summaryrefslogtreecommitdiff
path: root/fe/a1c6144c9ec291c5ab3edf7a12675a0dc1db72
blob: f0293fe9f0455536ad235b63499f584d6643b577 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
Return-Path: <brocade-conceal-sepia-litigate-rebus@dreyzehner.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id DB03ECB7
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Thu, 21 Dec 2017 17:24:01 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-io0-f176.google.com (mail-io0-f176.google.com
	[209.85.223.176])
	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 1D40C411
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Thu, 21 Dec 2017 17:24:01 +0000 (UTC)
Received: by mail-io0-f176.google.com with SMTP id 87so17643407ior.5
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Thu, 21 Dec 2017 09:24:01 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=dreyzehner.com; s=google;
	h=mime-version:references:in-reply-to:from:date:message-id:subject:to; 
	bh=0mcwhD8C/BmK70h6IdcbSyvMbP0XhkuXy8HElA2ClJg=;
	b=ZpOxDgAbzLGGD1RfM5kABcVQKlQCZQfDVZ/FmkBRj4KP9O2ll7H8gkNtz140WCEuTF
	wfK5Z0+HsiwD3L+objb4ETZHaDNrnMp7B4NLe+4L24rLYA1GDJNRDmyi/ciZYnzPvOvL
	G5e9ZGg8F9RCN0/CoB6/aCVYhBh35ZFhnY3Epu0ANEr/BvBVv8lMr8P4BaH83VvOvXJU
	mxDY4L1vbVIhUFEhuE990/ZcpghGRw9NjLO/hirdCscw+/xqdyErAkFR59oUUyV2BYWl
	otKP5HW022QB1wL6d2vlnl/YgsSJiKdLAxDb3SJ0+pPl+jDzqNbS7LoLmWD//jduaI04
	kqlQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:mime-version:references:in-reply-to:from:date
	:message-id:subject:to;
	bh=0mcwhD8C/BmK70h6IdcbSyvMbP0XhkuXy8HElA2ClJg=;
	b=oux3djf5YrERCgo9mYzYbMMBlpiezlYHZruz1ZAwyzn2HS7+bg0oASwdf6Q6Q6OpBP
	AAAuDSMu0DA1KVNkzNBgnwvOpyFj6OKm5ibyU7UkAWV93lFwsInsG9oGLjWZRZt9Nubx
	dHmK3bxqGl+oB/NHjPnUR+/REGY3R+HJfQv4wUIfsprlkH867H5XN0/8QIety0kjnvNN
	WK23nyAsOksBAWEv25xQsO8zFngtfTUA5KkRWj/HY7u0zbbY6Rj3byYrsZ19l1W2197S
	+v7EJm6t0BWecgo88hQF/V6aPCyXPeqJBle2pYoS3nYURwuebKs6TUzzSq449SJ5DgYI
	oAmw==
X-Gm-Message-State: AKGB3mIXEBH3v+hPGM5Gm+rnWS1qTQw1V+NQcbf9MrHsj6r/3DveC2Tk
	MOcxCSikcdFMmEgiqdETv6eG+WKRoB/VCuQmAfwaZwoi
X-Google-Smtp-Source: ACJfBov/jUcXS3lUvD/UZsNgQbj1lcwYNt1lvTXQMuxCoLur1jMOeMtmynW9UEofiyfa4AsfaqadEUfOXAfKhHSdnwU=
X-Received: by 10.107.168.106 with SMTP id r103mr13698443ioe.42.1513877040127; 
	Thu, 21 Dec 2017 09:24:00 -0800 (PST)
MIME-Version: 1.0
References: <CAAUFj10gEPBS3nTZ6aJn4UazhcJKPni6_pYGWwOs+QNeDo9NaA@mail.gmail.com>
	<52b65bab-ff84-7e21-e35a-f6ebd8106767@satoshilabs.com>
	<725C679B-60E2-4E21-9F7D-10F67118D58D@friedenbach.org>
In-Reply-To: <725C679B-60E2-4E21-9F7D-10F67118D58D@friedenbach.org>
From: Jason Dreyzehner <jason@dreyzehner.com>
Date: Thu, 21 Dec 2017 17:23:49 +0000
Message-ID: <CALunu-GWw1P6BJ8sZdr1ApKJVHawd7LJ9JHfEWP-Z0nacc8bhg@mail.gmail.com>
To: Mark Friedenbach <mark@friedenbach.org>, 
	Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Content-Type: multipart/alternative; boundary="001a11426c7836152b0560dcf7a4"
X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID, DKIM_VALID_AU, HTML_MESSAGE,
	RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
X-Mailman-Approved-At: Thu, 21 Dec 2017 18:25:07 +0000
Subject: Re: [bitcoin-dev] Sign / Verify message against SegWit P2SH
	addresses.
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Dec 2017 17:24:02 -0000

--001a11426c7836152b0560dcf7a4
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

You might be interested in this proposal, which is very similar. The repo
contains a very basic implementation in typescript:
https://github.com/bitauth/bitauth2017/blob/master/bips/0-bitauth.mediawiki

https://github.com/bitauth/bitauth2017/

On Tue, Dec 19, 2017 at 4:59 PM Mark Friedenbach via bitcoin-dev <
bitcoin-dev@lists.linuxfoundation.org> wrote:

> For what it=E2=80=99s worth, I think it would be quite easy to do better =
than the
> implied solution of rejiggering the message signing system to support
> non-P2PKH scripts. Instead, have the signature be an actual bitcoin
> transaction with inputs that have the script being signed. Use the salted
> hash of the message being signed as the FORKID as if this were a spin-off
> with replay protection. This accomplishes three things:
>
> (1) This enables signing by any infrastructure out there =E2=80=94 includ=
ing
> hardware wallets and 2FA signing services =E2=80=94 that have enabled sup=
port for
> FORKID signing, which is a wide swath of the ecosystem because of Bitcoin
> Cash and Bitcoin Gold.
>
> (2) It generalizes the message signing to allow multi-party signing setup=
s
> as complicated (via sighash, etc.) as those bitcoin transactions allow,
> using existing and future tools based on Partially Signed Bitcoin
> Transactions; and
>
> (3) It unifies a single approach for message signing, proof of reserve
> (where the inputs are actual UTXOs), and off-chain colored coins.
>
> There=E2=80=99s the issue of size efficiency, but for the single-party me=
ssage
> signing application that can be handled by a BIP that specifies a templat=
e
> for constructing the pseudo-transaction and its inputs from a raw script.
>
> Mark
>
> > On Dec 19, 2017, at 1:36 PM, Pavol Rusnak via bitcoin-dev <
> bitcoin-dev@lists.linuxfoundation.org> wrote:
> >
> > On 08/12/17 19:25, Dan Bryant via bitcoin-dev wrote:
> >> I know there are posts, and an issue opened against it, but is there
> >> anyone writing a BIP for Sign / Verify message against a SegWit addres=
s?
> >
> > Dan, are you still planning to write this BIP?
> >
> > --
> > Best Regards / S pozdravom,
> >
> > Pavol "stick" Rusnak
> > CTO, SatoshiLabs
> > _______________________________________________
> > bitcoin-dev mailing list
> > bitcoin-dev@lists.linuxfoundation.org
> > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>

--001a11426c7836152b0560dcf7a4
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">You might be interested in this proposal, which is very si=
milar. The repo contains a very basic implementation in typescript:=C2=A0<a=
 href=3D"https://github.com/bitauth/bitauth2017/blob/master/bips/0-bitauth.=
mediawiki">https://github.com/bitauth/bitauth2017/blob/master/bips/0-bitaut=
h.mediawiki</a><div><br></div><div><a href=3D"https://github.com/bitauth/bi=
tauth2017/">https://github.com/bitauth/bitauth2017/</a>=C2=A0<br><br><div c=
lass=3D"gmail_quote"><div dir=3D"ltr">On Tue, Dec 19, 2017 at 4:59 PM Mark =
Friedenbach via bitcoin-dev &lt;<a href=3D"mailto:bitcoin-dev@lists.linuxfo=
undation.org">bitcoin-dev@lists.linuxfoundation.org</a>&gt; wrote:<br></div=
><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1=
px #ccc solid;padding-left:1ex">For what it=E2=80=99s worth, I think it wou=
ld be quite easy to do better than the implied solution of rejiggering the =
message signing system to support non-P2PKH scripts. Instead, have the sign=
ature be an actual bitcoin transaction with inputs that have the script bei=
ng signed. Use the salted hash of the message being signed as the FORKID as=
 if this were a spin-off with replay protection. This accomplishes three th=
ings:<br>
<br>
(1) This enables signing by any infrastructure out there =E2=80=94 includin=
g hardware wallets and 2FA signing services =E2=80=94 that have enabled sup=
port for FORKID signing, which is a wide swath of the ecosystem because of =
Bitcoin Cash and Bitcoin Gold.<br>
<br>
(2) It generalizes the message signing to allow multi-party signing setups =
as complicated (via sighash, etc.) as those bitcoin transactions allow, usi=
ng existing and future tools based on Partially Signed Bitcoin Transactions=
; and<br>
<br>
(3) It unifies a single approach for message signing, proof of reserve (whe=
re the inputs are actual UTXOs), and off-chain colored coins.<br>
<br>
There=E2=80=99s the issue of size efficiency, but for the single-party mess=
age signing application that can be handled by a BIP that specifies a templ=
ate for constructing the pseudo-transaction and its inputs from a raw scrip=
t.<br>
<br>
Mark<br>
<br>
&gt; On Dec 19, 2017, at 1:36 PM, Pavol Rusnak via bitcoin-dev &lt;<a href=
=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" target=3D"_blank">bitcoin=
-dev@lists.linuxfoundation.org</a>&gt; wrote:<br>
&gt;<br>
&gt; On 08/12/17 19:25, Dan Bryant via bitcoin-dev wrote:<br>
&gt;&gt; I know there are posts, and an issue opened against it, but is the=
re<br>
&gt;&gt; anyone writing a BIP for Sign / Verify message against a SegWit ad=
dress?<br>
&gt;<br>
&gt; Dan, are you still planning to write this BIP?<br>
&gt;<br>
&gt; --<br>
&gt; Best Regards / S pozdravom,<br>
&gt;<br>
&gt; Pavol &quot;stick&quot; Rusnak<br>
&gt; CTO, SatoshiLabs<br>
&gt; _______________________________________________<br>
&gt; bitcoin-dev mailing list<br>
&gt; <a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" target=3D"_bl=
ank">bitcoin-dev@lists.linuxfoundation.org</a><br>
&gt; <a href=3D"https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-=
dev" rel=3D"noreferrer" target=3D"_blank">https://lists.linuxfoundation.org=
/mailman/listinfo/bitcoin-dev</a><br>
<br>
_______________________________________________<br>
bitcoin-dev mailing list<br>
<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" target=3D"_blank">=
bitcoin-dev@lists.linuxfoundation.org</a><br>
<a href=3D"https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev" =
rel=3D"noreferrer" target=3D"_blank">https://lists.linuxfoundation.org/mail=
man/listinfo/bitcoin-dev</a><br>
</blockquote></div></div></div>

--001a11426c7836152b0560dcf7a4--