Bitcoin Forum

Bitcoin => Development & Technical Discussion => Topic started by: Tigra on February 15, 2014, 02:54:39 AM



Title: SX with 2-of-2 MULTISIG
Post by: Tigra on February 15, 2014, 02:54:39 AM
Hi guys, pls don't punch me, I read a lot of posts here but didn't found a solution for my problem.

Here it is my 'deposit' transaction: https://blockchain.info/tx/d87099d52f80ae0b7d9da81e74d3ee00b6dc76f33eb807939d87e698d416b83e (https://blockchain.info/tx/d87099d52f80ae0b7d9da81e74d3ee00b6dc76f33eb807939d87e698d416b83e)
It was created using following script:

Quote
$sx rawscript 2 [ $(cat tigra-pvt.key | sx pubkey) ] [ $(cat dipspb-pvt.key | sx pubkey) ] 2 checkmultisig > msig.script

Now I try to create a spending transaction...

Quote
$sx mktx tx_spending.tx --input d87099d52f80ae0b7d9da81e74d3ee00b6dc76f33eb807939d87e698d416b83e:0 --output 1Aef3F5Yg4RaBb2FFtLyGkCsgjsWH5mB3K:20000

... and create signatures...

Quote
$SIGNATURE_1=$(cat tigra-pvt.key | sx sign-input tx_spending.tx 0 $(cat msig.script))
$SIGNATURE_2=$(cat dipspb-pvt.key | sx sign-input tx_spending.tx 0 $(cat msig.script))

... and set an input script...

Quote
$INPUT_SCRIPT=$(sx rawscript [ $SIGNATURE_1 ] [ $SIGNATURE_2 ] [ $(cat msig.script) ] )
$sx set-input tx_spending.tx 0 $INPUT_SCRIPT > tx_spending_signed.tx

... and broadcast it...

Quote
$sx sendtx-bci tx_spending_signed.tx

And I got: "Invalid Signature"  ???

Looks like I'm doing all according to SX tutorial...
Pls help me to find out where is the bug... :-[ Thank you!


Title: Re: SX with 2-of-2 MULTISIG
Post by: genjix on February 15, 2014, 01:49:52 PM
Hey this drove me a bit mad trying to track down the problem and I ended up having to hack the source. You need an extra 'zero' opcode at the start of the signatures for the input script:

Code:
hash: 18ef65bb0e8c26dd9f02866161fc8f92f49b6a33b63b8310d645b9008ec6c7ff
version: 1
locktime: 0
Input:
  previous output: 07acadc2e7042f4a43305d08fd03c66800155b7ecb6ac56c3395fd906a8ed69a:1
  script: zero [ 30440220587a9cdb4847d4a7586ed25f95a21d8cae1db64b579bb11eb5c14c033ece8bba022027c1e8395470bc0c7be1d792c33f52bcca27e4bd027231f93a74bb5dddcabbc501 ] [ 3045022100b8e9d83ea79bc97188b6ed7072bb361a9b9d00e35336a0b1e444a4a39ce75410022039da58cbc38e55c9dd89f4990ea8a7b8f18d3c6d9f809ff1219382e4c5894eb901 ] [ 522102fb034f6e3f9608a99bba7627c3eb5527102335df46262563681b6c53cc7876952102fcb4a15e1a47eb2e4b4684e18a76a9702e254816d6bad3b2aee141742ebd74cc52ae ]
  sequence: 4294967295
  address: 3KnHCJAymuz9mzMQBeHp6Tjvo2kqr7giug
Output:
  value: 90000
  script: dup hash160 [ a387ba64648b2c78b38d5278a43f0291a06458f0 ] equalverify checksig
  address: 1Fufjpf9RM2aQsGedhSpbSCGRHrmLMJ7yY

Then it should work.

Code:
$INPUT_SCRIPT=$(sx rawscript zero [ $SIGNATURE_1 ] [ $SIGNATURE_2 ] [ $(cat msig.script) ] )


Title: Re: SX with 2-of-2 MULTISIG
Post by: Tigra on February 16, 2014, 04:12:48 AM
Thank you, genjix, for all your efforts!
I bet I've tried that before with no luck... but I'll try that again and will let you know about result.

What's the reason for 'zero' opcode? Bug in 'Checkmultisig'?

Thx!


Title: Re: SX with 2-of-2 MULTISIG
Post by: Peter Todd on February 16, 2014, 06:37:37 AM
What's the reason for 'zero' opcode? Bug in 'Checkmultisig'?

Yup.


Title: Re: SX with 2-of-2 MULTISIG
Post by: Tigra on February 16, 2014, 01:52:53 PM
Hm...

Code:
$ sx rawscript 2 [ $(cat tigra-pvt.key | sx pubkey) ] [ $(cat dipspb-pvt.key | sx pubkey) ] 2 checkmultisig > msig2.script
$ cat msig2.script

Quote
524104333f8553e05fb27bd494fb56dcc471eee03928fb70516e18982226ea095b2e2abadb98c69 3568c4ecaeb2d19a59bf3673b0e1bb1673a96d8bcb2ddebb9f6aa9d2103babbf9a0a54c5e59b73a 5ea5675c703caa042b8f857685e20d970233ea76d6e752ae

Code:
$ sx mktx tx_spending.tx --input d87099d52f80ae0b7d9da81e74d3ee00b6dc76f33eb807939d87e698d416b83e:0 --output 1Aef3F5Yg4RaBb2FFtLyGkCsgjsWH5mB3K:20000

Quote
Added input d87099d52f80ae0b7d9da81e74d3ee00b6dc76f33eb807939d87e698d416b83e:0
Added output sending 20000 Satoshis to 1Aef3F5Yg4RaBb2FFtLyGkCsgjsWH5mB3K.

Code:
$ SIGNATURE_1=$(cat tigra-pvt.key | sx sign-input tx_spending.tx 0 $(cat msig2.script))
$ SIGNATURE_2=$(cat dipspb-pvt.key | sx sign-input tx_spending.tx 0 $(cat msig2.script))
$ INPUT_SCRIPT=$(sx rawscript zero [ $SIGNATURE_1 ] [ $SIGNATURE_2 ] [ $(cat msig2.script) ] )
$ sx set-input tx_spending.tx 0 $INPUT_SCRIPT > tx_spending_signed2.tx
$ sx showtx tx_spending_signed2.tx

Quote
hash: fcd606b0bc83c35685adb91a6e2e1928177a6cf27522bdc5515d9a06b4746f7a
version: 1
locktime: 0
Input:
  previous output: d87099d52f80ae0b7d9da81e74d3ee00b6dc76f33eb807939d87e698d416b83e:0
  script: zero [ 30450221009fe57a37cc994b1aecccd326ff9a49b0bf7087b3be388f1787a9587126aaf4e202206 0a8e71b136221bcecf6cb17906aca674ad3f763170e23f351b71fc546fd159d01 ] [ 30450220551ca0a94d77d699749f6ccca6c02ea229c7a19b0386ef69a23baa8b8a43945b022100f ed99375abd0d43c6c20b90df67b5d142a72f672bb7b702e33ebf216fbf187d401 ] [ 524104333f8553e05fb27bd494fb56dcc471eee03928fb70516e18982226ea095b2e2abadb98c69 3568c4ecaeb2d19a59bf3673b0e1bb1673a96d8bcb2ddebb9f6aa9d2103babbf9a0a54c5e59b73a 5ea5675c703caa042b8f857685e20d970233ea76d6e752ae ]
  sequence: 4294967295
  address: 3Dq8dohF2WEKG5DYQerH1tmRKJf954VrB4
Output:
  value: 20000
  script: dup hash160 [ 69d84695a67b54c2261ebce324b894411230bf78 ] equalverify checksig
  address: 1Aef3F5Yg4RaBb2FFtLyGkCsgjsWH5mB3K

Code:
$ sx sendtx-bci tx_spending_signed2.tx

Quote
Invalid Signature

 ??? ??? ??? What I'm doing wrong?


Title: Re: SX with 2-of-2 MULTISIG
Post by: Tigra on February 17, 2014, 10:56:08 PM

Then it should work.

Code:
$INPUT_SCRIPT=$(sx rawscript zero [ $SIGNATURE_1 ] [ $SIGNATURE_2 ] [ $(cat msig.script) ] )

I've tried to do the same thing using bitcoind... with different spending amount (from 0.0002 + 0.0001 fee up to whole 0.0003 available at the exit of previous transaction)...

