Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id DC3CD126E for ; Wed, 14 Mar 2018 08:09:44 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from mo.garage.hdemail.jp (mo.garage.hdemail.jp [46.51.242.127]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 48CE62C4 for ; Wed, 14 Mar 2018 08:09:43 +0000 (UTC) Received: from ip-10-217-1-36.ap-northeast-1.compute.internal (localhost.localdomain [127.0.0.1]) by mo.garage.hdemail.jp (hde-mf-postfix) with SMTP id DA5CB14C0B9 for ; Wed, 14 Mar 2018 17:09:42 +0900 (JST) (envelope-from karljohan-alm@garage.co.jp) X-Received: from unknown (HELO mo.garage.hdemail.jp) (127.0.0.1) by 0 with SMTP; 14 Mar 2018 17:09:42 +0900 X-Received: from mo.garage.hdemail.jp (localhost.localdomain [127.0.0.1]) by mo.garage.hdemail.jp (hde-ma-postfix) with ESMTP id CEBBA4C072 for ; Wed, 14 Mar 2018 17:09:42 +0900 (JST) (envelope-from karljohan-alm@garage.co.jp) Received: from gw20.oz.hdemail.jp (ip-10-188-132-75.ap-northeast-1.compute.internal [10.188.132.75]) by mo.garage.hdemail.jp (hde-mf-postfix) with ESMTP id CB2E114C0B9 for ; Wed, 14 Mar 2018 17:09:42 +0900 (JST) (envelope-from karljohan-alm@garage.co.jp) X-Received: from mail-qt0-f198.google.com (lb06.oz.hdemail.jp [54.238.50.28]) (using TLSv1 with cipher AES128-SHA (128/128 bits)) (No client certificate requested) by gw20.oz.hdemail.jp (Postfix) with ESMTP id 3CF27148C0F6 for ; Wed, 14 Mar 2018 17:09:42 +0900 (JST) X-Received: by mail-qt0-f198.google.com with SMTP id d7so1629691qtm.6 for ; Wed, 14 Mar 2018 01:09:42 -0700 (PDT) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=1nwzgFNimOla2h9lepMvtfcp5KevXqWZyL2zs2rt8h8=; b=g3zsjzF9Ot1bt7HWjgG28IP2csMLo1CA0eUgwG1JxKmloSIKN8eeUX6Ru/VGPgBc7s 2uUCNfCN+LmVi7UPcPq415bwH0n2Lem38nohCe65QT2E+Cw89GKSvUdiNaKpwYdFbLh7 kKNJjmfQl/JaMgPh9D/vQgclj5wat5mn3YZcYj9KYDHBviaz+3u83dVZXoe1OCGttuoR qh9+T6sNOIhWGk6TYYOz2v7wy8OuNX2ud4Le7/6GUADyIhlBYeKiCEMLjR43sDw+85Cb k0dXzrwnDYf/fS4vMABQC4RXpmiLlJEK8lKaMg9y5pX7Kv+NAdy4xcOvucI3xdmeoren xtaw== X-Gm-Message-State: AElRT7F6ZhjhYLthx9QJrBGDvtiDq7rVl+fPlecBGWXpnREEFYCtW9q1 y2lpKjws5L7ji38yOKC1CVsB3n9oJeVTlyuC9UOYkFg0E7Y+oYCevyBR+s5oF4gi1u0QEdcb/gT 5gmWpqzo/eybb27Ile9f8gTG4wnDdAXbqHs/IENfNUeHF3Z/KmJED+YQEBECPD1MXtSklhD8Go0 +pFMCM6Cijtwg0K23fIpvim9NzpiodDlHgABg2tPM2iHlH8HhK16ftWc10XugC4l8qNxw6Gnmxa mkVgoxURjfYgs/ifORDDSOLFIPJf7gbuqxn9QTw89im5Fy2zeu0SYo/1wuoHlOF3WpxOjWtEq3V MG0iXXKkQBuLJKLYMac6LYedzI4= X-Received: by 10.200.27.2 with SMTP id y2mr5783878qtj.161.1521014980741; Wed, 14 Mar 2018 01:09:40 -0700 (PDT) X-Google-Smtp-Source: AG47ELvSA2BwcwO2ceHzk8TJ2r2ho1hfgGPF1pB7xZqMvCjRoft6V6xKYYfXLLS5D5iGo6tkD9L2nXVgWRAqxdKo/XU= X-Received: by 10.200.27.2 with SMTP id y2mr5783855qtj.161.1521014980423; Wed, 14 Mar 2018 01:09:40 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.12.176.3 with HTTP; Wed, 14 Mar 2018 01:09:20 -0700 (PDT) From: Karl Johan Alm Date: Wed, 14 Mar 2018 04:09:20 -0400 Message-ID: To: Bitcoin Protocol Discussion Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: [bitcoin-dev] {sign|verify}message replacement X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 14 Mar 2018 08:09:45 -0000 Hello, I am considering writing a replacement for the message signing tools that are currently broken for all but the legacy 1xx addresses. The approach (suggested by Pieter Wuille) is to do a script based approach. This does not seem to require a lot of effort for implementing in Bitcoin Core*. Below is my proposal for this system: A new structure SignatureProof is added, which is a simple scriptSig & witnessProgram container that can be serialized. This is passed out from/into the signer/verifier. RPC commands: sign
[=false] Generates a signature proof for using the same method that would be used to spend coins sent to
.** verify
[=false] Deserializes and executes the proof using a custom signature checker whose sighash is derived from . Returns true if the check succeeds, and false otherwise. The scriptPubKey is derived directly from
.** Feedback welcome. -Kalle. (*) Looks like you can simply use VerifyScript with a new signature checker class. (h/t Nicolas Dorier) (**) If is true, is the sighash, otherwise sighash=sha256d(message).