Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id E2085C6E for ; Wed, 6 Mar 2019 10:37:59 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-wr1-f41.google.com (mail-wr1-f41.google.com [209.85.221.41]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 72C2B12E for ; Wed, 6 Mar 2019 10:37:58 +0000 (UTC) Received: by mail-wr1-f41.google.com with SMTP id w6so12793372wrs.4 for ; Wed, 06 Mar 2019 02:37:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:references:to:from:openpgp:autocrypt:message-id:date :user-agent:mime-version:in-reply-to:content-language; bh=fMQEJW1ibYkgsU656jJ1vFl9UzWe8JnC6BYz/MnpPpg=; b=ntKFWzP416okG/AJzRyBhsj+myqCK0JQPri8L0NjOi3G6hfaeyX2P+rpY9KgcBrqRI nTP2NtrlgxG+OYQkrGS+RHZotBblh9eCLo8I2VLCFEQoWwJxDG9TM4Hk0S6oPL4LiQa+ X0xreuwPcGeevZ05hu1QptocORMCBvajTuGN1XBm54H5AGx2keXEQfHeMXcqpEtrBRoV xWvUQwY1VfyewAlHCsh5A+865uPoqJLURBXt3baV98r2iB4N35Q9+6YGvdBLrPuZNZFr WzSirb+JQq3YThoUTfVQUHMm6qyqTOcw/l20/yeOVI3swVd5VP0d8fHAgPJ126oDpRPU oz5Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:references:to:from:openpgp:autocrypt :message-id:date:user-agent:mime-version:in-reply-to :content-language; bh=fMQEJW1ibYkgsU656jJ1vFl9UzWe8JnC6BYz/MnpPpg=; b=T2wdCAQuLLUN/TdiCb6D5RCCWaubWgMEqusiYnYII/1eptY95evYTaARoAWwzRoeFs zat7KKFbCQ4cYISCU18cwnaGfIJQterh4AS5dB4pX/GwD8uLDHlDQp/uPtMTKdApXPPD S55iinRUMYcjvBF1AsHO3/yKYrNix1Z9TnLRk3RkQM5IJEzlBQNXGZxBMk2bpoHfROAe D/Q7w1CWcnzzKsjz5ef3ruzuD4VKpv9MThFpDDhhpWTfF+hrTe1XCSWozFkb+KgUIu2g lUYRy60MrmSAJSrXX35TS+okZEmsNh+dnd5OHeftbVymCXaisNPletmz76PmS+P8jFP9 mWFw== X-Gm-Message-State: APjAAAVAe6E07o+aWKqwPYpjqn7J+koG3ZjDR0p6vKY1EqDYeAQry78d mVzoMa+i+RJMzNilMuXOYBcryNcy X-Google-Smtp-Source: APXvYqz7ZCfm/x3sS9sAgZztbxB4pTTL49uxsdXK1hkPzWIA5kVCRzXnv2nCFuyfMv5JDL54fl8iKw== X-Received: by 2002:adf:f792:: with SMTP id q18mr2346571wrp.324.1551868676853; Wed, 06 Mar 2019 02:37:56 -0800 (PST) Received: from ?IPv6:2a01:cb1d:44:6500:9d6d:71b2:cb71:cb17? ([2a01:cb1d:44:6500:9d6d:71b2:cb71:cb17]) by smtp.googlemail.com with ESMTPSA id z129sm1770464wmc.33.2019.03.06.02.37.55 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 06 Mar 2019 02:37:56 -0800 (PST) References: To: Bitcoin Dev From: Aymeric Vitte Openpgp: preference=signencrypt Autocrypt: addr=vitteaymeric@gmail.com; prefer-encrypt=mutual; keydata= mQINBFdW8uABEAC7HJScbB2d/lmYoY5Cn9loEjJwfLs1LC3om030bWFGiH3Ceo5XeHUT94rw Pi+HaHU8ea94425SXIFsnqp/ouoT/8Ffn6vED0OoRmK0jE4fqDApXSpoL2mHX9PAGdUItMtD YrxBiBZNfMkctEsm4NrQ4TCvB3Yrm6Fc69inXJjUoYgPw5tHafEeI8Qwh0j99JZZDKcAqIra JF3MPc59rATz0qOJtRP9EpsPVFwjJe13zN6CHILwiVgrL8EtT5WKCVO6ATxh60LHi8+MwPxV V31zp/NNI5Hck+XocEMO98ZvUu9X8ZxmnOk/+9pBxXEwUqSGUNWdmPJLncpI23Usce3u/MOo M2C4T4rD4J0XrXiyBvbeTvwq4qVNlyggeWzlBH+YpEYgDctPq4gNh4eoTtAkf8URtBeke5bQ CGdaZt/jxv8nvmxs9V/iSyg5ldJLQktHStXOo0OZ7FEB2C6Ggtymm4hm2MHYg07Q1MGJrFLa oJZkJ3JeXnVsZMam7ypQtld6rRa96CvH+llXwux6aQ5hKdzmBBMQ10LlkZhkExgTawbeqdiG RMP2DjD5go6TPdAHS4NN34SBkrTWLqgWOjN/lnG77bbLnpMl0P+xBTuqw1oSXaDbcdHE2nGY lRno/ZZIfr+1Bq56DZLBX/WpnAT4f5WtofL4CxQM9SbG6byyewARAQABtCJBeW1lcmljIFZp dHRlIDxheW1lcmljQHBlZXJzbS5jb20+iQI/BBMBCAApBQJXVvLgAhsjBQkJZgGABwsJCAcD