Code:
$bitcoind sendrawtransaction 01000000013eb816d498e6879d9307b83ef376dcb600eed3741ea89d7d0bae802fd59970d800000000fc0048304502200336a8586c8bf7cf3da8a83b3c74b7e839a0132c8a32665e6dc9c301aa897da6022100b589e761c70d618dd78b266847e32ec576b24a1a65a2a98638bf928a3c1889820148304502203a6d2432d896f91c74176eb6836450cb33d548f7824681b3572f3147982593ee0221008a0bdc52bd31ede77fbdb32d64810b0a11fe5af8c2be7821cd7d8a6b94050b35014c67524104333f8553e05fb27bd494fb56dcc471eee03928fb70516e18982226ea095b2e2abadb98c693568c4ecaeb2d19a59bf3673b0e1bb1673a96d8bcb2ddebb9f6aa9d2103babbf9a0a54c5e59b73a5ea5675c703caa042b8f857685e20d970233ea76d6e752aeffffffff0130750000000000001976a91469d84695a67b54c2261ebce324b894411230bf7888ac00000000

... and got following:

Quote
error: {"code":-22,"message":"TX rejected"}

Any thoughts? Guys, pls help... spend two days figuring out what's going on... and still have no idea...  :-[


Title: Re: SX with 2-of-2 MULTISIG
Post by: waxwing on February 18, 2014, 01:46:01 AM
Why are you trying to spend without a tx fee? I may be wrong but in the past I always got rejections from spending with 0 fee like that. I forget the exact rules, but it's usually not accepted right?


Title: Re: SX with 2-of-2 MULTISIG
Post by: waxwing on February 18, 2014, 01:49:47 AM
Also, another thing you can do to debug failed multisig spends is some kind of decode input script to get out the pubkeys and make sure you have sigs corresponding to the right pubkeys in the right order. But I'm guessing that's probably not the issue here.


Title: Re: SX with 2-of-2 MULTISIG
Post by: Tigra on February 18, 2014, 05:41:30 AM
Why are you trying to spend without a tx fee?

I've tested the same transaction with 0.0001 to 0.00024 fee... same result.

Finally, just to answer your question, I've decided to went through all the cycle again and came up with following transaction:

Code:
bitcoind decoderawtransaction 01000000013eb816d498e6879d9307b83ef376dcb600eed3741ea89d7d0bae802fd59970d800000000fa004730440220352c0db3e81b484ebad7ee46a33287cfffef85a51b849d5cec5a26ead2d107ef02204ced33671af07eb16dc15fd2cc57bad075b0d9d1aa90b45ceb07b9056c3659d5014730440220782c390f5ecd931742461d5b8140c7fa198deddb39b1fbc07e1433b33c50917f022036c1d3c002c4bbd94db15b36bee9b919298dbee854f0ef7d8e05b03dbc5cad17014c67524104333f8553e05fb27bd494fb56dcc471eee03928fb70516e18982226ea095b2e2abadb98c693568c4ecaeb2d19a59bf3673b0e1bb1673a96d8bcb2ddebb9f6aa9d2103babbf9a0a54c5e59b73a5ea5675c703caa042b8f857685e20d970233ea76d6e752aeffffffff01204e0000000000001976a91469d84695a67b54c2261ebce324b894411230bf7888ac00000000

Code:
{
    "txid" : "14d90664dd94b59e2f6efdf69da5cc8dcabcedfe1979991644b95553767fbd11",
    "version" : 1,
    "locktime" : 0,
    "vin" : [
        {
            "txid" : "d87099d52f80ae0b7d9da81e74d3ee00b6dc76f33eb807939d87e698d416b83e",
            "vout" : 0,
            "scriptSig" : {
                "asm" : "0 30440220352c0db3e81b484ebad7ee46a33287cfffef85a51b849d5cec5a26ead2d107ef02204ced33671af07eb16dc15fd2cc57bad075b0d9d1aa90b45ceb07b9056c3659d501 30440220782c390f5ecd931742461d5b8140c7fa198deddb39b1fbc07e1433b33c50917f022036c1d3c002c4bbd94db15b36bee9b919298dbee854f0ef7d8e05b03dbc5cad1701 524104333f8553e05fb27bd494fb56dcc471eee03928fb70516e18982226ea095b2e2abadb98c693568c4ecaeb2d19a59bf3673b0e1bb1673a96d8bcb2ddebb9f6aa9d2103babbf9a0a54c5e59b73a5ea5675c703caa042b8f857685e20d970233ea76d6e752ae",
                "hex" : "004730440220352c0db3e81b484ebad7ee46a33287cfffef85a51b849d5cec5a26ead2d107ef02204ced33671af07eb16dc15fd2cc57bad075b0d9d1aa90b45ceb07b9056c3659d5014730440220782c390f5ecd931742461d5b8140c7fa198deddb39b1fbc07e1433b33c50917f022036c1d3c002c4bbd94db15b36bee9b919298dbee854f0ef7d8e05b03dbc5cad17014c67524104333f8553e05fb27bd494fb56dcc471eee03928fb70516e18982226ea095b2e2abadb98c693568c4ecaeb2d19a59bf3673b0e1bb1673a96d8bcb2ddebb9f6aa9d2103babbf9a0a54c5e59b73a5ea5675c703caa042b8f857685e20d970233ea76d6e752ae"
            },
            "sequence" : 4294967295
        }
    ],
    "vout" : [
        {
            "value" : 0.00020000,
            "n" : 0,
            "scriptPubKey" : {
                "asm" : "OP_DUP OP_HASH160 69d84695a67b54c2261ebce324b894411230bf78 OP_EQUALVERIFY OP_CHECKSIG",
                "hex" : "76a91469d84695a67b54c2261ebce324b894411230bf7888ac",
                "reqSigs" : 1,
                "type" : "pubkeyhash",
                "addresses" : [
                    "1Aef3F5Yg4RaBb2FFtLyGkCsgjsWH5mB3K"
                ]
            }
        }
    ]
}

And interesting fact: IT DID WENT THROUGH! And now it's a big question - WHY???

Here is my decoded previous transaction:
Code:
bitcoind decoderawtransaction 01000000013eb816d498e6879d9307b83ef376dcb600eed3741ea89d7d0bae802fd59970d800000000fc0048304502200336a8586c8bf7cf3da8a83b3c74b7e839a0132c8a32665e6dc9c301aa897da6022100b589e761c70d618dd78b266847e32ec576b24a1a65a2a98638bf928a3c1889820148304502203a6d2432d896f91c74176eb6836450cb33d548f7824681b3572f3147982593ee0221008a0bdc52bd31ede77fbdb32d64810b0a11fe5af8c2be7821cd7d8a6b94050b35014c67524104333f8553e05fb27bd494fb56dcc471eee03928fb70516e18982226ea095b2e2abadb98c693568c4ecaeb2d19a59bf3673b0e1bb1673a96d8bcb2ddebb9f6aa9d2103babbf9a0a54c5e59b73a5ea5675c703caa042b8f857685e20d970233ea76d6e752aeffffffff0130750000000000001976a91469d84695a67b54c2261ebce324b894411230bf7888ac00000000

Code:
{
    "txid" : "28e5e21d195fad663a9d2ad0208868a874fd4425a09b826ce5ec85b46880a353",
    "version" : 1,
    "locktime" : 0,
    "vin" : [
        {
            "txid" : "d87099d52f80ae0b7d9da81e74d3ee00b6dc76f33eb807939d87e698d416b83e",
            "vout" : 0,
            "scriptSig" : {
                "asm" : "0 304502200336a8586c8bf7cf3da8a83b3c74b7e839a0132c8a32665e6dc9c301aa897da6022100b589e761c70d618dd78b266847e32ec576b24a1a65a2a98638bf928a3c18898201 304502203a6d2432d896f91c74176eb6836450cb33d548f7824681b3572f3147982593ee0221008a0bdc52bd31ede77fbdb32d64810b0a11fe5af8c2be7821cd7d8a6b94050b3501 524104333f8553e05fb27bd494fb56dcc471eee03928fb70516e18982226ea095b2e2abadb98c693568c4ecaeb2d19a59bf3673b0e1bb1673a96d8bcb2ddebb9f6aa9d2103babbf9a0a54c5e59b73a5ea5675c703caa042b8f857685e20d970233ea76d6e752ae",
                "hex" : "0048304502200336a8586c8bf7cf3da8a83b3c74b7e839a0132c8a32665e6dc9c301aa897da6022100b589e761c70d618dd78b266847e32ec576b24a1a65a2a98638bf928a3c1889820148304502203a6d2432d896f91c74176eb6836450cb33d548f7824681b3572f3147982593ee0221008a0bdc52bd31ede77fbdb32d64810b0a11fe5af8c2be7821cd7d8a6b94050b35014c67524104333f8553e05fb27bd494fb56dcc471eee03928fb70516e18982226ea095b2e2abadb98c693568c4ecaeb2d19a59bf3673b0e1bb1673a96d8bcb2ddebb9f6aa9d2103babbf9a0a54c5e59b73a5ea5675c703caa042b8f857685e20d970233ea76d6e752ae"
            },
            "sequence" : 4294967295
        }
    ],
    "vout" : [
        {
            "value" : 0.00030000,
            "n" : 0,
            "scriptPubKey" : {
                "asm" : "OP_DUP OP_HASH160 69d84695a67b54c2261ebce324b894411230bf78 OP_EQUALVERIFY OP_CHECKSIG",
                "hex" : "76a91469d84695a67b54c2261ebce324b894411230bf7888ac",
                "reqSigs" : 1,
                "type" : "pubkeyhash",
                "addresses" : [
                    "1Aef3F5Yg4RaBb2FFtLyGkCsgjsWH5mB3K"
                ]
            }
        }
    ]
}

Yes, amount is different, but, as I told you, I've tried 0.0002 before and it didn't went through... and it did now... somehow...
Any ideas WHY?  >:(


Title: Re: SX with 2-of-2 MULTISIG
Post by: waxwing on February 18, 2014, 05:57:53 AM
As I said, no tx fee is generally not going to go through, so no mystery there.

As for why it didn't work before and does now - only you can figure out what is different between the two cases. I took a quick look at the two input scripts and saw nothing very interesting.

correct tx:
Code:
m.ea.get_address_from_input_script('004730440220352c0db3e81b484ebad7ee46a33287cfffef85a51b849d5cec5a26ead2d107ef02204ced33671af07eb16dc15fd2cc57bad075b0d9d1aa90b45ceb07b9056c3659d5014730440220782c390f5ecd931742461d5b8140c7fa198deddb39b1fbc07e1433b33c50917f022036c1d3c002c4bbd94db15b36bee9b919298dbee854f0ef7d8e05b03dbc5cad17014c67524104333f8553e05fb27bd494fb56dcc471eee03928fb70516e18982226ea095b2e2abadb98c693568c4ecaeb2d19a59bf3673b0e1bb1673a96d8bcb2ddebb9f6aa9d2103babbf9a0a54c5e59b73a5ea5675c703caa042b8f857685e20d970233ea76d6e752ae'.decode('hex'))

(['04333f8553e05fb27bd494fb56dcc471eee03928fb70516e18982226ea095b2e2abadb98c693568c4ecaeb2d19a59bf3673b0e1bb1673a96d8bcb2ddebb9f6aa9d', '03babbf9a0a54c5e59b73a5ea5675c703caa042b8f857685e20d970233ea76d6e7'], ['30440220352c0db3e81b484ebad7ee46a33287cfffef85a51b849d5cec5a26ead2d107ef02204ced33671af07eb16dc15fd2cc57bad075b0d9d1aa90b45ceb07b9056c3659d5', '30440220782c390f5ecd931742461d5b8140c7fa198deddb39b1fbc07e1433b33c50917f022036c1d3c002c4bbd94db15b36bee9b919298dbee854f0ef7d8e05b03dbc5cad17'], '3Dq8dohF2WEKG5DYQerH1tmRKJf954VrB4')

the first list are the two pubkeys, the second are the two sigs, and the last obviously is the msig address.

failed tx:
Code:
>>> m.ea.get_address_from_input_script('0048304502200336a8586c8bf7cf3da8a83b3c74b7e839a0132c8a32665e6dc9c301aa897da6022100b589e761c70d618dd78b266847e32ec576b24a1a65a2a98638bf928a3c1889820148304502203a6d2432d896f91c74176eb6836450cb33d548f7824681b3572f3147982593ee0221008a0bdc52bd31ede77fbdb32d64810b0a11fe5af8c2be7821cd7d8a6b94050b35014c67524104333f8553e05fb27bd494fb56dcc471eee03928fb70516e18982226ea095b2e2abadb98c693568c4ecaeb2d19a59bf3673b0e1bb1673a96d8bcb2ddebb9f6aa9d2103babbf9a0a54c5e59b73a5ea5675c703caa042b8f857685e20d970233ea76d6e752ae'.decode('hex'))

