Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id A9385BBC for ; Thu, 21 Dec 2017 23:09:29 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from zinan.dashjr.org (zinan.dashjr.org [192.3.11.21]) by smtp1.linuxfoundation.org (Postfix) with ESMTP id 389AFE0 for ; Thu, 21 Dec 2017 23:09:29 +0000 (UTC) Received: from ishibashi.localnet (unknown [IPv6:2001:470:5:265::71]) (Authenticated sender: luke-jr) by zinan.dashjr.org (Postfix) with ESMTPSA id B4BE338A006A; Thu, 21 Dec 2017 23:09:10 +0000 (UTC) X-Hashcash: 1:25:171221:bitcoin-dev@lists.linuxfoundation.org::3h+wAdShWXhHUv5=:6zuk X-Hashcash: 1:25:171221:DKBryant@gmail.com::Z/MKtJeN=P89C9w6:aSVw8 From: Luke Dashjr To: bitcoin-dev@lists.linuxfoundation.org, DKBryant@gmail.com Date: Thu, 21 Dec 2017 23:09:05 +0000 User-Agent: KMail/1.13.7 (Linux/4.12.12-gentoo; KDE/4.14.37; x86_64; ; ) References: In-Reply-To: X-PGP-Key-Fingerprint: E463 A93F 5F31 17EE DE6C 7316 BD02 9424 21F4 889F X-PGP-Key-ID: BD02942421F4889F X-PGP-Keyserver: hkp://pgp.mit.edu MIME-Version: 1.0 Content-Type: Text/Plain; charset="iso-8859-15" Content-Transfer-Encoding: 7bit Message-Id: <201712212309.07243.luke@dashjr.org> X-Spam-Status: No, score=-4.2 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_MED, T_RP_MATCHES_RCVD autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: Re: [bitcoin-dev] BIP for Legacy Sign Verify functions X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Dec 2017 23:09:29 -0000 On Thursday 21 December 2017 10:26:25 PM Dan Bryant via bitcoin-dev wrote: > https://github.com/brianddk/bips/blob/legacysignverify/bip-0xyz.mediawiki It's not even correct... Your first "verify message" step is not possible; you can't get a public key from an address. What is actually done, is using the signature + message to perform key recovery, to extract the public key of the signer, and then hashing that and comparing it to the address provided. > Although this is a well established functionality, it has never been > published in a BIP. My proposal is simply to provide a reference point for > future expansion of these capabilities into new address schemes. New schemes should probably NOT be based on the current one. Luke