From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: <optimiz3@hotmail.com> Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 33ACD8A5 for <bitcoin-dev@lists.linuxfoundation.org>; Mon, 28 Aug 2017 15:29:34 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from NAM04-CO1-obe.outbound.protection.outlook.com (mail-oln040092010087.outbound.protection.outlook.com [40.92.10.87]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id B3ACC3DC for <bitcoin-dev@lists.linuxfoundation.org>; Mon, 28 Aug 2017 15:29:32 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=hotmail.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version; bh=sWeZaqrya7x7jX1LpqJ8VoKRIgE7dEXoTPUF/TGWsVQ=; b=DMm2nkZNGkvCuZojQ4GGdNiumNsLSLBY6v0cATC5ekJ3ysN9v6C0vHYYdlVTyKRKghYY2ZvVDLPp4ovWD3uSWvepFVxsSI0K+nRsz2XQe9rVH9e0CoCflYeRm5srTbXrcX3K3yP8Tvo6ri5+IGJZmeOH8J9Q0sVPxgU5h1jWF8zVkGknKjGx1u4M8gdjmOQf00287KD9nKf7TzOP5knzWNmARTMXat65VoMmwYdsmBgQ/QRUJbLtIy1YxffUdYwneIEXIIGoNUX5OUDs3ab0hLvtdhUC2o5XTtLBgnus2uitoPM/G7OyUOcxVtisIxnFkJl++YeCzxI9buTXe/FNQw== Received: from CO1NAM04FT030.eop-NAM04.prod.protection.outlook.com (10.152.90.58) by CO1NAM04HT074.eop-NAM04.prod.protection.outlook.com (10.152.91.31) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384_P384) id 15.1.1341.15; Mon, 28 Aug 2017 15:29:31 +0000 Received: from CY4PR1801MB1815.namprd18.prod.outlook.com (10.152.90.52) by CO1NAM04FT030.mail.protection.outlook.com (10.152.90.153) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256_P256) id 15.1.1341.15 via Frontend Transport; Mon, 28 Aug 2017 15:29:31 +0000 Received: from CY4PR1801MB1815.namprd18.prod.outlook.com ([10.165.88.24]) by CY4PR1801MB1815.namprd18.prod.outlook.com ([10.165.88.24]) with mapi id 15.01.1385.013; Mon, 28 Aug 2017 15:29:31 +0000 From: Alex Nagy <optimiz3@hotmail.com> To: "bitcoin-dev@lists.linuxfoundation.org" <bitcoin-dev@lists.linuxfoundation.org> Thread-Topic: P2WPKH Scripts, P2PKH Addresses, and Uncompressed Public Keys Thread-Index: AdMgDOW5wpgLVDIcRNiRbU+aDVEjTA== Date: Mon, 28 Aug 2017 15:29:31 +0000 Message-ID: <CY4PR1801MB181583C344B0993205D4B6C8809E0@CY4PR1801MB1815.namprd18.prod.outlook.com> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: lists.linuxfoundation.org; dkim=none (message not signed) header.d=none; lists.linuxfoundation.org; dmarc=none action=none header.from=hotmail.com; x-incomingtopheadermarker: OriginalChecksum:BE1C21B63EC7A1FF3BBEB087C4320F0492288031E0C391E1EBD586E1CE004491; UpperCasedChecksum:2C41A2938560BBC3DB2D5CA7EB20361D8DC5322C53E92B1CB7638A8C2C537AA5; SizeAsReceived:6880; Count:43 x-tmn: [g+eJjJZTiAf41ZfmnxL01bDftP7gFo91] x-ms-publictraffictype: Email x-microsoft-exchange-diagnostics: 1; CO1NAM04HT074; 6:E4LJgL0ubqTBI9KQAH+UV3pssue43e2fa4w8J2X2rhfhZcqsfqDDuolx9fNasJ9+BCBhHSBljvsiMl7h9TcwauoIhYHvKUAk73yrcu4vIbRZLpLda0ifgnChfld/bkmYQu2JdwU7I4+hGHlItMPVNl7Twk5vrLn11vMV+cGpYKEPh0RM7TpLaS8ZTZpJeRbodmurHc4/+/1wCgheMTTjDg0Sr7AmZOTCsiYt0cbkbuO5T5vuff1sN9zx+qhmoxCX5ev2YZpgzx23fUgaor1hmARMJJnErkWJjP+frpcwUZ24weS/GjNlOPQVUo/UgQMrtuFHPdR8JG6PxCRrRvoRVw==; 5:B4cWWBpcr/fJQ9Zpf+PmWS6hdlkNe4k8ELZkYeRuYG1o0KS4RnF3OGwzxbf6iWK5yNhrARVLOiBa9Sdt42sfKeExYz9bselOMe1X1GyCrgEzFCQC+iWFxpkF9H5FhnLi1jl87wKqlYZETzOqvMNZZg==; 24:Tfx98LRRTBP0039gPJkGDE3sAe6r24ONT7VRpq/IqPRtSxzagKRuBYId51HnmGaozOj0nlVKFBaSDAmsY/qpNObuLs1MEeM0bZBGfGVDLbE=; 