(['04333f8553e05fb27bd494fb56dcc471eee03928fb70516e18982226ea095b2e2abadb98c693568c4ecaeb2d19a59bf3673b0e1bb1673a96d8bcb2ddebb9f6aa9d', '03babbf9a0a54c5e59b73a5ea5675c703caa042b8f857685e20d970233ea76d6e7'], ['304502200336a8586c8bf7cf3da8a83b3c74b7e839a0132c8a32665e6dc9c301aa897da6022100b589e761c70d618dd78b266847e32ec576b24a1a65a2a98638bf928a3c188982', '304502203a6d2432d896f91c74176eb6836450cb33d548f7824681b3572f3147982593ee0221008a0bdc52bd31ede77fbdb32d64810b0a11fe5af8c2be7821cd7d8a6b94050b35'], '3Dq8dohF2WEKG5DYQerH1tmRKJf954VrB4')

You have the same 2 pubkeys in the same order in both cases, so nothing wrong there. That pretty much just leaves the signatures. For the transaction to succeed, the signatures have to be in the same order as the pubkeys, and, quite important :) , they have to be signing the exact same transaction. So those are two ways the signatures could be input incorrectly. There are others, but most likely the error in the previous attempt is in there somewhere...


Title: Re: SX with 2-of-2 MULTISIG
Post by: Tigra on February 18, 2014, 04:23:42 PM
Thank you, waxwing... I appreciate your help!

I decided to do the same thing again... now with SX. Hope to figure out what went wrong before.


Title: Re: SX with 2-of-2 MULTISIG
Post by: genjix on February 21, 2014, 07:47:15 PM
I followed your instructions but put the zero at the beginning and generated a valid 2of2 spend:

https://blockchain.info/tx/086bd5c500021f007d2e77d8dc7fcbe200dca4f7957eef7ff1f788996a5381c8

Code:
 2010  cat tx_spending.tx | sx showtx
 2011  SIGNATURE_1=$(cat tigra-pvt.key | sx sign-input tx_spending.tx 0 $(cat msig.script))
 2012  SIGNATURE_2=$(cat dipspb-pvt.key | sx sign-input tx_spending.tx 0 $(cat msig.script))
 2013  echo $SIGNATURE_1
 2014  SIGNATURE_1=$(cat tigra-pvt.key | sx sign-input tx_spending.tx 0 $(cat msig.script))
 2015  SIGNATURE_2=$(cat dipspb-pvt.key | sx sign-input tx_spending.tx 0 $(cat msig.script))
 2016  echo $SIGNATURE_1
 2017  echo $SIGNATURE_1
 2018  echo $SIGNATURE_2
 2019  INPUT_SCRIPT=$(sx rawscript [ $SIGNATURE_1 ] [ $SIGNATURE_2 ] [ $(cat msig.script) ] )INPUT_SCRIPT=$(sx rawscript [ $SIGNATURE_1 ] [ $SIGNATURE_2 ] [ $(cat msig.script) ] )
 2020  INPUT_SCRIPT=$(sx rawscript [ $SIGNATURE_1 ] [ $SIGNATURE_2 ] [ $(cat msig.script) ] )
 2021  INPUT_SCRIPT=$(sx rawscript zero [ $SIGNATURE_1 ] [ $SIGNATURE_2 ] [ $(cat msig.script) ] )
 2022  echo $INPUT_SCRIPT
 2023  echo $INPUT_SCRIPT | sx showscript
 2024  sx set-input tx_spending.tx 0 $INPUT_SCRIPT > tx_spending_signed.tx
 2025  cat tx_spending_signed.tx
 2026  cat tx_spending_signed.tx | sx showtx
 2027  cat tx_spending_signed.tx
 2028  cat tx_spending_signed.tx | sx validtx
 2029  cat tx_spending_signed.tx
 2030  cat tx_spending_signed.tx | sx showtx
 2031  history