|
Title: Signing order for m-of-n transactions Post by: No_2 on January 27, 2015, 07:18:07 PM For a transaction containing an m-of-n output, say 7-of-10 that 7 signatories are required to release funds, as an input for the next transaction. I understand that the signing order must be the same as the original signing order used to create the 7-of-10 contract within the transaction.
If I've understood this correctly can someone point me to where this is enforced in the code. Title: Re: Signing order for m-of-n transactions Post by: yakuza699 on January 27, 2015, 07:34:02 PM If I've understood this correctly can someone point me to where this is enforced in the code. Yes you understood it correctly but unfortunately I can not link you to the place where it is in the code.Title: Re: Signing order for m-of-n transactions Post by: hhanh00 on January 27, 2015, 08:21:05 PM https://github.com/bitcoin/bitcoin/blob/b01a435c34f0669affece2b3d90f92c347588d69/src/script/interpreter.cpp
Code: bool fOk = checker.CheckSig(vchSig, vchPubKey, scriptCode); Title: Re: Signing order for m-of-n transactions Post by: No_2 on January 28, 2015, 02:39:11 PM Thanks.
Can anyone explain why the signing order is important? i.e. Why can the nodes not just sign to release in any order? Title: Re: Signing order for m-of-n transactions Post by: dabura667 on January 28, 2015, 03:21:58 PM Thanks. Can anyone explain why the signing order is important? i.e. Why can the nodes not just sign to release in any order? Signature can happen in any order... it's just that once you have the necessary number of signatures, you must switch around their order to meet the proper ordering requirements. Title: Re: Signing order for m-of-n transactions Post by: johoe on January 28, 2015, 06:07:41 PM Can anyone explain why the signing order is important? i.e. Why can the nodes not just sign to release in any order? To keep the code that checks the signatures simple and fast (remember that it must be checked by every full node in the bitcoin network). Suppose you have a 14 of 15 signature. If these were not ordered you have to check every signature with every key, in the worst case more than 100 checks. Since the protocol requires that the signatures are in the right order, you only have to check each key once. If it doesn't match the signature at the expected position you immediately know that the signature for that key is not present. Also, its easy for a signer to put his signature at the right place, so you don't have to really sign the transaction in the right order, you just have to order the signatures right. Title: Re: Signing order for m-of-n transactions Post by: No_2 on January 28, 2015, 11:11:29 PM Thank you johoe that rational makes sense.
Can anyone explain why the signing order is important? i.e. Why can the nodes not just sign to release in any order? To keep the code that checks the signatures simple and fast (remember that it must be checked by every full node in the bitcoin network). Suppose you have a 14 of 15 signature. If these were not ordered you have to check every signature with every key, in the worst case more than 100 checks. Since the protocol requires that the signatures are in the right order, you only have to check each key once. If it doesn't match the signature at the expected position you immediately know that the signature for that key is not present. Also, its easy for a signer to put his signature at the right place, so you don't have to really sign the transaction in the right order, you just have to order the signatures right. |