Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193] helo=mx.sourceforge.net) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1SfyeD-00038T-D2 for bitcoin-development@lists.sourceforge.net; Sat, 16 Jun 2012 19:27:01 +0000 X-ACL-Warn: Received: from vps7135.xlshosting.net ([178.18.90.41]) by sog-mx-3.v43.ch3.sourceforge.com with esmtp (Exim 4.76) id 1SfyeC-00070c-HP for bitcoin-development@lists.sourceforge.net; Sat, 16 Jun 2012 19:27:01 +0000 Received: by vps7135.xlshosting.net (Postfix, from userid 1000) id 99984244B13; Sat, 16 Jun 2012 21:26:52 +0200 (CEST) Date: Sat, 16 Jun 2012 21:26:52 +0200 From: Pieter Wuille To: bitcoin-development@lists.sourceforge.net Message-ID: <20120616192651.GA13438@vps7135.xlshosting.net> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline X-PGP-Key: http://sipa.ulyssis.org/pubkey.asc User-Agent: Mutt/1.5.20 (2009-06-14) X-Spam-Score: 1.2 (+) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (pieter.wuille[at]gmail.com) 0.0 DKIM_ADSP_CUSTOM_MED No valid author signature, adsp_override is CUSTOM_MED -0.0 T_RP_MATCHES_RCVD Envelope sender domain matches handover relay domain 1.2 NML_ADSP_CUSTOM_MED ADSP custom_med hit, and not from a mailing list X-Headers-End: 1SfyeC-00070c-HP Subject: [Bitcoin-development] After compressed pubkeys: hybrid pubkeys X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 16 Jun 2012 19:27:01 -0000 Hello all, while OpenSSL's silent support for compressed public keys allowed us to enable them in a fully backward-compatible way, it seems OpenSSL supports yet another (and non-standard, and apparently useless) encoding for public keys. As these are supported by (almost all?) fully validating clients on the network, I believe alternative implementations should be willing to handle them as well. No hybrid keys are used in the main chain, but I did test them in testnet3, and they work as expected. In total, the following encodings exist: * 0x00: point at infinity; not a valid public key * 0x02 [32-byte X coord]: compressed format for even Y coords * 0x03 [32-byte X coord]: compressed format for odd Y coords * 0x04 [32-byte X coord] [32-byte Y coord]: uncompressed format * 0x06 [32-byte X coord] [32-byte Y coord]: hybrid format for even Y coords * 0x07 [32-byte X coord] [32-byte Y coord]: hybrid format for odd Y coords Handling them is trivial: if you see a public key starting with a 0x06 or 0x07, use it as if there was a 0x04 instead. I suppose we could decide to forbid these after a certain date/block height, and try to get sufficient mining power to enforce that before that date. Any opinions? Forbidding it certainly makes alternative implementation slightly easier in the future, but I'm not sure the hassle of a network rule change is worth it. -- Pieter