|
Title: MultiSig BUT with Bitcoin Addresses NOT Public Keys Post by: damianmontero on January 08, 2015, 07:43:53 PM I'm building a Bitcoin ATM that will use Multi-Sig for security and I realized I can't create a MultiSig Account with ONLY the Bitcoin Addresses.
Why does MultiSig Use Public Key's as opposed to the compressed 1xxxxx Bitcoin address? I feel that most of the time I'll be building MultiSig Accounts with other people. Most of whom will NOT have their public Key. Only their private key and bitcoin address. If you have the android client. if you have a blockchain.info account. You DON'T have your public key. Is there a way to build a multi sig with BITCOIN ADDRESSES only? (or at least ONE public key from one person (me) and a the bitcoin address of someone else?) is there a way to CALCULATE the PUBLIC KEY (PUBKEY) from the Bitcoin Address? Please help! Title: Re: MultiSig BUT with Bitcoin Addresses NOT Public Keys Post by: DeathAndTaxes on January 08, 2015, 07:57:51 PM No there is no way to perform multisig with addresses.
No you can not compute a public key from an address. An address is the pubkeyhash encoded in base58 with version and checksum. It can be decoded back to the pubkeyhash but you can get pubkey from the pubkeyhash because hashing functions are by their nature one way. Title: Re: MultiSig BUT with Bitcoin Addresses NOT Public Keys Post by: damianmontero on January 08, 2015, 09:36:19 PM Thank you DeathAndTaxes;
How can I make a multiSig address with just regular Bitcoin Addresses? I'm trying to create a bitcoin address where any ONE of TWO (or THREE) bitcoin private addresses can SIGN a transaction. Title: Re: MultiSig BUT with Bitcoin Addresses NOT Public Keys Post by: DeathAndTaxes on January 08, 2015, 10:07:48 PM Once again "No there is no way to perform multisig with addresses."
You must have two or more public keys. Not addresses or pubkeyhashes. Technically an address can be created from the hash of a custom script (P2SH) but I am unsure if there are the necessary op_codes in the scripting language to allow you to validate against signature of one of many pubkeyhashes. Title: Re: MultiSig BUT with Bitcoin Addresses NOT Public Keys Post by: edmundedgar on January 08, 2015, 10:29:25 PM Thank you DeathAndTaxes; How can I make a multiSig address with just regular Bitcoin Addresses? I'm trying to create a bitcoin address where any ONE of TWO (or THREE) bitcoin private addresses can SIGN a transaction. You could make a special script to do this, but you'd probably need some special software to sign it. Is that an acceptable requirement? If so we can talk about the best way to script it. Title: Re: MultiSig BUT with Bitcoin Addresses NOT Public Keys Post by: edmundedgar on January 08, 2015, 10:39:26 PM Technically an address can be created from the hash of a custom script (P2SH) but I am unsure if there are the necessary op_codes in the scripting language to allow you to validate against signature of one of many pubkeyhashes. You can do "or" cases like this with branching OP_IFs (inside P2SH). Simplest case 1/2: Code: OP_IF ...then sign with an OP_1 or OP_0 flag on the end to say which branch should be used. For JavaScript this may help: https://github.com/edmundedgar/bitcoin-branching-transaction-builder I haven't tried it for this specific case, but I think it would be OK. This is currently non-standard, but it should become standard as people start running bitcoin 0.10. In the meantime you should be able to broadcast it with blockchain.info, and it should get mined by Discus Fish or Eligius, which will generally get it mined in an hour or two. Title: Re: MultiSig BUT with Bitcoin Addresses NOT Public Keys Post by: Peter Todd on January 08, 2015, 11:12:52 PM edmundedgar is on the right track, but an even better way to do it is to adapt Luke-Jr's BIP19:
{pubkey} OP_CHECKSIG OP_SWAP {pubkey} OP_CHECKSIG OP_ADD OP_SWAP {pubkey} OP_CHECKSIG OP_ADD {n} OP_EQUAL Replace {pubkey} OP_CHECKSIG as appropriate; you can even mix-n-match multiple forms. https://github.com/bitcoin/bips/blob/master/bip-0019.mediawiki Title: Re: MultiSig BUT with Bitcoin Addresses NOT Public Keys Post by: damianmontero on January 09, 2015, 04:40:23 AM Code: OP_IF 1) Peter Todd. You say your version is better. But it seems to include the PubKeys. I need to include two (or at least one) Bitcoin Address (because I don't have the PubKey, they're not my addresses) So will BIP19 help me here? and is it available now? 2) Edmundedgar: Thank you. So your solution should work once everyone moves to 0.10 bitcoin and if maybe the right pool catches my transaction. Did I understand that right? If the wrong pool gets it. does it go back in the queue until they THEY process the transaction? I'm new at this. but hopefully your link for the bitcoin-branching-transaction-builder will help. but their "tests" and therefor only documentation keeps mentioning PubKeys. So I'm trying to make the code work right now and it's not easy. I'll update this thread with my solution if I can get bitcoinJS-lib to build. Title: Re: MultiSig BUT with Bitcoin Addresses NOT Public Keys Post by: damianmontero on January 09, 2015, 05:30:21 AM @edmundedgar; using your code and your "bitcoin-branching-transaction-builder" project (and Peter Todd's public Bitcoin Address so he could sign a TRANSACTION) Code: var bitcoin = require('bitcoinjs-lib');I get a bitcoin address of: 6376a90088006776a900880068 Is this right? Where is the redeemScript Title: Re: MultiSig BUT with Bitcoin Addresses NOT Public Keys Post by: DeathAndTaxes on January 09, 2015, 05:51:12 AM A quick tip both you and edmundedgar are conflating PubKeyHash with Address. PubKey, PubKeyHas, and BitcoinAddress are distinct items. An Address is a PubKeyHash (or ScriptHash) plus checksum and version data encoded in base58. The Bitcoin network does not use Addresses. Addresses are just for humans. So in your code you would need to DECODE the Address to the PubKeyHash and at the end the result in a ScriptHash which then needs to be encoded as an address (if you are displaying it to a user).
PubKeyHash = RIPEMD-160(SHA-256(PubKey) Address = Base58(version | PubKeyHash | checksum) On edit: corrected hashing algorithm Title: Re: MultiSig BUT with Bitcoin Addresses NOT Public Keys Post by: Taras on January 09, 2015, 06:04:50 AM Some addresses have known public keys on the block chain, but just looking for them wouldn't be very practical because not all addresses have known public keys. A newly generated address wouldn't have one on the chain; you'd need/want to have your customers give you their pubkeys directly, some way or another. Ideally, they would create a new address just for this contract.
Title: Re: MultiSig BUT with Bitcoin Addresses NOT Public Keys Post by: Peter Todd on January 09, 2015, 06:37:01 AM Code: OP_IF 1) Peter Todd. You say your version is better. But it seems to include the PubKeys. I need to include two (or at least one) Bitcoin Address (because I don't have the PubKey, they're not my addresses) So will BIP19 help me here? and is it available now? This about this a little harder: you can replace the <pubkey> CHECKSIG pattern in BIP19 with OP_DUP OP_HASH160 <address2> OP_EQUALVERIFY OP_CHECKSIG. The point of using BIP19 is it's more flexible; edmund's construction doesn't do n-of-m easily. Title: Re: MultiSig BUT with Bitcoin Addresses NOT Public Keys Post by: DeathAndTaxes on January 09, 2015, 06:39:25 AM It is "OP_DUP OP_HASH160 <PubKeyHash> OP_EQUALVERIFY OP_CHECKSIG".
