* [Bitcoin-development] After compressed pubkeys: hybrid pubkeys
@ 2012-06-16 19:26 Pieter Wuille
2012-06-16 21:41 ` Gavin Andresen
2012-06-17 11:01 ` Mike Hearn
0 siblings, 2 replies; 7+ messages in thread
From: Pieter Wuille @ 2012-06-16 19:26 UTC (permalink / raw)
To: bitcoin-development
Hello all,
while OpenSSL's silent support for compressed public keys allowed us to
enable them in a fully backward-compatible way, it seems OpenSSL supports yet
another (and non-standard, and apparently useless) encoding for public keys.
As these are supported by (almost all?) fully validating clients on the
network, I believe alternative implementations should be willing to handle
them as well. No hybrid keys are used in the main chain, but I did test them
in testnet3, and they work as expected.
In total, the following encodings exist:
* 0x00: point at infinity; not a valid public key
* 0x02 [32-byte X coord]: compressed format for even Y coords
* 0x03 [32-byte X coord]: compressed format for odd Y coords
* 0x04 [32-byte X coord] [32-byte Y coord]: uncompressed format
* 0x06 [32-byte X coord] [32-byte Y coord]: hybrid format for even Y coords
* 0x07 [32-byte X coord] [32-byte Y coord]: hybrid format for odd Y coords
Handling them is trivial: if you see a public key starting with a 0x06 or
0x07, use it as if there was a 0x04 instead.
I suppose we could decide to forbid these after a certain date/block height,
and try to get sufficient mining power to enforce that before that date.
Any opinions? Forbidding it certainly makes alternative implementation
slightly easier in the future, but I'm not sure the hassle of a network
rule change is worth it.
--
Pieter
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [Bitcoin-development] After compressed pubkeys: hybrid pubkeys
2012-06-16 19:26 [Bitcoin-development] After compressed pubkeys: hybrid pubkeys Pieter Wuille
@ 2012-06-16 21:41 ` Gavin Andresen
2012-06-16 23:39 ` Gregory Maxwell
2012-06-17 11:01 ` Mike Hearn
1 sibling, 1 reply; 7+ messages in thread
From: Gavin Andresen @ 2012-06-16 21:41 UTC (permalink / raw)
To: Pieter Wuille; +Cc: bitcoin-development
RE: 0x06/0x07 'hybrid' public keys:
> Any opinions? Forbidding it certainly makes alternative implementation
> slightly easier in the future, but I'm not sure the hassle of a network
> rule change is worth it.
I say treat any transactions that use them as 'non-standard' -- don't
relay/mine them by default, but accept blocks that happen to contain
them.
I agree that a rule change isn't worth it right now, but making them
non-standard now is easy and should make a rule change in the future
easier.
--
--
Gavin Andresen
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [Bitcoin-development] After compressed pubkeys: hybrid pubkeys
2012-06-16 21:41 ` Gavin Andresen
@ 2012-06-16 23:39 ` Gregory Maxwell
2012-06-17 1:15 ` Luke-Jr
0 siblings, 1 reply; 7+ messages in thread
From: Gregory Maxwell @ 2012-06-16 23:39 UTC (permalink / raw)
To: Gavin Andresen; +Cc: bitcoin-development
On Sat, Jun 16, 2012 at 5:41 PM, Gavin Andresen <gavinandresen@gmail•com> wrote:
> RE: 0x06/0x07 'hybrid' public keys:
>
>> Any opinions? Forbidding it certainly makes alternative implementation
>> slightly easier in the future, but I'm not sure the hassle of a network
>> rule change is worth it.
>
> I say treat any transactions that use them as 'non-standard' -- don't
> relay/mine them by default, but accept blocks that happen to contain
> them.
>
> I agree that a rule change isn't worth it right now, but making them
> non-standard now is easy and should make a rule change in the future
> easier.
ACK. Hopefully no one will mine these before we can merge denying
them into another rule change. But if they do, oh well.
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [Bitcoin-development] After compressed pubkeys: hybrid pubkeys
2012-06-16 23:39 ` Gregory Maxwell
@ 2012-06-17 1:15 ` Luke-Jr
0 siblings, 0 replies; 7+ messages in thread
From: Luke-Jr @ 2012-06-17 1:15 UTC (permalink / raw)
To: bitcoin-development
On Saturday, June 16, 2012 11:39:00 PM Gregory Maxwell wrote:
> On Sat, Jun 16, 2012 at 5:41 PM, Gavin Andresen <gavinandresen@gmail•com>
wrote:
> > RE: 0x06/0x07 'hybrid' public keys:
> >> Any opinions? Forbidding it certainly makes alternative implementation
> >> slightly easier in the future, but I'm not sure the hassle of a network
> >> rule change is worth it.
> >
> > I say treat any transactions that use them as 'non-standard' -- don't
> > relay/mine them by default, but accept blocks that happen to contain
> > them.
> >
> > I agree that a rule change isn't worth it right now, but making them
> > non-standard now is easy and should make a rule change in the future
> > easier.
>
> ACK. Hopefully no one will mine these before we can merge denying
> them into another rule change. But if they do, oh well.
I'm willing to make Eligius reject these as well, if someone provides a patch
that doesn't depend on IsStandard being enforced...
Same goes for rejecting OP_NOP<n> - I can't see any legitimate reason we'd
want these on mainnet right now.
Luke
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [Bitcoin-development] After compressed pubkeys: hybrid pubkeys
2012-06-16 19:26 [Bitcoin-development] After compressed pubkeys: hybrid pubkeys Pieter Wuille
2012-06-16 21:41 ` Gavin Andresen
@ 2012-06-17 11:01 ` Mike Hearn
2012-06-17 12:04 ` Pieter Wuille
1 sibling, 1 reply; 7+ messages in thread
From: Mike Hearn @ 2012-06-17 11:01 UTC (permalink / raw)
To: Pieter Wuille; +Cc: bitcoin-development
> * 0x04 [32-byte X coord] [32-byte Y coord]: uncompressed format
> * 0x06 [32-byte X coord] [32-byte Y coord]: hybrid format for even Y coords
> * 0x07 [32-byte X coord] [32-byte Y coord]: hybrid format for odd Y coords
So what's the actual difference in format? Is there any at all, or
it's just the first number that's different?
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [Bitcoin-development] After compressed pubkeys: hybrid pubkeys
2012-06-17 11:01 ` Mike Hearn
@ 2012-06-17 12:04 ` Pieter Wuille
2012-06-17 15:16 ` Wladimir
0 siblings, 1 reply; 7+ messages in thread
From: Pieter Wuille @ 2012-06-17 12:04 UTC (permalink / raw)
To: Mike Hearn; +Cc: bitcoin-development
On Sun, Jun 17, 2012 at 01:01:12PM +0200, Mike Hearn wrote:
> > * 0x04 [32-byte X coord] [32-byte Y coord]: uncompressed format
> > * 0x06 [32-byte X coord] [32-byte Y coord]: hybrid format for even Y coords
> > * 0x07 [32-byte X coord] [32-byte Y coord]: hybrid format for odd Y coords
>
> So what's the actual difference in format? Is there any at all, or
> it's just the first number that's different?
From what I understand, that is indeed the only difference.
--
Pieter
^ permalink raw reply [flat|nested] 7+ messages in thread
* Re: [Bitcoin-development] After compressed pubkeys: hybrid pubkeys
2012-06-17 12:04 ` Pieter Wuille
@ 2012-06-17 15:16 ` Wladimir
0 siblings, 0 replies; 7+ messages in thread
From: Wladimir @ 2012-06-17 15:16 UTC (permalink / raw)
To: Pieter Wuille; +Cc: bitcoin-development
[-- Attachment #1: Type: text/plain, Size: 704 bytes --]
On Sun, Jun 17, 2012 at 2:04 PM, Pieter Wuille <pieter.wuille@gmail•com>wrote:
> On Sun, Jun 17, 2012 at 01:01:12PM +0200, Mike Hearn wrote:
> > > * 0x04 [32-byte X coord] [32-byte Y coord]: uncompressed format
> > > * 0x06 [32-byte X coord] [32-byte Y coord]: hybrid format for even Y
> coords
> > > * 0x07 [32-byte X coord] [32-byte Y coord]: hybrid format for odd Y
> coords
> >
> > So what's the actual difference in format? Is there any at all, or
> > it's just the first number that's different?
>
> >From what I understand, that is indeed the only difference.
>
>
To prevent surprises in the future, in case OpenSSL decides to add more,
can we disable all other key formats in advance?
Wladimir
[-- Attachment #2: Type: text/html, Size: 1129 bytes --]
^ permalink raw reply [flat|nested] 7+ messages in thread
end of thread, other threads:[~2012-06-17 15:16 UTC | newest]
Thread overview: 7+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2012-06-16 19:26 [Bitcoin-development] After compressed pubkeys: hybrid pubkeys Pieter Wuille
2012-06-16 21:41 ` Gavin Andresen
2012-06-16 23:39 ` Gregory Maxwell
2012-06-17 1:15 ` Luke-Jr
2012-06-17 11:01 ` Mike Hearn
2012-06-17 12:04 ` Pieter Wuille
2012-06-17 15:16 ` Wladimir
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox