--- Log opened Wed Apr 27 00:00:07 2022 03:27 -!- AaronvanW [~AaronvanW@user/AaronvanW] has joined ##ctv-bip-review 03:46 -!- cryptoquick8 [~cryptoqui@8.46.89.33] has joined ##ctv-bip-review 03:46 -!- cryptoquick [~cryptoqui@8.46.89.33] has quit [Ping timeout: 260 seconds] 03:46 -!- cryptoquick8 is now known as cryptoquick 05:44 -!- AaronvanW [~AaronvanW@user/AaronvanW] has quit [Quit: Leaving...] 08:13 -!- fiatjaf [~fiatjaf@2804:296c:2103:8608:1ac0:4dff:fef3:df53] has joined ##ctv-bip-review 08:13 -!- fiatjaf [~fiatjaf@2804:296c:2103:8608:1ac0:4dff:fef3:df53] has quit [Client Quit] 08:14 -!- fiatjaf [~fiatjaf@2804:296c:2103:8608:1ac0:4dff:fef3:df53] has joined ##ctv-bip-review 08:16 < fiatjaf> why is this transaction not passing the CTV check? 08:16 < fiatjaf> 0200000001b676e290cc9bc39bd25f0e2cbaeb171f38e58a1555615f3a29d92dfe81a2444d00000000000000000001f00a00000000000022206560dfac528512a2b63e6b0fca9960f77d5635211826eb0f1703ef847ed2574db300000000 08:17 < fiatjaf> its ancestor is published to the signet: https://explorer.ctvsignet.com/tx/4d44a281fe2dd9293a5f6155158ae5381f17ebba2c0e5fd29bc39bcc90e276b6 08:18 < fiatjaf> I've used the template hash function copied from the CTV tests on the bitcoin core 'checktemplateverify-signet-23.0-alpha' tag 08:19 < fiatjaf> specifically the function 'get_standard_template_hash' 09:04 <@jeremyrubin> without seeing your code it's hard to say 09:04 <@jeremyrubin> but what i did is look at decoderawtransaction 09:04 <@jeremyrubin> to see the script is: 09:05 <@jeremyrubin> 6560dfac528512a2b63e6b0fca9960f77d5635211826eb0f1703ef847ed2574d 09:05 <@jeremyrubin> 6560dfac528512a2b63e6b0fca9960f77d5635211826eb0f1703ef847ed2574d OP_CHECKTEMPLATEVERIFY 09:05 <@jeremyrubin> and i used 09:05 <@jeremyrubin> tx = "0200000001b676e290cc9bc39bd25f0e2cbaeb171f38e58a1555615f3a29d92dfe81a2444d00000000000000000001f00a00000000000022206560dfac528512a2b63e6b0fca9960f77d5635211826eb0f1703ef847ed2574db300000000" 09:05 <@jeremyrubin> t = tx_from_hex(tx) 09:05 <@jeremyrubin> self.log.info(t.get_standard_template_hash(0).hex()) 09:05 <@jeremyrubin> to see that f202dfe1b1b19541beaf2e0ceb7b07a87fe05099eb1f2bc7774e9c7c06bbf3bd is the template hash 09:06 <@jeremyrubin> oops wrong comparison, one second... 09:06 <@jeremyrubin> OP_PUSHBYTES_32 f39428fcd18c06b77609751badc2d651bd10eb7db690750be5eaa7cf518e5f05 09:06 <@jeremyrubin> OP_CHECKTEMPLATEVERIFY 09:07 <@jeremyrubin> so for whatever reason you're getting f394 and not f202 09:07 <@jeremyrubin> can you show me your code? fiatjaf 09:14 <@jeremyrubin> or can you show me the tx you're feeding into get_standard_template_hash? 09:50 < fiatjaf> ok 09:50 < fiatjaf> so I can't reproduce that other hash anymore (6560...) so maybe I got confused there 09:51 < fiatjaf> oh wait, no, that's the wrong comparison 09:51 < fiatjaf> yes, I do get f394... if I use the tx without the inputs: 02000000020000000000000000000000000000000000000000000000000000000000000000ffffffff00ffffffff0000000000000000000000000000000000000000000000000000000000000000ffffffff00ffffffff01f00a00000000000022206560dfac528512a2b63e6b0fca9960f77d5635211826eb0f1703ef847ed2574db300000000 