public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Luke Dashjr <luke@dashjr.org>
To: Karl Johan Alm <karljohan-alm@garage.co.jp>,
	Bitcoin Protocol Discussion
	<bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] {sign|verify}message replacement
Date: Wed, 14 Mar 2018 12:36:47 +0000	[thread overview]
Message-ID: <201803141236.48869.luke@dashjr.org> (raw)
In-Reply-To: <CALJw2w5=g-FL+MZ08DEoLxVzOKbSXeKu50drE1b4P0JZJpdTyA@mail.gmail.com>

I don't see a need for a new RPC interface, just a new signature format.

Ideally, it should support not only just "proof I receive at this address", 
but also "proof of funds" (as a separate feature) since this is a popular 
misuse of the current message signing (which doesn't actually prove funds at 
all). To do this, it needs to be capable of signing for multiple inputs.

Preferably, it should also avoid disclosing the public key for existing or 
future UTXOs. But I don't think it's possible to avoid this without something 
MAST-like first. Perhaps it can be a MAST upgrade later on, but the new 
signature scheme should probably be designed with it in mind.

Luke


On Wednesday 14 March 2018 8:09:20 AM Karl Johan Alm via bitcoin-dev wrote:
> Hello,
> 
> I am considering writing a replacement for the message signing tools
> that are currently broken for all but the legacy 1xx addresses. The
> approach (suggested by Pieter Wuille) is to do a script based
> approach. This does not seem to require a lot of effort for
> implementing in Bitcoin Core*. Below is my proposal for this system:
> 
> A new structure SignatureProof is added, which is a simple scriptSig &
> witnessProgram container that can be serialized. This is passed out
> from/into the signer/verifier.
> 
> RPC commands:
> 
> sign <address> <message> [<prehashed>=false]
> 
> Generates a signature proof for <message> using the same method that
> would be used to spend coins sent to <address>.**
> 
> verify <address> <message> <proof> [<prehashed>=false]
> 
> Deserializes and executes the proof using a custom signature checker
> whose sighash is derived from <message>. Returns true if the check
> succeeds, and false otherwise. The scriptPubKey is derived directly
> from <address>.**
> 
> Feedback welcome.
> 
> -Kalle.
> 
> (*) Looks like you can simply use VerifyScript with a new signature
> checker class. (h/t Nicolas Dorier)
> (**) If <prehashed> is true, <message> is the sighash, otherwise
> sighash=sha256d(message).
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev


  parent reply	other threads:[~2018-03-14 12:37 UTC|newest]

Thread overview: 16+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2018-03-14  8:09 [bitcoin-dev] {sign|verify}message replacement Karl Johan Alm
2018-03-14  9:46 ` Kalle Rosenbaum
2018-03-14 16:12   ` Anthony Towns
2018-03-15  3:01   ` Karl Johan Alm
2018-03-15  6:43     ` Jim Posen
2018-03-15  7:25       ` Karl Johan Alm
2018-03-15 20:53         ` Jim Posen
2018-03-14 12:36 ` Luke Dashjr [this message]
2018-03-15  7:36   ` Karl Johan Alm
2018-03-15 14:14     ` Luke Dashjr
2018-03-16  0:38       ` Karl Johan Alm
2018-03-16  1:59         ` Greg Sanders
2018-03-16  2:04           ` Karl Johan Alm
2018-03-15 10:15   ` Damian Williamson
2018-03-26  8:53 ` Pieter Wuille
2018-03-27  8:09   ` Karl Johan Alm

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=201803141236.48869.luke@dashjr.org \
    --to=luke@dashjr.org \
    --cc=bitcoin-dev@lists.linuxfoundation.org \
    --cc=karljohan-alm@garage.co.jp \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox