|
Title: How to verify SegWit signature with Brainwallet ? Post by: lulucrypto on November 04, 2019, 03:09:07 PM Hello !
Having put this method on my bot to check the Bitcoin signatures (https://bitcointalk.org/index.php?topic=5194216), I thought it would be useful to take the opportunity to share this method to everyone ! The purpose of this method is to convert the Bech32 address to a Legacy address. For this example, I will use my signature (https://bitcointalk.org/index.php?topic=996318.msg52111665#msg52111665). We agree that if I try to check my signature with the address Bech32, it does not work. https://i.imgur.com/Dko7EUJ.png So to start, paste your Bech32 address here and decode it : -> https://slowli.github.io/bech32-buffer/ With my example, the returned data is "f0113389dea4d5abb74fe9fa4aaaa756f966c86d". https://i.imgur.com/z93GsVt.png Now, go to this page, and paste the decoded data in the "Converts a BitCoin Hash160 (in Hex) to a valid BitCoin address." input and convert : -> https://bitcoinvalued.com/tools.php At this point, I copy the address "1NtMnD5BQrRvVeHDk4HXaGvXiVkUuTjhXf". https://i.imgur.com/YJ2jDhD.png And ... It's all, now, use the copied address in signed message like this : Quote -----BEGIN BITCOIN SIGNED MESSAGE----- I'm Lulucrypto on Bitcointalk. And normally, I'm Luluwebmaster. I sign this message at 9 Aug 2019. -----BEGIN SIGNATURE----- 1NtMnD5BQrRvVeHDk4HXaGvXiVkUuTjhXf IAIAMSyjMV62EttLm3HltwmQK0HEchc80OfXKJGPEo1pIvq/st/kgWvLmREfByk3/TSbdrWLmfzoExivGSxzTOo= -----END BITCOIN SIGNED MESSAGE----- You can now verify your signed message with Brainwallet (https://jhoenicke.github.io/brainwallet.github.io/#verify) : https://i.imgur.com/8K86iQ0.png Big thanks to @pooya87 (https://bitcointalk.org/index.php?action=profile;u=379147) and @hatshepsut93 (https://bitcointalk.org/index.php?action=profile;u=821995) who helped me understand how to set up this method : -> https://bitcointalk.org/index.php?topic=5194216.msg52815008#msg52815008 -> https://bitcointalk.org/index.php?topic=5194216.msg52817898#msg52817898 This post in other Language :
And that's all for this little tutorial :) Title: Re: How to verify SegWit signature with Brainwallet ? Post by: bitmover on November 04, 2019, 06:36:41 PM Gratz nice idea.
It is a nice turn around until we have some standard for segwit addresses signatures Long ago I made a topic about this subject. The situation is still the same. Only Electrum made it own standard for segwit signed messaged, this is why you cannot verify those in any other wallet https://bitcointalk.org/index.php?topic=2885058.msg29647827#msg29647827 Title: Re: How to verify SegWit signature with Brainwallet ? Post by: lulucrypto on November 04, 2019, 08:41:11 PM Gratz nice idea. It is a nice turn around until we have some standard for segwit addresses signatures Long ago I made a topic about this subject. The situation is still the same. Only Electrum made it own standard for segwit signed messaged, this is why you cannot verify those in any other wallet https://bitcointalk.org/index.php?topic=2885058.msg29647827#msg29647827 Thank you for sharing, I was not aware of this topic ;) How to verify SegWit signature with Brainwallet ? Great guide/tutorial thanks :)And that's all for this little tutorial :) I would add to that only one warning. Brainwallet is dangerous to use because human mind is not that complicated in terms of creating passwords (brainwallet). Because of that many many many brainwallets got hacked and will be hacked in future because people still using them. Um, I understand that Brainwallet is dangerous for the creation of address, but in terms of verification, there is no problem if I'm not mistaken ? Title: Re: How to verify SegWit signature with Brainwallet ? Post by: bitmover on November 05, 2019, 01:07:38 AM Um, I understand that Brainwallet is dangerous for the creation of address, but in terms of verification, there is no problem if I'm not mistaken ? No problem. It is a good tool for verification. I don't like the idea of a brainwallet either, and I miss some other online tool for simple verification. I would like to verify messages in block explores for example. Title: Re: How to verify SegWit signature with Brainwallet ? Post by: nc50lc on November 05, 2019, 03:39:27 AM Actually, there's a shortcut to this!
Just get your original message, Then remove the address from the message (copy this): Code: -----BEGIN BITCOIN SIGNED MESSAGE----- It'll automatically recognize the legacy address used for that signed message. Because either way, the message was verified using the address: 1NtMnD5BQrRvVeHDk4HXaGvXiVkUuTjhXf, not bc1q7qgn8zw75n26hd60a8ay42482mukdjrdv3cyp7. But both can be derived from the same prv key, so there wont be a serious problem with future verification. The only difference is: those extra steps are some kind of proof that the result legacy address was based from your SegWit address. Title: Re: How to verify SegWit signature with Brainwallet ? Post by: lulucrypto on November 05, 2019, 05:12:27 PM https://bitcoinvalued.com/tools.php Website can’t be reachedIt works well for me ;) Actually, there's a shortcut to this! Just get your original message, Then remove the address from the message (copy this): Code: -----BEGIN BITCOIN SIGNED MESSAGE----- It'll automatically recognize the legacy address used for that signed message. Because either way, the message was verified using the address: 1NtMnD5BQrRvVeHDk4HXaGvXiVkUuTjhXf, not bc1q7qgn8zw75n26hd60a8ay42482mukdjrdv3cyp7. But both can be derived from the same prv key, so there wont be a serious problem with future verification. The only difference is: those extra steps are some kind of proof that the result legacy address was based from your SegWit address. Indeed, thank you for sharing, I was not aware of this method. So I allowed myself to quote your message and more in my first post ;) Title: Re: How to verify SegWit signature with Brainwallet ? Post by: Krislaw on November 07, 2019, 05:12:33 PM Actually, there's a shortcut to this! Just get your original message, Then remove the address from the message (copy this): Code: -----BEGIN BITCOIN SIGNED MESSAGE----- It'll automatically recognize the legacy address used for that signed message. Because either way, the message was verified using the address: 1NtMnD5BQrRvVeHDk4HXaGvXiVkUuTjhXf, not bc1q7qgn8zw75n26hd60a8ay42482mukdjrdv3cyp7. But both can be derived from the same prv key, so there wont be a serious problem with future verification. The only difference is: those extra steps are some kind of proof that the result legacy address was based from your SegWit address. Thanks for sharing this. I have a question, can one receive BTC with the legacy address? Title: Re: How to verify SegWit signature with Brainwallet ? Post by: HCP on November 07, 2019, 07:07:51 PM I have a question, can one receive BTC with the legacy address? That's a bit Off topic, but of course you can... It does not make a difference if it is PSPKH (aka Legacy), P2SH (or one of it's derivatives), P2WPKH or P2WSH. As long as it is a valid address, it will be accepted by the network and you'll be able to receive funds. The thing to note is that then those funds are recorded as belonging to that address... it won't show up in your wallet as belonging to the native segwit (aka bc1) address. Title: Re: How to verify SegWit signature with Brainwallet ? Post by: pooya87 on November 08, 2019, 05:35:17 AM ~ that does NOT save you any steps, you still have to perform the workaround steps to get the workaround address as was explained and check if it is correct otherwise all you are doing is deriving a public key and NOT verifying anything whatsoever. here is the same exact signature with a different message which that site verifies! Code: -----BEGIN BITCOIN SIGNED MESSAGE----- so now you have to fetch the address it gives you (18BLXDUbKDiMF34a1dm5hJ3mpCBwsDUowF) and see if it is the correct one while having bc1q7qgn8zw75n26hd60a8ay42482mukdjrdv3cyp7 Title: Re: How to verify SegWit signature with Brainwallet ? Post by: nc50lc on November 08, 2019, 09:43:53 AM that does NOT save you any steps, you still have to perform the workaround steps to get the workaround address as was explained and check if it is correct otherwise all you are doing is deriving a public key and NOT verifying anything whatsoever. You're right, so the "shortcut" cannot be used by other users who are verifying the message.Honestly, I'm focused on fetching the legacy address (for the signer) and that method will work if he didn't messed up the copy->paste of his original signed message, 'coz what are the odds that he'll accidentally change his own message? Quote from: pooya87 here is the same exact signature with a different message which that site verifies! I see, so those extra spaces and lines that usually added/missed can change the result.@lulucrypto You should remove the quote from the OP as it won't be a reliable shortcut. Anyways, it's still best to use the correct client since some may have used a different implementation on signing messages with SegWit addresses. Title: Re: How to verify SegWit signature with Brainwallet ? Post by: pooya87 on November 08, 2019, 01:34:51 PM that does NOT save you any steps, you still have to perform the workaround steps to get the workaround address as was explained and check if it is correct otherwise all you are doing is deriving a public key and NOT verifying anything whatsoever. You're right, so the "shortcut" cannot be used by other users who are verifying the message.Honestly, I'm focused on fetching the legacy address (for the signer) and that method will work if he didn't messed up the copy->paste of his original signed message, 'coz what are the odds that he'll accidentally change his own message? Quote from: pooya87 here is the same exact signature with a different message which that site verifies! I see, so those extra spaces and lines that usually added/missed can change the result.it is a bug in that tool's code! in fact if you remove the address there is a pretty good chance that the tool returns an invalid address for you since it is possible to derive more than 1 public key from an ECDSA signature. basically: Code: byte[] message = UTF8.Decode("_message_here_")when you change your "message" you are changing the hash so "e" changes and from that you get an entirely different public key hence the different address. this is also why it is dangerous to trust tools like this! they have weird features like this in them. Title: Re: How to verify SegWit signature with Brainwallet ? Post by: lulucrypto on November 08, 2019, 06:37:38 PM Thank you for this additional information.
So I edited the first post accordingly ;) Title: Re: How to verify SegWit signature with Brainwallet ? Post by: lulucrypto on June 07, 2020, 10:04:23 PM Hello,
I revive this somewhat old subject to thank @Baofeng (https://bitcointalk.org/index.php?action=profile;u=984384). Indeed he translated this subject in the Pilipinas category, and for that I thank him ! You can see its translation here : - https://bitcointalk.org/index.php?topic=5253812.0 Thanks again for his help ! |
