If we're going to extend/expand message
signing, can we please add a proper ASCII-armored format for it?
Really, anything that encodes the signed message next to the
signature, so that there's no ambiguities about what was signed.
You can keep the "bare signatures" as an option for backwards
compatiblity, but offer this as the primary one.
What we really want is to have the user copy an ASCII-armored
block of text into the client (or we could have a URI-extension
for this), and the app pops up with a window that says "The
following message has a valid signature from address
1XKjf32kJbf...: <message>".
I know people argue they'd like to get away from raw addresses and
copy-and-paste. But it'll be a while before that happens, and
there's a lot of demand for Armory to become compatible with
Bitcoin-Qt signing. People are obviously using it.
-Alan
On 04/14/2013 01:09 AM, Peter Todd wrote:
Currently signmessage/verifymessage only supports messages signed by a
single key. We should extend that to messages signed by n-of-m keys, or
from the users point of view, P2SH multisig addresses.
rpc.cpp:signmessage() returns the output of SignCompact(). That in turn
starts with a header byte marking the signs of the various keys to allow
for key recovery. The header byte can be one of 0x1B, 0x1C, 0x1D or 0x1E
For multisig signmessage signatures this is extended:
<01> <varint n> <varint m> <sig or key> {<sig or key>, ...}
Each signature or key can be one of the following forms:
sig: <1B/1C/1D/1E> <32 byte r> <32 byte s>
compress key: <02/03> <32 byte x>
uncompressed key: <04> <32 byte x> <32 byte y>
Note that we have to provide all pubkeys, even if they aren't used for a
given signature, to allow the P2SH address to be reconstructed.
Decoding/encoding is a bit code-intensive due to the all the cases, but
on the other hand this format keeps the size down to an absolute
minimum. Alternatively I could use length bytes.
The format is backwards compatible in the sense that older versions will
fail safely on new signatures, even ones that have been truncated.
Similarly new signatures are easily distinguished from old, and going
forward if we for some reason need yet another signature format the
leading byte can be incremented.
Signing incomplete signatures on messages can be handled by converting
pubkeys to signatures. Similarly the RPC signmessage command can be
extended with an optional "existing signature" option.
------------------------------------------------------------------------------
Precog is a next-generation analytics platform capable of advanced
analytics on semi-structured data. The platform includes APIs for building
apps and a phenomenal toolset for data science. Developers can use
our toolset for easy data analysis & visualization. Get a free account!
http://www2.precog.com/precogplatform/slashdotnewsletter
_______________________________________________
Bitcoin-development mailing list
Bitcoin-development@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-development