From: devrandom <c1.sf-bitcoin@niftybox•net>
To: "Ryan X. Charles" <ryan@bitpay•com>
Cc: bitcoin-development@lists•sourceforge.net
Subject: Re: [Bitcoin-development] sorting public keys for p2sh multisig transactions
Date: Wed, 12 Mar 2014 12:42:44 -0700 [thread overview]
Message-ID: <1394653364.19819.224.camel@mimiz> (raw)
In-Reply-To: <5320950C.5050107@bitpay.com>
Hi Ryan,
Probably the most neutral way to go about this is to lexicographically
sort by encoded representation bytes. In java, that would be
ECPoint.getEncoded.
This is what we currently do in our watchdog Oracle.
On Wed, 2014-03-12 at 13:10 -0400, Ryan X. Charles wrote:
> For a p2sh multisig transaction, the serialized script looks like this:
>
> m [pubkey] ... [pubkey] n OP_CHECKMULTISIG
>
> The p2sh address is the hash of this script. The public keys can come in
> any order, but the hash depends on the order. If you have a list of
> public keys, to which address do you send your money? We need a standard
> way of sorting the public keys so that the address generated is always
> the same for the same public keys and m.
>
> There are two kinds of public keys: compressed and uncompressed.
> Uncompressed are longer than compressed.
>
> There are a few obvious ways we could sort the public keys: as strings,
> as big endian numbers, as little endian numbers.
>
> The difference is this. Suppose one public key is 59234 (uncompressed),
> and the other is 6903 (compressed). If we sort these as strings, then
> 6903 > 59234. But if we sort them as big endian numbers, then 6903 is
> really 06903, and then 06903 < 59234. So it makes a critical difference.
> Sorting as little endian is yet another option that is not the same as
> the other two.
>
> I noticed Alan Reiner's comment in an earlier message:
>
> "Just like Jean-Pierre mentioned, we'll be using parallel
> trees to generate P2SH addresses after sorting the keys
> lexicographically."
>
> It sounds like "lexicographically" probably means sorting as strings. I
> have made an implementation of public key sorting in javascript where I
> sort them as big endian numbers and fill in the 0s. IMO, the simpler
> method is to sort them as strings, which has a simpler implementation
> since it doesn't require filling in 0s first. However, I don't actually
> care what method we use so long as everyone in the bitcoin world uses
> the same standard. Which is the best way to sort public keys?
>
> ------------------------------------------------------------------------------
> Learn Graph Databases - Download FREE O'Reilly Book
> "Graph Databases" is the definitive new guide to graph databases and their
> applications. Written by three acclaimed leaders in the field,
> this first edition is now available. Download your free book today!
> http://p.sf.net/sfu/13534_NeoTech
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists•sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
prev parent reply other threads:[~2014-03-12 19:42 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-03-12 17:10 Ryan X. Charles
2014-03-12 19:42 ` devrandom [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1394653364.19819.224.camel@mimiz \
--to=c1.sf-bitcoin@niftybox$(echo .)net \
--cc=bitcoin-development@lists$(echo .)sourceforge.net \
--cc=ryan@bitpay$(echo .)com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox