Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id C16488D7 for ; Tue, 16 Aug 2016 10:21:30 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from zinan.dashjr.org (unknown [192.3.11.21]) by smtp1.linuxfoundation.org (Postfix) with ESMTP id 82828FB for ; Tue, 16 Aug 2016 10:21:30 +0000 (UTC) Received: from ishibashi.localnet (unknown [IPv6:2001:470:5:265:61b6:56a6:b03d:28d6]) (Authenticated sender: luke-jr) by zinan.dashjr.org (Postfix) with ESMTPSA id 5362038A17C5; Tue, 16 Aug 2016 10:20:29 +0000 (UTC) X-Hashcash: 1:25:160816:bitcoin-dev@lists.linuxfoundation.org::2EE7oJVtKMDLmcQk:dVUCj X-Hashcash: 1:25:160816:jl2012@xbt.hk::VRdv07niuTbBrS8b:eiOU4 From: Luke Dashjr To: bitcoin-dev@lists.linuxfoundation.org, Johnson Lau Date: Tue, 16 Aug 2016 10:20:27 +0000 User-Agent: KMail/1.13.7 (Linux/4.1.18-gentoo; KDE/4.14.20; x86_64; ; ) References: <835406850.86951.1471342201363@privateemail.com> In-Reply-To: <835406850.86951.1471342201363@privateemail.com> X-PGP-Key-Fingerprint: E463 A93F 5F31 17EE DE6C 7316 BD02 9424 21F4 889F X-PGP-Key-ID: BD02942421F4889F X-PGP-Keyserver: hkp://pgp.mit.edu MIME-Version: 1.0 Content-Type: Text/Plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <201608161020.28467.luke@dashjr.org> X-Spam-Status: No, score=-0.9 required=5.0 tests=BAYES_00,RDNS_DYNAMIC autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: Re: [bitcoin-dev] New BIP: Low S values signatures X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 16 Aug 2016 10:21:30 -0000 On Tuesday, August 16, 2016 10:10:01 AM Johnson Lau via bitcoin-dev wrote: > Specification > > Every signature passed to OP_CHECKSIG, OP_CHECKSIGVERIFY, OP_CHECKMULTISIG, > or OP_CHECKMULTISIGVERIFY, to which ECDSA verification is applied, Not 20-byte witness v0 programs? > These operators all perform ECDSA verifications on pubkey/signature pairs, > iterating from the top of the stack backwards. For each such verification, > if the signature does not pass the IsLowDERSignature check, "the IsLowDERSignature check" is not well-defined. Probably intend to reference the previous paragraph? Luke