Bitcoin Forum

Hello,

I'd like to know if there is any security flaw in signing a Multisig TX as follows:

1) Creating the Multisig Address

OP_2 PUB_KEY_1 PUB_KEY_2 PUB_KEY_3 OP_3 OP_CHECKMULTISIG

2) Sign TX:

{
    "hash": "0d116745ec35e9ee303ea296bdbca38bc9123b35b4b76e947cb41533c27d9dd7",
    "ver": 1,
    "vin_sz": 1,
    "vout_sz": 1,
    "lock_time": 0,
    "size": 340,
    "in": [
        {
            "prev_out": {
                "hash": "df2b060fa2e5e9c8ed5eaf6a45c13753ec8c63282b2688322eba40cd98ea067a",
                "n": "0"
            },
            "scriptSig": "OP_FALSE 304402206a8090be39217ebff730dc6452ad5fcaf7ba692f457b1acd4a44e9c1896db32c02207aa ab831b676640756df1ce408fd581b3bbd3803be739b80b964491f1f3020e901 304502203cb794b1bbf1f697433b6530dbbcc64e9d12c1d19d63b493a3409b59f9fffcac022100c c8077abaca5f51c303e1e34aac0779fc60af9f7fa52edbc7b44b5ac909c6a4101 522103d728ad6757d4784effea04d47baafa216cf474866c2d4dc99b1e8e3eb936e7302102d83bb a35a8022c247b645eed6f81ac41b7c1580de550e7e82c75ad63ee9ac2fd2103aeb681df5ac19e44 9a872b9e9347f1db5a0394d2ec5caf2a9c143f86e232b0d953ae",
            "sequence": 4294967295
        }
    ],
    "out": [
        {
            "value": "49.99950000",
            "scriptPubKey": "OP_DUP OP_HASH160 7faf0c785828c1f87fca32ef071066f60ea100d1 OP_EQUALVERIFY OP_CHECKSIG"
        }
    ]
}

My question is, can this TX be modified to change the output address and amount?

Thanks

Yes. And it still will be invalid.

Ok, so changing the TX outputs is possible, but the signing the TX will result in an invalid TX when sent to the Bitcoin network.

You should sign it with the appropriate private key (15ubicBBWFnvoZLT7GiU2qxjRaKJPdkDMG)
I am sure you are not S.N.  ;D

Yeah I know that  ;)

How did you manage to create a new TX & sign my Multisig address?
https://insight.bitpay.com/address/3KZriXF1KJB5edEXwM5TdByaFEtgRd5VyE