AgEGFQgCCQoLBBYCAwECHgECF4AACgkQKh17NCYnrDm3WhAAlYmgtSmtfqjBvQMqkmtqiQJA aZkzFZWt6+zroduHH5/Tp8jh73gFqCUyRrl/kcKvs2+XQhfrOwk1R6OScF25bpnrZSeuyJnZ MZu4T0P2tGS8YdddQvWUHMtI9ZnQRuYmuZT23/hgj1JnukuGvGLeY0yDUa1xFffPN39shp5X FPMcpIVOV3bs+xjAdsyfRyO3qJAD1FGiR7ggJeoaxUbKZ6NtcVUPPRMjVTKfopkuDwKY318m BE0epfxSZ/iRhsJ0/sREUWgbgq4/QvCFwBKzgz7fTikGmf8OELWSdofmXs7gOtmMc3el8fJu W8PVa/OsIQHDmwSzvxmE8ba5M8bdwOYEraTWFArIymAAtRXKxmuYpkqKfeSlbCwae3W+pgNT 8nKYRVAFlMtIxYkmPYyMTk9kCscmSqugGWbWdnqe/dhVaa31xa1qO1tDH24D2/tjCJRQt4Jk AEWNSmjCmjfeArMEFTGlZwMTAjVXErLSPbLOsZiZhD9sjvSbfzrtJiMli2h9+Dvds+AJk1PM O8LW7cCNyFoCk4OdAxzJHobZ25G+uy4NSQEHgxLC2iuh/tugz1tOHnQczPc/3AkVVI9A5DF1 gbVRBJh6rI7sAcwuR76uoOs0Rpp7r6I66xqU/5eq8g1OsJp89tw0ppSIa0YmaxNqQZ0l3rVX o/ZwpBjtNQS5Ag0EV1by4AEQANhlz3Ywff4dY1HTdn05v0wVUxZzW2PUih+96m6EhpUrD9BT vxriKtbgxm/zl+5YAlThbrk9f0QyVTHJ95Z1/M5qjuksP9Zn3qZ/8ylANDkN2s3z8Bq/LJA+ u7+APhMqyFWK0FqNCOogClvijiKPEzkU6tmDGO6wZ5pR/u8Fdq7DGQgwgyGZZc7qstte0M7l yx7bVRlPBqvd6kyX3YubQHzkctf46nFjiYZgKawdWFsA3PCdSBupbhixL5d/t1UK9ZTiQJcf 0uhHzT06qwolFrm/ugkLDHtE4Zo3BuKch47Sms8P2hJ08gABxeJHg0ZgkIUy/Xf4nHbDCBJw T8tE8pWYWA2ECiPNo0TOCMVOueEzISUNKINfCuFHSbMQU39hgt3ofxODbAjOiO3e/iu1ptck AkuVBdtjOBP4tHRGxVrbf5EuAV5U5xtiSxMwMgojg0GIXZjnT/8uvWqcLqtJILRMmmu+WNvD oxuiJzcTJhDai9oujmxQwcpMvgrBB89KSTDyitO5XVjZqaR7Zxvvn3rM4bAms/lotv9+pTyh spazTIxb80u0ifJ6y1RxAkxQCfWwps1i3VbsM6OKX78aUyOf5V4ihXF57M37tOqPRwFvz6a+ AIIhUNMTLo2H+o6Vw9qbX8SUxPHPs6YpJ8lWQJ9OMWHE+SbaDFAi/D5hYRubABEBAAGJAiUE GAEIAA8FAldW8uACGwwFCQlmAYAACgkQKh17NCYnrDmk4Q/9Fuu0h5HvIiO3ieYA2StdE7hO vv2THuesjJDsj6aQUTgknaxKptJogNe3dDyIT+FHxXmCw0Nrbm9Q3ryl80z/G9utfFNO3Gwc q31QW3n3LJHnpqdrV3WsRzT5NwJMVtiIAGRrX8ZomtarWHT0PeEHC2xBdFzRrJtmkrwer0Wc 0nBzD7vk1XEXC9nODbmlgsesoHFgRwQBst3wClCbX1gv8aSfxQNpaf9UBC8DmyrQ621UXpBo PvcFEtWxV44vJfP0WOLCCN0Pzv2F2I66iKo7VMqbr5jlNAXJN9I1hXb7qwYJmBC9j5oeEoqv A9d44WWpxrdAr8qih4Nv89k9+9F6NoqORY3FGuVDKiW8CVhCmGT7bIvNeyicVBZFipXqPcKL VFduO2c5Ubc2npMWLUF1k9JJc9tH75l3+F/0RbYVTzGAZ+zSaudwR6h8YiCN2DBZGZkJEZbh 3X/l6jtijMN/W9sPHyyKvm/TmeEC27S3TqZPZ8PUQLxZC70V6gMbenh01JdSQsn5t8Ru0RNh Blt0g7IyZyIKCE9b+TyzbYpX6qgqEBUHia5b0vyPtQacWQlZ8uqnghAqNkLluEsy7Q/7xG6M wXUYEDsFOmB9dKOzcAOIhpxlVjSKu5mzXJ11sEtE8nyF5NJ/riCA7FGcjlki3zIpzQUNo9v7 vXl2h6Tivlk= X-Forwarded-Message-Id: Message-ID: Date: Wed, 6 Mar 2019 11:37:59 +0100 User-Agent: Mozilla/5.0 (Windows NT 6.3; rv:60.0) Gecko/20100101 Thunderbird/60.5.1 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/alternative; boundary="------------6389F4B7F43C85200D8AB63D" Content-Language: fr X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, HTML_MESSAGE, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Mailman-Approved-At: Wed, 06 Mar 2019 14:36:47 +0000 Subject: [bitcoin-dev] Fwd: BIP proposal - Signatures of Messages using Bitcoin Private Keys X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 06 Mar 2019 10:38:00 -0000 This is a multi-part message in MIME format. --------------6389F4B7F43C85200D8AB63D Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Re-sending to the list since it never made it BIP or not, at least this