7:8jQ2DRYgbNZ1vRcRwdtKsjUvLOzwZN2nLNLGcSs8dBcylAmEwGr4D9fJI3JWznD/4DRjkZIOb7lF8dijV5iofm7bwxN6mOvoLLaC/FYG507N+3cMSUz3swCwxukTmujLp+mYODPTIZE2NG5LYdSIDw689Nc+G+g7PTSQ1bkiVJFsUn4NPE0fMVHB1vicjdSbKi6uEGIFS08BPbiJARWghpwdgbstLRb9XjM2AFB0zAk= x-incomingheadercount: 43 x-eopattributedmessage: 0 x-forefront-antispam-report: EFV:NLI; SFV:NSPM; SFS:(7070007)(98901004); DIR:OUT; SFP:1901; SCL:1; SRVR:CO1NAM04HT074; H:CY4PR1801MB1815.namprd18.prod.outlook.com; FPR:; SPF:None; LANG:en; x-ms-office365-filtering-correlation-id: 53d08343-12c0-4699-c8a6-08d4ee299420 x-microsoft-antispam: UriScan:; BCL:0; PCL:0; RULEID:(300000500095)(300135000095)(300000501095)(300135300095)(22001)(300000502095)(300135100095)(300000503095)(300135400095)(201702061074)(5061506573)(5061507331)(1603103135)(2017031320274)(2017031324274)(2017031323274)(2017031322404)(1601125374)(1603101448)(1701031045)(300000504095)(300135200095)(300000505095)(300135600095)(300000506095)(300135500095); SRVR:CO1NAM04HT074; x-ms-traffictypediagnostic: CO1NAM04HT074: x-exchange-antispam-report-test: UriScan:(166708455590820)(21748063052155)(17755550239193); x-exchange-antispam-report-cfa-test: BCL:0; PCL:0; RULEID:(100000700101)(100105000095)(100000701101)(100105300095)(100000702101)(100105100095)(444000031); SRVR:CO1NAM04HT074; BCL:0; PCL:0; RULEID:(100000800101)(100110000095)(100000801101)(100110300095)(100000802101)(100110100095)(100000803101)(100110400095)(100000804101)(100110200095)(100000805101)(100110500095); SRVR:CO1NAM04HT074; x-forefront-prvs: 0413C9F1ED spamdiagnosticoutput: 1:99 spamdiagnosticmetadata: NSPM Content-Type: multipart/alternative; boundary="_000_CY4PR1801MB181583C344B0993205D4B6C8809E0CY4PR1801MB1815_" MIME-Version: 1.0 X-OriginatorOrg: hotmail.com X-MS-Exchange-CrossTenant-originalarrivaltime: 28 Aug 2017 15:29:31.1078 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Internet X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO1NAM04HT074 X-Spam-Status: No, score=0.2 required=5.0 tests=DKIM_SIGNED,DKIM_VALID, DKIM_VALID_AU,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM,HTML_MESSAGE, RCVD_IN_DNSWL_NONE autolearn=disabled version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Mailman-Approved-At: Mon, 28 Aug 2017 15:32:29 +0000 Subject: [bitcoin-dev] P2WPKH Scripts, P2PKH Addresses, and Uncompressed Public Keys X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org> List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>, <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe> List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/> List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org> List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help> List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>, <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe> X-List-Received-Date: Mon, 28 Aug 2017 15:29:34 -0000 --_000_CY4PR1801MB181583C344B0993205D4B6C8809E0CY4PR1801MB1815_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Let's say Alice has a P2PKH address derived from an uncompressed public key= , 1MsHWS1BnwMc3tLE8G35UXsS58fKipzB7a (from https://bitcoin.stackexchange.co= m/questions/3059/what-is-a-compressed-bitcoin-key). If Alice gives Bob 1MsHWS1BnwMc3tLE8G35UXsS58fKipzB7a, is there any way Bob= can safely issue Native P2WPKH outputs to Alice? BIPs 141 and 143 make it very clear that P2WPKH scripts may only derive fro= m compressed public-keys. Given this restriction, assuming all you have is= a P2PKH address - is there any way for Bob to safely issue spendable Nativ= e P2WPKH outputs to Alice? The problem is Bob as no idea whether Alice's P2PKH address represents a co= mpressed or uncompressed public-key, so Bob cannot safely issue a Native P2= WPKH output. AFAICT all code is supposed to assume P2WPHK outputs are compressed public-= key derived. The conclusion would be that the existing P2PKH address forma= t is generally unsafe to use with SegWit since P2PKH addresses may be deriv= ed from uncompressed public-keys. Am I missing something here? Referencing BIP141 and BIP143, specifically these sections: https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki#New_script_s= emantics "Only compressed public keys are accepted in P2WPKH and P2WSH" https://github.com/bitcoin/bips/blob/master/bip-0143.mediawiki#Restrictions= _on_public_key_type "As a default policy, only compressed public keys are accepted in P2WPKH an= d P2WSH. Each public key passed to a sigop inside version 0 witness program= must be a compressed key: the first byte MUST be either 0x02 or 0x03, and = the size MUST be 33 bytes. Transactions that break this rule will not be re= layed or mined by default. Since this policy is preparation for a future softfork proposal, to avoid p= otential future funds loss, users MUST NOT use uncompressed keys in version= 0 witness programs." --_000_CY4PR1801MB181583C344B0993205D4B6C8809E0CY4PR1801MB1815_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable <html xmlns:v=3D"urn:schemas-microsoft-com:vml" xmlns:o=3D"urn:schemas-micr= osoft-com:office:office" xmlns:w=3D"urn:schemas-microsoft-com:office:word" = xmlns:m=3D"http://schemas.microsoft.com/office/2004/12/omml" xmlns=3D"http:= //www.w3.org/TR/REC-html40"> <head> <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"= > <meta name=3D"Generator" content=3D"Microsoft Word 15 (filtered medium)"> <style><!-- /* Font Definitions */ @font-face {font-family:"Cambria Math"; panose-1:2 4 5 3 5 4 6 3 2 4;} @font-face {font-family:Calibri; panose-1:2 15 5 2 2 2 4 3 2 4;} /* Style Definitions */ p.MsoNormal, li.MsoNormal, div.MsoNormal {margin:0in; margin-bottom:.0001pt; font-size:11.0pt; font-family:"Calibri",sans-serif;} a:link, span.MsoHyperlink {mso-style-priority:99; color:#0563C1; text-decoration:underline;} a:visited, span.MsoHyperlinkFollowed {mso-style-priority:99; color:#954F72; text-decoration:underline;} span.EmailStyle17 {mso-style-type:personal-compose; font-family:"Calibri",sans-serif; color:windowtext;} .MsoChpDefault {mso-style-type:export-only;} @page WordSection1 {size:8.5in 11.0in; margin:1.0in 1.0in 1.0in 1.0in;} div.WordSection1 {page:WordSection1;} --></style><!--[if gte mso 9]><xml> <o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" /> </xml><![endif]--><!