Title: Spend multi-sig BTC with a partial redeemScript Post by: jsharpie on January 18, 2017, 09:11:41 PM First post here - so hopefully this is in the right place...
If there was a 2 of 3 multisig address created, and BTC was sent to this address, is it possible to regenerate the redeemScript using just two of the 3 public keys that were initially used to create it, in order to spend the bitcoin that was originally sent to the multisig address? It appears to me that the redeemScript is the op codes plus the three public keys. If I still have two of the public keys (A and B) , shouldn't I be able to make a redeem script in which the 3rd public key is bogus, but which would let me sign the transaction with the two remaining matching private keys (Apriv and Bpriv), thus spending the BTC out of the multisig address? Thanks Title: Re: Spend multi-sig BTC with a partial redeemScript Post by: amaclin on January 18, 2017, 09:34:47 PM If there was a 2 of 3 multisig address created, and BTC was sent to this address, Are we talking about bare-msig output or about p2sh address (the address which starts with "3")?Quote is it possible to regenerate the redeemScript using just two of the 3 public keys that were initially used to create it, in order to spend the bitcoin that was originally sent to the multisig address? regenerating the redeemScript with two public keys will give you another redeemScript and another address from the first which was funded. So, It will not help you to redeem funds Quote It appears to me that the redeemScript is the op codes plus the three public keys. Ok, this is not very strong definition, but let me agreeQuote If I still have two of the public keys (A and B) , shouldn't I be able to make a redeem script in Why on earth you are going so strange way?which the 3rd public key is bogus, but which would let me sign the transaction with the two remaining matching private keys (Apriv and Bpriv), thus spending the BTC out of the multisig address? You have redeemScript and its funded address. You are able to parse the redeemScript and see all three public keys in it You have two private keys of these three This is enough to redeem funds from the address. You do not need to construct any more data structures and scripts Title: Re: Spend multi-sig BTC with a partial redeemScript Post by: jsharpie on January 18, 2017, 10:18:05 PM Quote Are we talking about bare-msig output or about p2sh address (the address which starts with "3")? The bitcoin address that is returned when using the createmultisig RPCQuote If I still have two of the public keys (A and B) , shouldn't I be able to make a redeem script in Why on earth you are going so strange way?which the 3rd public key is bogus, but which would let me sign the transaction with the two remaining matching private keys (Apriv and Bpriv), thus spending the BTC out of the multisig address? You have redeemScript and its funded address. You are able to parse the redeemScript and see all three public keys in it You have two private keys of these three This is enough to redeem funds from the address. You do not need to construct any more data structures and scripts [/quote] Not exactly - let me illustrate The original multi-sig address was created with keypairs A, B, and C in that order. So the redeem script looks something like <OP code> <public key A> <public key B> <public key C> <OP code> In this scenario, I have lost the C keypair, and I have only the partial redeem script, because the file saving the redeem script was corrupt. <OP code> <public key A> <public key B> I still have keypair A and B. Why can't I generate a redeemScript that looks likes <OP code> <public key A> <public key B> <public key OTHER> <OP code> and still use keypair A and keypair B to redeem the transaction? In other words - when I am trying to spend from the multisig account, and I do "signrawtransaction" RPC with a modified redeemScript, what is the mechanism that can check to know whether that redeemScript was modified or not? is the hash of the original redeem script put into the funding transaction of the multisig wallet? Title: Re: Spend multi-sig BTC with a partial redeemScript Post by: jsharpie on January 19, 2017, 12:04:54 AM Sorry - I think i answered my own question while trying to think of my reply. So in a P2SH transaction, the "address" in the vout scriptPubKey of the transaction is the hash of the redeemScript - is that correct?
How is that calculated? I couldn't seem to get it by using the command line tools in ubuntu to do echo $REDEEM_SCRIPT | sha256sum | openssl rmd160 and then base58 encoding that output. There must be a little more to it than that? Title: Re: Spend multi-sig BTC with a partial redeemScript Post by: achow101 on January 19, 2017, 01:39:26 AM Sorry - I think i answered my own question while trying to think of my reply. So in a P2SH transaction, the "address" in the vout scriptPubKey of the transaction is the hash of the redeemScript - is that correct? You have to treat the redeemScript as bytes, not as a string.How is that calculated? I couldn't seem to get it by using the command line tools in ubuntu to do echo $REDEEM_SCRIPT | sha256sum | openssl rmd160 and then base58 encoding that output. There must be a little more to it than that? Nope, that's all you have to day. Base58 Check Encode the resulting hash and you will get the address.Title: Re: Spend multi-sig BTC with a partial redeemScript Post by: amaclin on January 19, 2017, 05:30:43 AM In this scenario, I have lost the C keypair, and I have only the partial redeem script, because the file saving the redeem script was corrupt. <OP code> <public key A> <public key B> If you do not have redeemScript - you are not able to redeem funds from address. SFYL (Are there any redeem transaction *from* msig address? In this case the redeemScript is written in the blockchain and can be taken) Quote I still have keypair A and B. Why can't I generate a redeemScript that looks likes To redeem which transaction? There are millions unspent transation outputs in the blockchain<OP code> <public key A> <public key B> <public key OTHER> <OP code> and still use keypair A and keypair B to redeem the transaction? Tou have to prove that you know 3 public keys A, B and C and 2 private keys |