process desserves to be documented precisely -------- Message transféré -------- Sujet : Re: [bitcoin-dev] BIP proposal - Signatures of Messages using Bitcoin Private Keys Date : Mon, 18 Feb 2019 16:29:34 -0800 De : Christopher Gilliard Pour : Aymeric Vitte Copie à : Bitcoin Protocol Discussion Trying the four possible options (p2pkh compressed, p2pkh uncompressed, seg3, and bech32) is certainly a possibility and in fact, that's what I ended up doing because not every wallet implements something like this, but if there is a header field currently in use, it seemed reasonable to me to use it specify which type of key is being used. If the header includes whether the key is compressed or not compressed it seems logical to include all data about what type of key it is and not just this one type of information. That's why I thought the solution made sense and I wrote it up. On Mon, Feb 18, 2019 at 3:50 PM Aymeric Vitte > wrote: Ah, OK, that's of course a good thing to document this undocumented (and strange) stuff, as a matter of fact I implemented it after reading your post (because this was on my todo list since some time) and got annoyed quickly, mainly by what is doing formatMessageForSigning (which is quite trivial when you know it but would be good to document precisely) So, yes, it's a good idea to write this, regarding the header I still don't see the use, testing the different possibilities is not a big deal, why the signature format is not the same as transactions one is mysterious too Le 19/02/2019 à 00:24, Christopher Gilliard a écrit : > The proposal includes actual code that does verification, but I > didn't include code for signing. I thought it could be inferred, > but I could at least include a description of how to sign. I am > not sure exactly what part you are referring to by "keys speech", > but the signatures are done by ECDSA keys so it's hard to not > include anything about keys even though that's not the main topic. > The "Background on ECDSA keys" section was mainly meant to give > background about what kind of keys Bitcoin uses, for people who > already know that they can easily skip this section so I would > probably think it's best just to leave in.  Maybe it should be at > the end as an addendum though. Yes, I did not invent any of this, > I'm just documenting what people actually seem to do because I had > to verify signatures as part of a project I'm working on. I would > have liked to have had this document when I started the project so > I thought it might be useful to others since as far as I can tell > this was not specified anywhere. The reason for including this > data in the header is the same that compressed/uncompressed is > included in the header so that you know which type of key the > signature is from and you don't have to try all options to see if > any matches. This is why Trezor did that way and why I documented > it. I'm sure there are other ways to do this, but since this is > out there in the field being used and is a reasonable solution, I > thought I'd write it