If you read the BIP, to me, it seems evident that it was written for Bitcoin Core. Consider this quote for example:
or this section: https://github.com/bitcoin/bips/blob/master/bip-0322.mediawiki#consensus-and-standard-flags How are light clients supposed to implement this? I guess we could conceivably implement signing support via hardcoded templates for the scripts we support. About validation... well not sure; but I expect we would return INCONCLUSIVE for anything we don't recognise. |
With the recent merge of bcoin-org/bcoin#802 into bcoin...
|
…addrs The signatures we create are unchanged but we now also accept signatures created by Trezor and others. see spesmilo#3861
AFAICT there is no clear consensus how to sign messages with segwit addresses (txin type of
p2wpkh-p2sh
andp2wpkh
)We do one thing, and Trezor does something else. Bitcoin Core so far has this disabled.
Maybe we could transition to what Trezor does, in a way that:
Electrum issue/commit
Bitcoin Core issue
Trezor issue/commit/tests
gribble PR doing what Electrum does
The text was updated successfully, but these errors were encountered: