Title: Why cant get RSZ from Bitcoin Transaction? Post by: bane77 on December 31, 2023, 09:03:34 AM Playing around with rsz values and i stumble on from example this transaction and cant retrieve rsz:
https://www.blockchain.com/explorer/transactions/btc/4dcc0f56c1bec15e29c3efdaf562cf6a2893e2b819112e9ea4e92d6b256a79db (https://www.blockchain.com/explorer/transactions/btc/4dcc0f56c1bec15e29c3efdaf562cf6a2893e2b819112e9ea4e92d6b256a79db) I try on www.2coins.org with Transaction ID and Raw Tx, i get: Transaction ID is probably wrong or with Raw Tx:Invalid Data In Raw Tx. I also try with Iceland RSZ script and also get error: ValueError: invalid literal for int() with base 16: '' I m guessing something is missing in the transaction ??? Can please someone explain? Thanks! Title: Re: Why cant get RSZ from Bitcoin Transaction? Post by: nc50lc on December 31, 2023, 11:15:07 AM I m guessing something is missing in the transaction ??? The transaction in question spent "p2pk" (Pay-to-PubKey) outputs, so I'm guessing that the tool that you've tried simply doesn't support p2pk scriptSig.For r and S of that particular txn, you can get it from the input's scriptSig since it is a valid DER-encoded ECDSA signature; For the first input:
I've tried other p2pk transactions and it resulted with the same error. So try to find another tool that supports it. Title: Re: Why cant get RSZ from Bitcoin Transaction? Post by: nc50lc on January 01, 2024, 07:41:16 AM Is it correct that the Z-value is the signature hash? It's quite complicated to manually compute specially in transactions with multiple inputs.It's the data that was signed, basically the Hash256 (SHA256 2x) of the output of "Step9" in this diagram: https://en.bitcoin.it/w/images/en/7/70/Bitcoin_OpCheckSig_InDetail.png (https://en.bitcoin.it/w/images/en/7/70/Bitcoin_OpCheckSig_InDetail.png) For the sake of simplicity, here's a 1input-1output p2pkh testnet transaction I used for testing: 4d1b9b5999d63fa77983efc663bef4cc76bf13820771a6b3ab436a93fd33dc4e (https://blockstream.info/testnet/tx/4d1b9b5999d63fa77983efc663bef4cc76bf13820771a6b3ab436a93fd33dc4e?expand) RAW (use that tool to get r, S, Z): Code: 01000000011605ebaaf9f879b432d0331d287201e1f132f939fb35498a737a54caeb4906e9010000006a473044022024f3353d2412ed4721eddc3efcc632d934772c3683e8a5f80505f1bee67c0689022068e66bfc569924d571be6acb1094127a882a0e3c98789ea578378e03d1f799c5012102f617c1916a4538d08c0abf6c57c3504396f53a61cc4aeca5c8e6a73a16709566fdffffff0104100000000000001976a9146f7176518dc6d4f9f574f3cb76bf8f06f21f6cff88ac00000000 Code: 01000000011605ebaaf9f879b432d0331d287201e1f132f939fb35498a737a54caeb4906e9010000001976a91443fc0f21f73898be3afa09ef7189796d3b37c9e288acfdffffff0104100000000000001976a9146f7176518dc6d4f9f574f3cb76bf8f06f21f6cff88ac0000000001000000 Code: d5a1e5dd5159ef3a73b7f8246895b9f5afe5f29e363b325fb6f41036aab5a209 Title: Re: Why cant get RSZ from Bitcoin Transaction? Post by: nc50lc on January 02, 2024, 07:01:35 AM For example this one? According to BIP143: https://github.com/bitcoin/bips/blob/master/bip-0143.mediawiki#p2sh-p2wpkh (https://github.com/bitcoin/bips/blob/master/bip-0143.mediawiki#p2sh-p2wpkh)TestNet TxId: ac919ea7cd1564fe0826851076041d58185b2ca04f2305f22dd60b63ac476913 That transaction's Z-value should be: Code: 67927cd4db3a11cd954cf8903f65f1ddbd0e601cba1a3b74cf1136e53f509592 Code: 02000000 But since we can't find a tool that supports SegWit, I can't cross-check if it's correct, so please CMIIAW. Title: Re: Why cant get RSZ from Bitcoin Transaction? Post by: whanau on January 02, 2024, 07:55:59 AM For example this one? According to BIP143: https://github.com/bitcoin/bips/blob/master/bip-0143.mediawiki#p2sh-p2wpkh (https://github.com/bitcoin/bips/blob/master/bip-0143.mediawiki#p2sh-p2wpkh)TestNet TxId: ac919ea7cd1564fe0826851076041d58185b2ca04f2305f22dd60b63ac476913 That transaction's Z-value should be: Code: 67927cd4db3a11cd954cf8903f65f1ddbd0e601cba1a3b74cf1136e53f509592 Code: 02000000 But since we can't find a tool that supports SegWit, I can't cross-check if it's correct, so please CMIIAW. I 'plugged in' the message to the usual signature check algorithm and it r's matched so the z-value quoted by nc50lc is correct. I will go away and learn the BIP page. Thanks Code: Msg: 02000000a8ea6358b5a2efe25e5b6813b5298c603666c90b3061eea0aed7108588ce6f5218606b350cd8bf565266bc352f0caddcf01e8fa789dd8a15386327cf8cabe198e977d313dd88253458ea455fd4a8256453acd7ad193b2c72ae376492ed338e1f010000001976a9148e6e804524d16ff27b51fa0b0e65463028ffd4b888ac77cd300000000000feffffff8942f7fbf60d9102e812e3d720d2c0918f68b1dbb3cd7e76366ddf055e051f560a6a180001000000 Title: Re: Why cant get RSZ from Bitcoin Transaction? Post by: NotATether on January 02, 2024, 10:30:52 AM You can already get the R and S values of any non-taproot transaction directly from the bytes.
To get the z values, just follow the BIP143 format posted by nc50lc or you can read it at https://medium.com/coinmonks/creating-and-signing-a-segwit-transaction-from-scratch-ec98577b526a , Or for legacy (non-segwit signalling) transactions, follow the format here: https://medium.com/@ottosch/manually-creating-and-signing-a-bitcoin-transaction-87fbbfe46032 I am following the process of signing raw transactions, but there are a few values which you cannot get directly from the transaction itself and you'll need to get by looking at previous transactions, such as the scriptpubkey of the previous outpoint and its value in sats. Title: Re: Why cant get RSZ from Bitcoin Transaction? Post by: NotATether on January 02, 2024, 01:07:52 PM That transaction's Z-value should be: Code: 67927cd4db3a11cd954cf8903f65f1ddbd0e601cba1a3b74cf1136e53f509592 Very nice! The Sig-Hash is right! Thank you very much, that helps :-) I will now take a lot of time to dig through the BIP143! I try to analyze the calculation alone and implement it in my code. If I can't do it, I'll ask again here. Many thanks to everyone who also helped here and posted helpful links :-) Keep in mind that in the BIP143, the first two elements related to hashprevout and hashsequence are a concatenation of all the prevouts and sequences in the transaction inputs (from first to last) respectively. And everywhere that says "sha256 hash" for an element, they mean you need to do a double sha256 hash on it, as well as a another double hash on the whole byte sequence once you've assembled it. Title: Re: Why cant get RSZ from Bitcoin Transaction? Post by: nc50lc on January 06, 2024, 05:19:02 AM In the section: P2SH-P2WPKH It's the second option.Code: hashPrevouts: It is the 'Transaction ID' and 'Output Index' of the input(s). You can refer to the other examples which work similarly but used different sighash flag that are different from the prevIndex. |