09:52 < fiatjaf> and if I do get f202... using the same tx but now with the inputs filled and signed: 0200000001c6175cd4ae24882b67ebaf49afb5dccaefdc4fd8721741043eb38cecbfacb4b200000000000000000001f00a00000000000022206560dfac528512a2b63e6b0fca9960f77d5635211826eb0f1703ef847ed2574db300000000 09:53 < fiatjaf> actually there is no signature 09:53 < fiatjaf> and now I see the error, the inputs count is different 09:56 < fiatjaf> hmm 09:56 < fiatjaf> but I fixed that and the problem continues 09:57 < fiatjaf> >>> from utils import unmarshal_tx, get_standard_template_hash 09:57 < fiatjaf> >>> get_standard_template_hash(unmarshal_tx(bytes.fromhex('02000000010000000000000000000000000000000000000000000000000000000000000000ffffffff00ffffffff01f00a000000000000222008109cf7252aace4277feaf7999f2e856aa4034c06a62af7be28d157218460e4b300000000')), 0).hex() 09:57 < fiatjaf> '0290b92831d962d1a3f3ebe97f3ff35595dee5f2f99be1f1a32f9b09fee494cc' 09:57 < fiatjaf> >>> get_standard_template_hash(unmarshal_tx(bytes.fromhex('0200000001e6fabfa44aa91f9fe998a7281833d0a3bf2d5a4dd4df1d1439f032c2ae47157900000000000000000001f00a000000000000222008109cf7252aace4277feaf7999f2e856aa4034c06a62af7be28d157218460e4b300000000')), 0).hex() 09:57 < fiatjaf> '5df77ce0d08b166e1f379949933f51ef7651b271d818275b84a53864a5411ac6' 09:58 < fiatjaf> (I hope this bunch of python code wasn't spam) 09:58 < fiatjaf> but there you see the same transaction with and without inputs (the first has a blank input just so it is counted as 1) producing different results 10:00 < fiatjaf> get_standard_template_hash was copied directly from the tests 10:01 < fiatjaf> and unmarshal_tx is just using CTransaction.stream_deserialize() from bitcoinlib (which is what james was doing) 10:05 <@jeremyrubin> let me inspect 10:06 <@jeremyrubin> the issue is that you have an empty input with no nSequence field set 10:06 <@jeremyrubin> and then you set it to 0 later 10:06 <@jeremyrubin> try setting to 0 before you hash 10:07 <@jeremyrubin> fiatjaf report back when attempted :) 10:11 < fiatjaf> worked 10:11 < fiatjaf> :P 10:11 <@jeremyrubin> 🥳 10:12 <@jeremyrubin> glad to be of service 10:15 < fiatjaf> thank you 10:16 < fiatjaf> very good service 10:16 < fiatjaf> I'll come back the next time I have regardless of it having to do with CTV or not 10:16 < fiatjaf> *a bug 10:33 -!- fiatjaf [~fiatjaf@2804:296c:2103:8608:1ac0:4dff:fef3:df53] has quit [Quit: Client closed] 12:48 -!- elsirion [~quassel@gateway/tor-sasl/elsirion] has quit [Remote host closed the connection] 12:48 -!- elsirion [~quassel@gateway/tor-sasl/elsirion] has joined ##ctv-bip-review 16:39 -!- cryptoquick0 [~cryptoqui@8.46.89.33] has joined ##ctv-bip-review 16:40 -!- cryptoquick [~cryptoqui@8.46.89.33] has quit [Ping timeout: 240 seconds] 16:40 -!- cryptoquick0 is now known as cryptoquick 16:45 -!- cryptoquick [~cryptoqui@8.46.89.33] has quit [Quit: Ping timeout (120 seconds)] 16:46 -!- cryptoquick [~cryptoqui@8.46.89.33] has joined ##ctv-bip-review 17:02 -!