--[if gte mso 9]><xml> <o:shapelayout v:ext=3D"edit"> <o:idmap v:ext=3D"edit" data=3D"1" /> </o:shapelayout></xml><![endif]--> </head> <body lang=3D"EN-US" link=3D"#0563C1" vlink=3D"#954F72"> <div class=3D"WordSection1"> <p class=3D"MsoNormal">Let’s say Alice has a P2PKH address derived fr= om an uncompressed public key, 1MsHWS1BnwMc3tLE8G35UXsS58fKipzB7a (from <a href=3D"https://bitcoin.stackexchange.com/questions/3059/what-is-a-compr= essed-bitcoin-key"> https://bitcoin.stackexchange.com/questions/3059/what-is-a-compressed-bitco= in-key</a>).<o:p></o:p></p> <p class=3D"MsoNormal"><o:p> </o:p></p> <p class=3D"MsoNormal">If Alice gives Bob 1MsHWS1BnwMc3tLE8G35UXsS58fKipzB7= a, is there any way Bob can safely issue Native P2WPKH outputs to Alice?<o:= p></o:p></p> <p class=3D"MsoNormal"><o:p> </o:p></p> <p class=3D"MsoNormal">BIPs 141 and 143 make it very clear that P2WPKH scri= pts may only derive from compressed public-keys. Given this restricti= on, assuming all you have is a P2PKH address – is there any way for B= ob to safely issue spendable Native P2WPKH outputs to Alice?<o:p></o:p></p> <p class=3D"MsoNormal"><o:p> </o:p></p> <p class=3D"MsoNormal">The problem is Bob as no idea whether Alice’s = P2PKH address represents a compressed or uncompressed public-key, so Bob ca= nnot safely issue a Native P2WPKH output.<o:p></o:p></p> <p class=3D"MsoNormal"><o:p> </o:p></p> <p class=3D"MsoNormal">AFAICT all code is supposed to assume P2WPHK outputs= are compressed public-key derived. The conclusion would be that the = existing P2PKH address format is generally unsafe to use with SegWit since = P2PKH addresses may be derived from uncompressed public-keys.<o:p></o:p></p> <p class=3D"MsoNormal"><o:p> </o:p></p> <p class=3D"MsoNormal">Am I missing something here?<o:p></o:p></p> <p class=3D"MsoNormal"><o:p> </o:p></p> <p class=3D"MsoNormal"><o:p> </o:p></p> <p class=3D"MsoNormal"><o:p> </o:p></p> <p class=3D"MsoNormal"><o:p> </o:p></p> <p class=3D"MsoNormal"><o:p> </o:p></p> <p class=3D"MsoNormal">Referencing BIP141 and BIP143, specifically these se= ctions:<o:p></o:p></p> <p class=3D"MsoNormal"><o:p> </o:p></p> <p class=3D"MsoNormal"><a href=3D"https://github.com/bitcoin/bips/blob/mast= er/bip-0141.mediawiki#New_script_semantics">https://github.com/bitcoin/bips= /blob/master/bip-0141.mediawiki#New_script_semantics</a><o:p></o:p></p> <p class=3D"MsoNormal"><o:p> </o:p></p> <p class=3D"MsoNormal">“Only compressed public keys are accepted in P= 2WPKH and P2WSH”<o:p></o:p></p> <p class=3D"MsoNormal"><o:p> </o:p></p> <p class=3D"MsoNormal"><a href=3D"https://github.com/bitcoin/bips/blob/mast= er/bip-0143.mediawiki#Restrictions_on_public_key_type">https://github.com/b= itcoin/bips/blob/master/bip-0143.mediawiki#Restrictions_on_public_key_type<= /a><o:p></o:p></p> <p class=3D"MsoNormal"><o:p> </o:p></p> <p class=3D"MsoNormal">“As a default policy, only compressed public k= eys are accepted in P2WPKH and P2WSH. Each public key passed to a sigop ins= ide version 0 witness program must be a compressed key: the first byte MUST= be either 0x02 or 0x03, and the size MUST be 33 bytes. Transactions that break this rule will not be relayed or mine= d by default.<o:p></o:p></p> <p class=3D"MsoNormal"><o:p> </o:p></p> <p class=3D"MsoNormal">Since this policy is preparation for a future softfo= rk proposal, to avoid potential future funds loss, users MUST NOT use uncom= pressed keys in version 0 witness programs.”<o:p></o:p></p> </div> </body> </html> --_000_CY4PR1801MB181583C344B0993205D4B6C8809E0CY4PR1801MB1815_--