From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 04D60E6A for ; Wed, 24 Jan 2018 10:24:59 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-lf0-f53.google.com (mail-lf0-f53.google.com [209.85.215.53]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 011D9149 for ; Wed, 24 Jan 2018 10:24:57 +0000 (UTC) Received: by mail-lf0-f53.google.com with SMTP id o89so4509081lfg.10 for ; Wed, 24 Jan 2018 02:24:57 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=subject:to:references:from:message-id:date:user-agent:mime-version :in-reply-to:content-transfer-encoding:content-language; bh=m8HpXSoZP/GiAv+UANrnZ5tonOr5UXJ7DCYq5AX9O/U=; b=Lq1CxY/eZSOgYYOasaxzJlATGQNka3g581/Ow9mepnAJspW7a0njO+orDSibNyIO21 viEBA4cCULpOpqhWUSPHK9LaMrf6tGh60N0WCrCpsxFrFqbNCQ+7LbgX00eoAipOE1E1 P6Aqfk8IcAWQfYmfNWMnjVC3eWGH5la5A7pSmNs6RpHkNYgu0BPlv2669jK6XtDJRCgf rVBf7CSo7A+D4z1UXIvhfkaZ7eA7o5yW61FwTcgCVvzqElIvONBForBwdAAX6jxUPQ9T qNBGJ9hVYNNT4pH0aCBQZ+dazTyHZQ5osuskFsHSvY1B0TSEEPtv/JbHf++KlvD3FXmt C0uA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:subject:to:references:from:message-id:date :user-agent:mime-version:in-reply-to:content-transfer-encoding :content-language; bh=m8HpXSoZP/GiAv+UANrnZ5tonOr5UXJ7DCYq5AX9O/U=; b=hmA/6vVv1sPUxdFnGx7PUVGt1olUgbMQKHGH3apDQLa+3kcgKBFNWWVYGRSQtSUwJr dkZV3Q9sPN3X2jLDFB5HiSi+5Ln4DzyRzEa9NLFFxjlUAKiTl3fG2e4PpaS/SwzLSE5l 9V7XF6tTE0xtSy9Op0HtDlfJI3s7xpuxY3lijEdr/YC6Fef7qhTibSJMbhnnUoQZSqHB TIX7sIREHZREc6DKt2COmso+tC8vEeLg75pefO4jMgzE29SIkvTyMmNkS9Iv+bMgqE7u qjR+sVMX3mrsrGhvPjNC0I8mUOMGE0zv1DB+KLc9cRTZu8FV+Gq1TCSEaGxT2Zxi0Hy5 zFXg== X-Gm-Message-State: AKwxytcUWWzFxOehi3x8wZYy3kqFIYVFbToVa8W/SQqXSUwvNZhAF7/I I2puIFxrqiQO+xC8eMpwvO8= X-Google-Smtp-Source: AH8x224it8Yyt6yWAxpmghTNcKQzzfVRMjQsukqaItbQZOT6/I2brEoGX6NcJWl/zCMc9kEW5fRA2A== X-Received: by 10.46.23.205 with SMTP id 74mr166247ljx.29.1516789496237; Wed, 24 Jan 2018 02:24:56 -0800 (PST) Received: from ?IPv6:2a01:cb1d:5c:1600:9d6d:71b2:cb71:cb17? ([2a01:cb1d:5c:1600:9d6d:71b2:cb71:cb17]) by smtp.googlemail.com with ESMTPSA id 36sm502308lfx.13.2018.01.24.02.24.55 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Wed, 24 Jan 2018 02:24:55 -0800 (PST) To: Gregory Maxwell , Bitcoin Protocol Discussion , =?UTF-8?B?0JDRgNGC0ZHQvCDQm9C40YLQstC40L3QvtCy0LjRhw==?= References: From: Aymeric Vitte Message-ID: <41d8ff42-106f-45b9-cc70-507982c7336b@gmail.com> Date: Wed, 24 Jan 2018 11:24:55 +0100 User-Agent: Mozilla/5.0 (Windows NT 6.3; rv:52.0) Gecko/20100101 Thunderbird/52.5.2 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: 8bit Content-Language: fr X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: Re: [bitcoin-dev] Why is deriving public key from the signature not used in Segwit? X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 24 Jan 2018 10:24:59 -0000 34 bytes in fact I have asked already the question at least twice on this list pointing out the fact that pubkey is there now even for standard p2pkh transactions and it was not the case some time ago But I never got any answer regarding what motivated this change (compared to the previous behavior) and when, so whether I am missing something obvious, whether nobody wants to answer Txs without pubkey are now rejected then what is the element in the code (protocol, version, etc) that "decided" this? Le 24/01/2018 à 05:25, Gregory Maxwell via bitcoin-dev a écrit : > On Wed, Jan 24, 2018 at 3:50 AM, Артём Литвинович via bitcoin-dev > wrote: >> Greetings. >> >> I wanted to ask what was the rationale behind still having both public >> key and signature in Segwit witness? >> >> As is known for a while, the public key can be derived from the >> signature and a quadrant byte, a trick that is successfully used both >> in Bitcoin message signing algorithm and in Ethereum transaction >> signatures. The later in particular suggests that this is a perfectly >> functional and secure alternative. >> Leaving out the public key would have saved 33 bytes per signature, >> which is quite a lot. >> >> So, the question is - was there a good reason to do it the old way >> (security, performance, privacy, something else?), or was it something >> that haven't been thought of/considered at the time? > It is slow to verify, incompatible with batch validation, doesn't save > space if hashing isn't used, and is potentially patent encumbered. > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev -- Bitcoin transactions made simple: https://github.com/Ayms/bitcoin-transactions Zcash wallets made simple: https://github.com/Ayms/zcash-wallets Bitcoin wallets made simple: https://github.com/Ayms/bitcoin-wallets Get the torrent dynamic blocklist: http://peersm.com/getblocklist Check the 10 M passwords list: http://peersm.com/findmyass Anti-spies and private torrents, dynamic blocklist: http://torrent-live.org Peersm : http://www.peersm.com torrent-live: https://github.com/Ayms/torrent-live node-Tor : https://www.github.com/Ayms/node-Tor GitHub : https://www.github.com/Ayms