- fiatjaf [~fiatjaf@2804:296c:2103:8608:1ac0:4dff:fef3:df53] has joined ##ctv-bip-review 17:04 < fiatjaf> I'm having issues with this transaction: 020000000001022f33e73a9385fc11e1a5228f4e2f88f88360a63694a5fcb1d3f4daadaf5be24e000000000000000000be117f7fc76e2bd3ece04328ae4b3ac749d5306dd57e19a8bcfe486d9437157100000000000000000001e80300000000000022207e07b8faecbcfdc9a697aec59db89d3230166d71ddbea40eddda9c31ea9f5813b3024830450221009025311b00de87f693e87ff4e4122 17:04 < fiatjaf> b98b7083ce2283b6e94095a7bfd9c77140a022011031654e99c043489bdd75209be672b76bbf7b5bbb2608cd6c2b301293d9bb5012103bde662c6a0a73ed48716347023436ad8c5afdd011848fd907119e6a5bafc38ec00000000 17:04 < fiatjaf> notice it will fail to be parsed 17:04 < fiatjaf> it was serialized by bitcoinlib 17:05 < fiatjaf> and bitcoinlib works fine for all other things, including transactions with CTV outputs and transactions with a single -- unsigned -- CTV input 17:05 < fiatjaf> but the one above has two inputs, one is p2wpkh signed and the other is CTV unsigned 17:05 < fiatjaf> then it somehow breaks 17:06 < fiatjaf> (if you add two zeros to the end it will be parsed) 17:08 < fiatjaf> (adding two zeroes to the end merely makes it so parses can read it because there is a byte missing somewhere and they arrive at the end and they want 4 bytes for nLockTime and they only have 3, but that is not the solution, of course, I think the serialization issue is somewhere in the signature) 17:09 < fiatjaf> it must be in the signature because the same transaction unsigned is parsed correctly: 17:09 < fiatjaf> 02000000022f33e73a9385fc11e1a5228f4e2f88f88360a63694a5fcb1d3f4daadaf5be24e000000000000000000a701c35bd4ffd8572f0bfc7856d2444b25bf09995a01ce1db97a0f01bcd7f1af00000000000000000001e80300000000000022207e07b8faecbcfdc9a697aec59db89d3230166d71ddbea40eddda9c31ea9f5813b300000000 17:09 < fiatjaf> could it be that bitcoinlib has a glitch when serializing inputs without signatures mixed with inputs without signatures? 17:09 < fiatjaf> or did CTV change something related to that?/ 18:01 < _aj_> fiatjaf: there's two inputs, but the signed tx is only specifying the witness data for the first input. adding the 00 at the end provides empty witness data for the second input; for the first input to have empty witness data, you need the 00 to appear after 13b3 and before 0248 18:21 < fiatjaf> _aj_ you are indeed right, thank you very much 18:21 < fiatjaf> that leaves me with two questions: 18:23 < fiatjaf> 1. is this a bitcoin rule since always? use 00 somewhere to signal that an input doesn't have a signature or something like that? 18:23 < fiatjaf> 2. did you spot this by just looking at the hex? 18:24 < fiatjaf> I guess 00 is the length for this signature that doesn't exist -- will try to find this in the code somewhere 18:53 < _aj_> fiatjaf: tx's with witness encode the witness data before the locktime; that encoding is [n]{[l][data]} - n is the number of witness items, then it's l=length of the item, and then the item itself, for each item. for inputs without witness data, n=0 18:53 < _aj_> the encoding's specified in bip 141 "transaction id" 20:20 -!- fiatjaf [~fiatjaf@2804:296c:2103:8608:1ac0:4dff:fef3:df53] has quit [Ping timeout: 252 seconds] --- Log closed Thu Apr 28 00:00:07 2022