Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1WNlxu-0005Xo-2Y for bitcoin-development@lists.sourceforge.net; Wed, 12 Mar 2014 16:25:10 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of petertodd.org designates 62.13.148.113 as permitted sender) client-ip=62.13.148.113; envelope-from=pete@petertodd.org; helo=outmail148113.authsmtp.com; Received: from outmail148113.authsmtp.com ([62.13.148.113]) by sog-mx-4.v43.ch3.sourceforge.com with esmtp (Exim 4.76) id 1WNlxs-0004v4-Ri for bitcoin-development@lists.sourceforge.net; Wed, 12 Mar 2014 16:25:10 +0000 Received: from mail-c237.authsmtp.com (mail-c237.authsmtp.com [62.13.128.237]) by punt17.authsmtp.com (8.14.2/8.14.2/) with ESMTP id s2CGP24d098299; Wed, 12 Mar 2014 16:25:02 GMT Received: from savin (76-10-178-109.dsl.teksavvy.com [76.10.178.109]) (authenticated bits=128) by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id s2CGOsaO017117 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Wed, 12 Mar 2014 16:24:56 GMT Date: Wed, 12 Mar 2014 12:24:58 -0400 From: Peter Todd To: Mike Hearn Message-ID: <20140312162458.GA2337@savin> References: <4fca6b510dd57d2f92affeb988d2ee5d.squirrel@fulvetta.riseup.net> <531FAA55.2020108@xeno-genesis.com> <531FC808.7060709@gmail.com> <9A6499BC-E546-45CC-A7EF-5182FC86052D@gmail.com> <53202D51.8010008@plan99.net> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha256; protocol="application/pgp-signature"; boundary="EVF5PPMfhYS0aIcm" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) X-Server-Quench: d9c37a12-aa02-11e3-94fa-002590a135d3 X-AuthReport-Spam: If SPAM / abuse - report it at: http://www.authsmtp.com/abuse X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR aQdMdwAUFVQGAgsB AmIbWlJeUll7XGQ7 bAxPbAVDY01GQQRq WVdMSlVNFUsrA292 eV1PLRlzcARHfzBx Z0ZmWj4PVRd5chd8 QFMFRG0EeGZhPWMC WUQOJh5UcAFPdx8U a1N6AHBDAzANdhES HhM4ODE3eDlSNilR RRkIIFQOdA4uAzog RgsDEjNnBUQUQig1 M1Q+MFkAG00WNhJa X-Authentic-SMTP: 61633532353630.1024:706 X-AuthFastPath: 0 (Was 255) X-AuthSMTP-Origin: 76.10.178.109/587 X-AuthVirus-Status: No virus detected - but ensure you scan with your own anti-virus system. X-Spam-Score: -1.5 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain -0.0 SPF_PASS SPF: sender matches SPF record X-Headers-End: 1WNlxs-0004v4-Ri Cc: Bitcoin Dev Subject: Re: [Bitcoin-development] Multisign payment protocol? X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 12 Mar 2014 16:25:10 -0000 --EVF5PPMfhYS0aIcm Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Wed, Mar 12, 2014 at 05:14:25PM +0100, Mike Hearn wrote: > > > > Can this be calculated in advance knowing the initial transaction size = and > > the number of signatures required? > > >=20 > Sure of course. You assume each signature to be placed in the tx is 73 > bytes. Not very hard, but if the tx you get back from the API doesn't > contain such a 73-byte sentinel value then it's harder to be sure that th= is > part was done correctly. Multisig signing is an example of untrusted input from an adversary; this is a good example where you'd be better off just handling it correctly rather than trying to "make it easier". (although handling it correctly may include internally converting every not-yet-signed dummy signature into a 73 bytes pushdata prior to calculating the size) --=20 'peter'[:-1]@petertodd.org 0000000000000000e18643801741dc70db6fda175230012b0f697024218cd9ef --EVF5PPMfhYS0aIcm Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) iQGrBAEBCACVBQJTIIpVXhSAAAAAABUAQGJsb2NraGFzaEBiaXRjb2luLm9yZzAw MDAwMDAwMDAwMDAwMDBlMTg2NDM4MDE3NDFkYzcwZGI2ZmRhMTc1MjMwMDEyYjBm Njk3MDI0MjE4Y2Q5ZWYvFIAAAAAAFQARcGthLWFkZHJlc3NAZ251cGcub3JncGV0 ZUBwZXRlcnRvZC5vcmcACgkQJIFAPaXwkfvOYAf/fyc7GkP8DAOPWUUsISn6bFpw 94sFVEc6iJUm9tJyppR2Zs2zIaqg3WaQwWqAxG8L9jYkKuSQhI/7h2sKXhRTLF43 qyGJUPkQqvLaqcTx+I2ztNnpiyoLiQlnaTgYkmNvoIqvySyc7qRPhk0G3/qopKxO W2NIxUhdhxa2aPFDkTmVDONd45jh1VFnZSYsrqBxR9xfkt2Te43PVbgI7sVlUQUQ 7V3XITaJe6qjCRYW3xhAxq69T/38ZdNrAauxCFFkAY2ZQ5sYel6D93lalM0BNKul dLC7TxXmZH/2tetFyuYB+qa2i27iNow7wAyeOLm1aTVwlnN93GuAyzXTbvfDQQ== =TFjf -----END PGP SIGNATURE----- --EVF5PPMfhYS0aIcm--