public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Peter Todd <pete@petertodd•org>
To: Bitcoin Development <bitcoin-development@lists•sourceforge.net>
Subject: [Bitcoin-development] RFC: extend signmessage/verifymessage to P2SH multisig
Date: Sun, 14 Apr 2013 01:09:58 -0400	[thread overview]
Message-ID: <20130414050958.GA11142@savin> (raw)

[-- Attachment #1: Type: text/plain, Size: 1635 bytes --]

Currently signmessage/verifymessage only supports messages signed by a
single key. We should extend that to messages signed by n-of-m keys, or
from the users point of view, P2SH multisig addresses.

rpc.cpp:signmessage() returns the output of SignCompact(). That in turn
starts with a header byte marking the signs of the various keys to allow
for key recovery. The header byte can be one of 0x1B, 0x1C, 0x1D or 0x1E


For multisig signmessage signatures this is extended:

    <01> <varint n> <varint m> <sig or key> {<sig or key>, ...}

Each signature or key can be one of the following forms:

    sig: <1B/1C/1D/1E> <32 byte r> <32 byte s>
    compress key: <02/03> <32 byte x>
    uncompressed key: <04> <32 byte x> <32 byte y>

Note that we have to provide all pubkeys, even if they aren't used for a
given signature, to allow the P2SH address to be reconstructed.

Decoding/encoding is a bit code-intensive due to the all the cases, but
on the other hand this format keeps the size down to an absolute
minimum. Alternatively I could use length bytes.

The format is backwards compatible in the sense that older versions will
fail safely on new signatures, even ones that have been truncated.
Similarly new signatures are easily distinguished from old, and going
forward if we for some reason need yet another signature format the
leading byte can be incremented.

Signing incomplete signatures on messages can be handled by converting
pubkeys to signatures. Similarly the RPC signmessage command can be
extended with an optional "existing signature" option.

-- 
'peter'[:-1]@petertodd.org

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 490 bytes --]

             reply	other threads:[~2013-04-14  5:10 UTC|newest]

Thread overview: 6+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-04-14  5:09 Peter Todd [this message]
2013-04-14  5:21 ` Alan Reiner
2013-04-14  6:25   ` Peter Todd
2013-04-14 18:24     ` Alan Reiner
2013-04-14  5:26 ` Luke-Jr
2013-04-14  6:29   ` Peter Todd

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20130414050958.GA11142@savin \
    --to=pete@petertodd$(echo .)org \
    --cc=bitcoin-development@lists$(echo .)sourceforge.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox