Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id C98CFBAE for ; Thu, 21 Dec 2017 16:29:21 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-pl0-f41.google.com (mail-pl0-f41.google.com [209.85.160.41]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id F3E8BCA for ; Thu, 21 Dec 2017 16:29:19 +0000 (UTC) Received: by mail-pl0-f41.google.com with SMTP id i6so11236508plt.13 for ; Thu, 21 Dec 2017 08:29:19 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=friedenbach-org.20150623.gappssmtp.com; s=20150623; h=from:content-transfer-encoding:mime-version:date:subject:message-id :references:in-reply-to:to; bh=ky77aUk1Lu7c2torijFYAc31Co4U+fpgSPnYNKgKnfU=; b=PuxnRFmjd+vSeo1h/ZeObJGDgxA4LlYBpG9gieM6WEAEaMm3QoPZPGpY84KQ46ID/Z 3Z3TucyxKf/VemIKPmNoySvaNUh5eO1GXTd54hcDSvA7SNGmDgMLWre0jT+i0w8TpoRK 9loj4d8H49g5tsNRljpfvoyi9V6HxqU0httDAQ1cjITcL2NydfBqLxsXpQmWiiFxKFIH kBoWrqycuPxf3jIKp7/HRXQMTtoKCIUOB06mwQUNKkWg4PHy4FG7TH/DTolIEVSgP+Pr 7EVJ0cwfsjrCUEwIMfEUvZrc/u7ir4qnWu0hSMTFrwfkz9U35SZZFmWIP21gvoJhZeKh WHZA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:content-transfer-encoding:mime-version:date :subject:message-id:references:in-reply-to:to; bh=ky77aUk1Lu7c2torijFYAc31Co4U+fpgSPnYNKgKnfU=; b=uI5el3nT5vcAqXRhAS+hpF10ixpBx2vdSJQUxAu+QtB2K2jXbg6ck+zokkeSC+xveW dQ9INyfpMzRqBj9wA8t+riy8j44halfEhRpTrFEymbgne/5w2mKP33foD7fWWZtcORFL 4eXV9li3GaMTOcuV7BFRtCxxgUNcRjfxbSd1Dyziqb7iVkWtOx5YfMTvGzePjtlns0iY Ag1HESSxqFsejtTzWQPzDfTcysqjJy+KaMFw60zeG0Ml7dWVuc/mL6B77y6uKdhF3w4M ZeA77L76MexgkwbYvxvxLaab2G1NaBfV3URl8Z7jSi9zCOElcwix0zv7Gmvcyl0MCqan scdw== X-Gm-Message-State: AKGB3mKr9XBzfK8NhdgL951sdfr/zcBfBHoGlvxcp+TGaeqnwmOCjkIK SymzWtXe1WWV8FtUIYRHVCZ+pw== X-Google-Smtp-Source: ACJfBovRY3HgkWnF9MgXF5S7Zz+3vILJauXShZFyFuB2Q5KIm879c607keC1uTK2Lxzx+vhyqfVX+Q== X-Received: by 10.84.129.75 with SMTP id 69mr443593plb.161.1513873758667; Thu, 21 Dec 2017 08:29:18 -0800 (PST) Received: from [10.0.0.6] (c-73-170-162-66.hsd1.ca.comcast.net. [73.170.162.66]) by smtp.gmail.com with ESMTPSA id h190sm18656299pgc.92.2017.12.21.08.29.17 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 21 Dec 2017 08:29:17 -0800 (PST) From: Mark Friedenbach Content-Type: multipart/alternative; boundary=Apple-Mail-A15D2D36-CE67-49E1-9945-63BD08B7F106 Content-Transfer-Encoding: 7bit Mime-Version: 1.0 (1.0) Date: Thu, 21 Dec 2017 08:29:13 -0800 Message-Id: <1EE8D3E5-E9BA-4276-A139-E028D1F0BA4A@friedenbach.org> References: <52b65bab-ff84-7e21-e35a-f6ebd8106767@satoshilabs.com> <725C679B-60E2-4E21-9F7D-10F67118D58D@friedenbach.org> In-Reply-To: To: Damian Williamson , Bitcoin Protocol Discussion X-Mailer: iPhone Mail (15C153) X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, HTML_MESSAGE, MIME_QP_LONG_LINE, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: Re: [bitcoin-dev] Sign / Verify message against SegWit P2SH addresses. X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 21 Dec 2017 16:29:21 -0000 --Apple-Mail-A15D2D36-CE67-49E1-9945-63BD08B7F106 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable It doesn=E2=80=99t matter what it does under the hood. The api could be the s= ame. > On Dec 21, 2017, at 3:19 AM, Damian Williamson via bitcoin-dev wrote: >=20 > In all seriousness, being able to sign a message is an important feature w= hether it is with Bitcoin Core or, with some other method. It is a good feat= ure and it would be worthwhile IMHO to update it for SegWit addresses. I don= 't know about renewing it altogether, I like the current simplicity. >=20 > Regards, > Damian Williamson >=20 > ------------------------------------ > Sometimes I like to sign a message just to verify that is what I have said= . > - > Bitcoin: 1PMUf9aaQ41M4bgVbCAPVwAeuKvj8CwxJg > ------------------------------------ > Signature: > HwJPqyWF0CbdsR7x737HbNIDoRufsrMI5XYQsKZ+MrWCJ6K7imtLY00sTCmSMDigZxRuoxyYZy= QUw/lL0m/MV9M=3D >=20 > (Of course, signed messages will verify better usually with plain text and= not HTML interpreted email - need a switch for outlook.com to send plaintex= t.) > From: bitcoin-dev-bounces@lists.linuxfoundation.org on behalf of Mark Friedenbach via bitcoin-dev > Sent: Wednesday, 20 December 2017 8:58 AM > To: Pavol Rusnak; Bitcoin Protocol Discussion > Subject: Re: [bitcoin-dev] Sign / Verify message against SegWit P2SH addre= sses. > =20 > For what it=E2=80=99s worth, I think it would be quite easy to do better t= han the implied solution of rejiggering the message signing system to suppor= t non-P2PKH scripts. Instead, have the signature be an actual bitcoin transa= ction with inputs that have the script being signed. Use the salted hash of t= he message being signed as the FORKID as if this were a spin-off with replay= protection. This accomplishes three things: >=20 > (1) This enables signing by any infrastructure out there =E2=80=94 includi= ng hardware wallets and 2FA signing services =E2=80=94 that have enabled sup= port for FORKID signing, which is a wide swath of the ecosystem because of B= itcoin Cash and Bitcoin Gold. >=20 > (2) It generalizes the message signing to allow multi-party signing setups= as complicated (via sighash, etc.) as those bitcoin transactions allow, usi= ng existing and future tools based on Partially Signed Bitcoin Transactions;= and >=20 > (3) It unifies a single approach for message signing, proof of reserve (wh= ere the inputs are actual UTXOs), and off-chain colored coins. >=20 > There=E2=80=99s the issue of size efficiency, but for the single-party mes= sage signing application that can be handled by a BIP that specifies a templ= ate for constructing the pseudo-transaction and its inputs from a raw script= . >=20 > Mark >=20 > > On Dec 19, 2017, at 1:36 PM, Pavol Rusnak via bitcoin-dev wrote: > >=20 > > On 08/12/17 19:25, Dan Bryant via bitcoin-dev wrote: > >> I know there are posts, and an issue opened against it, but is there > >> anyone writing a BIP for Sign / Verify message against a SegWit address= ? > >=20 > > Dan, are you still planning to write this BIP? > >=20 > > --=20 > > Best Regards / S pozdravom, > >=20 > > Pavol "stick" Rusnak > > CTO, SatoshiLabs > > _______________________________________________ > > bitcoin-dev mailing list > > bitcoin-dev@lists.linuxfoundation.org > > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev >=20 > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev --Apple-Mail-A15D2D36-CE67-49E1-9945-63BD08B7F106 Content-Type: text/html; charset=utf-8 Content-Transfer-Encoding: quoted-printable It doesn=E2=80=99t matter what it does unde= r the hood. The api could be the same.

On Dec 21, 2017, at 3:19 A= M, Damian Williamson via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> wrote:

In all seriousness, being able to s= ign a message is an important feature whether it is with Bitcoin Core or, wi= th some other method. It is a good feature and it would be worthwhile IMHO t= o update it for SegWit addresses. I don't know about renewing it altogether, I like the current simplicity.


Regards,

Damian Williamson


----------------------------------= --

Sometimes= I like to sign a message just to verify that is what I have said.

-

Bitcoin: 1= PMUf9aaQ41M4bgVbCAPVwAeuKvj8CwxJg

----------------------------------= --

Signature:
HwJPqyWF0CbdsR7x737HbNIDoRufsrMI5XYQsKZ+MrWCJ6K7imtL= Y00sTCmSMDigZxRuoxyYZyQUw/lL0m/MV9M=3D

(Of course, signed messages will verify better us= ually with plain text and not HTML interpreted email - need a switch for outlook.com to send plaintext.)

From: bitcoin-dev-bounces@lists.linuxfou= ndation.org <bitcoin-dev-bounces@lists.linuxfoundation.org> on behalf of M= ark Friedenbach via bitcoin-dev <bitcoin-dev@li= sts.linuxfoundation.org>
Sent: Wednesday, 20 December 2017 8:58 AM
To: Pavol Rusnak; Bitcoin Protocol Discussion
Subject: Re: [bitcoin-dev] Sign / Verify message against SegWit P2SH a= ddresses.
 
For what it=E2=80=99s worth, I think it would be qu= ite easy to do better than the implied solution of rejiggering the message s= igning system to support non-P2PKH scripts. Instead, have the signature be a= n actual bitcoin transaction with inputs that have the script being signed. Use the salted hash of the message being= signed as the FORKID as if this were a spin-off with replay protection. Thi= s accomplishes three things:

(1) This enables signing by any infrastructure out there =E2=80=94 including= hardware wallets and 2FA signing services =E2=80=94 that have enabled suppo= rt for FORKID signing, which is a wide swath of the ecosystem because of Bit= coin Cash and Bitcoin Gold.

(2) It generalizes the message signing to allow multi-party signing setups a= s complicated (via sighash, etc.) as those bitcoin transactions allow, using= existing and future tools based on Partially Signed Bitcoin Transactions; a= nd

(3) It unifies a single approach for message signing, proof of reserve (wher= e the inputs are actual UTXOs), and off-chain colored coins.

There=E2=80=99s the issue of size efficiency, but for the single-party messa= ge signing application that can be handled by a BIP that specifies a templat= e for constructing the pseudo-transaction and its inputs from a raw script.<= br>
Mark

> On Dec 19, 2017, at 1:36 PM, Pavol Rusnak via bitcoin-dev <bitcoin-dev@lists.linuxfounda= tion.org> wrote:
>
> On 08/12/17 19:25, Dan Bryant via bitcoin-dev wrote:
>> I know there are posts, and an issue opened against it, but is ther= e
>> anyone writing a BIP for Sign / Verify message against a SegWit add= ress?
>
> Dan, are you still planning to write this BIP?
>
> --
> Best Regards / S pozdravom,
>
> Pavol "stick" Rusnak
> CTO, SatoshiLabs
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@li= sts.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev

_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists.l= inuxfoundation.org
https://lists.linuxfoundation.org/= mailman/listinfo/bitcoin-dev
____________________= ___________________________
bitcoin-dev mailing list<= br>bitcoin-de= v@lists.linuxfoundation.org
https://lists.linuxfoundation= .org/mailman/listinfo/bitcoin-dev
= --Apple-Mail-A15D2D36-CE67-49E1-9945-63BD08B7F106--