📅 Original date posted:2011-08-03
🗒️ Summary of this message: Bitcoin developer Gregory Maxwell has proposed a new implementation of multiple signature escrowed transactions, which he believes should be added to the client sooner rather than later. The patch, which is still in testing, requires a new transaction type and will need more discussion before it is added to the client. However, Maxwell is hopeful that 30% of mining power will upgrade to the new transaction type in a reasonable timeframe. The patch has exposed an issue with multisig validation, but Maxwell believes this can be resolved by ensuring code conforms to the shortest possible sequence.
📝 Original message:Gregory Maxwell wrote:
> Pull 349 (https://github.com/bitcoin/bitcoin/pull/349)
> implements a pretty nice implementation of multiple signature escrowed
> transactions. Especially with clearcoin gone I think that this is
> something we ought to have sooner rather than later.
>
> I've tested it on a private network and it appears to work pretty well.
Thank you! (I think you mean 319 here)
> It probably needs more testing and discussion before it is actually
> added to the client, but one challenge is that because it requires a
> new transaction type it won't be deployable until _after_ an updated
> isStandard is widely used in the network.
With Eligius mining !IsStandard transactions and probably other pools open
to the idea, I am hopeful that we can quickly get 30%+ of mining power to
upgrade, which means that we could still mine these in a reasonable time
frame (under 1 hour).
...
> Unfortunately, the patch exposes an issue with multisig validation: If
> I understand it correctly, the problem is that due to redundancy in
> the script length coding opcodes it's possible to code a script
> multiple ways. The signature validation code creates new template
> scripts in order to evaluate signatures for one output, and the code
> in bitcoin is not careful to code the new script the same way the
> original one was coded, causing the signature validation to fail when
> something used OP_PUSHDATA when a direct length could have been used.
>
I'm not sure I see the problem here. CScript.operator<< currently inserts
values into scripts using the shortest possible sequence. As long as code
continues to conform to this convention, scripts generated by it will
verify correctly.
If new code is written that generates one of the longer sequences, it will
generate transactions that will not pass block validation since the
signature won't verify. So such code will be useless and we can refrain
from writing it?
--
Bobby Groff
bgroff at lavabit.com [ARCHIVE] /
npub1ls…zmjm0
2023-06-07 02:10:16
in reply to nevent1q…yk4p
Author Public Key
npub1lsuxxpc34zcm7966h6d59zamdhkztgum70t44ydyz8eqf9p9w2jq3zmjm0Published at
2023-06-07 02:10:16Event JSON
{
"id": "62757c35d579577e192e654886d0ad36355a65e801a0eb213f06faac522d2e1f",
"pubkey": "fc38630711a8b1bf175abe9b428bbb6dec25a39bf3d75a91a411f204942572a4",
"created_at": 1686103816,
"kind": 1,
"tags": [
[
"e",
"26d2b12d74cc7eda50d225d370e6d62d72bcd36ed8521a48c7131e351bf9a32f",
"",
"reply"
],
[
"p",
"a23dbf6c6cc83e14cc3df4e56cc71845f611908084cfe620e83e40c06ccdd3d0"
]
],
"content": "📅 Original date posted:2011-08-03\n🗒️ Summary of this message: Bitcoin developer Gregory Maxwell has proposed a new implementation of multiple signature escrowed transactions, which he believes should be added to the client sooner rather than later. The patch, which is still in testing, requires a new transaction type and will need more discussion before it is added to the client. However, Maxwell is hopeful that 30% of mining power will upgrade to the new transaction type in a reasonable timeframe. The patch has exposed an issue with multisig validation, but Maxwell believes this can be resolved by ensuring code conforms to the shortest possible sequence.\n📝 Original message:Gregory Maxwell wrote:\n\n\u003e Pull 349 (https://github.com/bitcoin/bitcoin/pull/349)\n\u003e implements a pretty nice implementation of multiple signature escrowed\n\u003e transactions. Especially with clearcoin gone I think that this is\n\u003e something we ought to have sooner rather than later.\n\u003e\n\u003e I've tested it on a private network and it appears to work pretty well.\n\nThank you! (I think you mean 319 here)\n\n\u003e It probably needs more testing and discussion before it is actually\n\u003e added to the client, but one challenge is that because it requires a\n\u003e new transaction type it won't be deployable until _after_ an updated\n\u003e isStandard is widely used in the network.\n\nWith Eligius mining !IsStandard transactions and probably other pools open\nto the idea, I am hopeful that we can quickly get 30%+ of mining power to\nupgrade, which means that we could still mine these in a reasonable time\nframe (under 1 hour).\n\n...\n\n\u003e Unfortunately, the patch exposes an issue with multisig validation: If\n\u003e I understand it correctly, the problem is that due to redundancy in\n\u003e the script length coding opcodes it's possible to code a script\n\u003e multiple ways. The signature validation code creates new template\n\u003e scripts in order to evaluate signatures for one output, and the code\n\u003e in bitcoin is not careful to code the new script the same way the\n\u003e original one was coded, causing the signature validation to fail when\n\u003e something used OP_PUSHDATA when a direct length could have been used.\n\u003e\n\nI'm not sure I see the problem here. CScript.operator\u003c\u003c currently inserts\nvalues into scripts using the shortest possible sequence. As long as code\ncontinues to conform to this convention, scripts generated by it will\nverify correctly.\n\nIf new code is written that generates one of the longer sequences, it will\ngenerate transactions that will not pass block validation since the\nsignature won't verify. So such code will be useless and we can refrain\nfrom writing it?\n\n--\nBobby Groff",
"sig": "2e373058967f70f3ea0d50e960052a882cdd1e798479a6ba5181faa16b661c40a8e7090896a870cc0512e2620391a4832e1009ea6c138866383f4fba57327b3d"
}