up. > > On Mon, Feb 18, 2019 at 2:59 PM Aymeric Vitte > > wrote: > > Then, since you wrote this proposal, maybe you should add the > very precise description of the signing/verification process > since it is documented nowhere > > I don't get the use of the speech regarding keys while it > should focus on signatures which are summarized in a vague > sentence inspired by your ref [2] with a not very logical link > to the next paragraph stating that r,s should be 32B and the > whole thing 65B with a header of 1B, you did not invent it, > that's probably the rule, not sure where it is specified again > and for what purpose, the header seems completely of no use > especially when you extend to segwit/bech32 since you just > have to check that related compressed key matches > > Le 17/02/2019 à 15:14, Christopher Gilliard via bitcoin-dev a > écrit : >> I have written up a proposed BIP. It has to do with Signature >> formats when using Bitcoin Private keys. It is >> here: https://github.com/cgilliard/BIP/blob/master/README.md >> >> This BIP was written up as suggested in this github >> issue: https://github.com/bitcoin/bitcoin/issues/10542 >> >> Note that the proposal is inline with the implementation that >> Trezor implemented in the above issue. >> >> Any feedback would be appreciated. Please let me know what >> the steps are with regards to getting a BIP number assigned >> or any other process steps required. >> >> Regards, >> Chris >> >> _______________________________________________ >> bitcoin-dev mailing list >> bitcoin-dev@lists.linuxfoundation.org >> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > > -- > Move your coins by yourself (browser version): https://peersm.com/wallet > Bitcoin transactions made simple: https://github.com/Ayms/bitcoin-transactions > Zcash wallets made simple: https://github.com/Ayms/zcash-wallets > Bitcoin wallets made simple: https://github.com/Ayms/bitcoin-wallets > Get the torrent dynamic blocklist: http://peersm.com/getblocklist > Check the 10 M passwords list: http://peersm.com/findmyass > Anti-spies and private torrents, dynamic blocklist: http://torrent-live.org > Peersm : http://www.peersm.com > torrent-live: https://github.com/Ayms/torrent-live > node-Tor : https://www.github.com/Ayms/node-Tor > GitHub : https://www.github.com/Ayms > -- Move your coins by yourself (browser version): https://peersm.com/wallet Bitcoin transactions made simple: https://github.com/Ayms/bitcoin-transactions Zcash wallets made simple: https://github.com/Ayms/zcash-wallets Bitcoin wallets made simple: https://github.com/Ayms/bitcoin-wallets Get the torrent dynamic blocklist: http://peersm.com/getblocklist Check the 10 M passwords list: http://peersm.com/findmyass Anti-spies and private torrents, dynamic blocklist: http://torrent-live.org Peersm : http://www.peersm.com torrent-live: https://github.com/Ayms/torrent-live node-Tor : https://www.github.com/Ayms/node-Tor GitHub : https://www.github.com/Ayms --------------6389F4B7F43C85200D8AB63D Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: 8bit

Re-sending to the list since it never made it

BIP or not, at least this process desserves to be documented precisely


-------- Message transféré --------
Sujet : Re: [bitcoin-dev] BIP proposal - Signatures of Messages using Bitcoin Private Keys
Date : Mon, 18 Feb 2019 16:29:34 -0800
De : Christopher Gilliard <christopher.gilliard@gmail.com>
Pour : Aymeric Vitte <vitteaymeric@gmail.com>
Copie à : Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>


Trying the four possible options (p2pkh compressed, p2pkh uncompressed, seg3, and bech32) is certainly a possibility and in fact, that's what I ended up doing because not every wallet implements something like this, but if there is a header field currently in use, it seemed reasonable to me to use it specify which type of key is being used. If the header includes whether the key is compressed or not compressed it seems logical to include all data about what type of key it is and not just this one type of information. That's why I thought the solution made sense and I wrote it up.

On Mon, Feb 18, 2019 at 3:50 PM Aymeric Vitte <vitteaymeric@gmail.com> wrote:

Ah, OK, that's of course a good thing to document this undocumented (and strange) stuff, as a matter of fact I implemented it after reading your post (because this was on my todo list since some time) and got annoyed quickly, mainly by what is doing formatMessageForSigning (which is quite trivial when you know it but would be good to document precisely)

So, yes, it's a good idea to write this, regarding the header I still don't see the use, testing the different possibilities is not a big deal, why the signature format is not the same as transactions one is mysterious too

Le 19/02/2019 à 00:24, Christopher Gilliard a écrit :
The proposal includes actual code that does verification, but I didn't include code for signing. I thought it could be inferred, but I could at least include a description of how to sign. I am not sure exactly what part you are referring to by "keys speech", but the signatures are done by ECDSA keys so it's hard to not include anything about keys even though that's not the main topic. The "Background on ECDSA keys" section was mainly meant to give background about what kind of keys Bitcoin uses, for people who already know that they can easily skip this section so I would probably think it's best just to leave in.  Maybe it should be at the end as an addendum though. Yes, I did not invent any of this, I'm just documenting what people actually seem to do because I had to verify signatures as part of a project I'm working on. I would have liked to have had this document when I started the project so I thought it might be useful to others since as far as I can tell this was not specified anywhere. The reason for including this data in the header is the same that compressed/uncompressed is included in the header so that you know which type of key the signature is from and you don't have to try all options to see if any matches. This is why Trezor did that way and why I documented it. I'm sure there are other ways to do this, but since this is out there in the field being used and is a reasonable solution, I thought I'd write it up.

On Mon, Feb 18, 2019 at 2:59 PM Aymeric Vitte <vitteaymeric@gmail.com> wrote:

Then, since you wrote this proposal, maybe you should add the very precise description of the signing/verification process since it is documented nowhere

I don't get the use of the speech regarding keys while it should focus on signatures which are summarized in a vague sentence inspired by your ref [2] with a not very logical link to the next paragraph stating that r,s should be 32B and the whole thing 65B with a header of 1B, you did not invent it, that's probably the rule, not sure where it is specified again and for what purpose, the header seems completely of no use especially when you extend to segwit/bech32 since you just have to check that related compressed key matches

Le 17/02/2019 à 15:14, Christopher Gilliard via bitcoin-dev a écrit :
I have written up a proposed BIP. It has to do with Signature formats when using Bitcoin Private keys. It is here: https://github.com/cgilliard/BIP/blob/master/README.md

This BIP was written up as suggested in this github issue: https://github.com/bitcoin/bitcoin/issues/10542

Note that the proposal is inline with the implementation that Trezor implemented in the above issue.

Any feedback would be appreciated. Please let me know what the steps are with regards to getting a BIP number assigned or any other process steps required.

Regards,
Chris

_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev

-- 
Move your coins by yourself (browser version): https://peersm.com/wallet
Bitcoin transactions made simple: https://github.com/Ayms/bitcoin-transactions
Zcash wallets made simple: https://github.com/Ayms/zcash-wallets
Bitcoin wallets made simple: https://github.com/Ayms/bitcoin-wallets
Get the torrent dynamic blocklist: http://peersm.com/getblocklist
Check the 10 M passwords list: http://peersm.com/findmyass
Anti-spies and private torrents, dynamic blocklist: http://torrent-live.org
Peersm : http://www.peersm.com
torrent-live: https://github.com/Ayms/torrent-live
node-Tor : https://www.github.com/Ayms/node-Tor
GitHub : https://www.github.com/Ayms
-- 
Move your coins by yourself (browser version): https://peersm.com/wallet
Bitcoin transactions made simple: https://github.com/Ayms/bitcoin-transactions
Zcash wallets made simple: https://github.com/Ayms/zcash-wallets
Bitcoin wallets made simple: https://github.com/Ayms/bitcoin-wallets
Get the torrent dynamic blocklist: http://peersm.com/getblocklist
Check the 10 M passwords list: http://peersm.com/findmyass
Anti-spies and private torrents, dynamic blocklist: http://torrent-live.org
Peersm : http://www.peersm.com
torrent-live: https://github.com/Ayms/torrent-live
node-Tor : https://www.github.com/Ayms/node-Tor
GitHub : https://www.github.com/Ayms
--------------6389F4B7F43C85200D8AB63D--