Title: Re: MultiSig BUT with Bitcoin Addresses NOT Public Keys Post by: dserrano5 on January 09, 2015, 07:41:54 AM PubKeyHash = SHA-256(SHA-256(PubKey) Address = Base58(version | PubKeyHash | checksum) Nit: that should be RIPEMD-160(SHA-256(PubKey)). Title: Re: MultiSig BUT with Bitcoin Addresses NOT Public Keys Post by: amaclin on January 09, 2015, 08:03:51 AM Quote You can do "or" cases like this with branching OP_IFs (inside P2SH). Simplest case 1/2: You also can do "and" cases inside P2SHTitle: Re: MultiSig BUT with Bitcoin Addresses NOT Public Keys Post by: jl2012 on January 09, 2015, 08:22:25 AM This is a 2-of-2 multisig using "addresses"
Code: OP_DUP OP_HASH160 <pubKeyHash1> OP_EQUALVERIFY OP_CHECKSIGVERIFY OP_DUP OP_HASH160 <pubKeyHash2> OP_EQUALVERIFY OP_CHECKSIG 1-of-2 multisig Code: OP_DUP OP_HASH160 <pubKeyHash1> OP_EQUALVERIFY OP_CHECKSIG OP_TOALTSTACK OP_DUP OP_HASH160 <pubKeyHash2> OP_EQUALVERIFY OP_CHECKSIG OP_FROMALTSTACK OP_ADD 2-of-3 multisig Code: OP_DUP OP_HASH160 <pubKeyHash1> OP_EQUALVERIFY OP_CHECKSIG OP_TOALTSTACK OP_DUP OP_HASH160 <pubKeyHash2> OP_EQUALVERIFY OP_CHECKSIG OP_TOALTSTACK OP_DUP OP_HASH160 <pubKeyHash3> OP_EQUALVERIFY OP_CHECKSIG OP_FROMALTSTACK OP_FROMALTSTACK OP_ADD OP_ADD OP_2 OP_EQUAL However this is non-standard so not many miners will mine for you (P2SH may work?). Most importantly, none of the current bitcoin clients is able to create a signature for the script. Title: Re: MultiSig BUT with Bitcoin Addresses NOT Public Keys Post by: edmundedgar on January 09, 2015, 01:05:07 PM @edmundedgar; using your code and your "bitcoin-branching-transaction-builder" project (and Peter Todd's public Bitcoin Address so he could sign a TRANSACTION) Code: var bitcoin = require('bitcoinjs-lib');I get a bitcoin address of: 6376a90088006776a900880068 Is this right? Where is the redeemScript I just added a quick test for branching versions of pay-to-public-key-hash - hopefully this will make it clearer how it's supposed to work. Basically bitcoinlib-js takes care of making the bits inside the OP_IF branching, and my thing takes care of putting them together in a branching script, so you don't need to put in your own scripting from the ASM code or anything. https://github.com/edmundedgar/bitcoin-branching-transaction-builder/blob/master/test/branching_transaction_builder.js#L81 Blockchain.info took my redeeming TX (the non-standard one) - let's see if it'll confirm in a reasonable time (or at all...) https://blockchain.info/tx/7d8cf0dac56e90bfff76cee1a13464cc07f0ac36241b6703a894d28987630218 Edit to add: Yup, Eligius took it. Some of the other suggestions people have made here will be variously more flexible (for more combinations of conditions) and more economical (in saving a few bytes) than mine, but you'll have to work out how to sign them since my code won't help you. YMMV, let us know how you get on... Title: This message was too old and has been purged Post by: Evil-Knievel on January 09, 2015, 02:43:01 PM This message was too old and has been purged
Title: Re: MultiSig BUT with Bitcoin Addresses NOT Public Keys Post by: damianmontero on January 09, 2015, 03:08:00 PM Quote If you have the android client. if you have a blockchain.info account. You DON'T have your public key. In fact, you do. Let's see that proof. Because if you can help me find the "publicKey" from my EXISTING blockchain.info or android wallet accounts then We've solve my initial problem. Real problem. I want to make a 1of2 address and I have MY PubKey, but I don't have my mom's (or sisters, or friends) because they use a blockchain.info account and Android Wallet software. Title: Re: MultiSig BUT with Bitcoin Addresses NOT Public Keys Post by: amaclin on January 09, 2015, 03:11:39 PM Quote I want to make a 1of2 address and I have MY PubKey, but I don't have my mom's (or sisters, or friends) because they use a blockchain.info account and Android Wallet software. If there are spending transactions from your mom's (sisters, friends, cats, dogs) addresses - you have their public keysTitle: Re: MultiSig BUT with Bitcoin Addresses NOT Public Keys Post by: DannyHamilton on January 09, 2015, 03:20:35 PM Quote - snip - In fact, you do.if you have a blockchain.info account. You DON'T have your public key. - snip - then We've solve my initial problem. - snip - Here you go: https://i.imgur.com/V50BNRJ.png Title: Re: MultiSig BUT with Bitcoin Addresses NOT Public Keys Post by: damianmontero on January 09, 2015, 04:57:17 PM I just added a quick test for branching versions of pay-to-public-address-hash - hopefully this will make it clearer how it's supposed to work. Alright. I think I have it. Here's a script that STARTS with your two BITCOIN ADDRESSES and ends with the same multiSig Key your test does. BUT the redeem script looks too short. I'll have to try that transaction like you did yours. Can you anything I'm doing wrong? Code: var bitcoin = require('bitcoinjs-lib');RESULTS: MultiSig Address: 3PcxJeW5f6Tp4mVAXe4ggGRvDREAPCMF4o Redeem script: 6376a914a2f26faf639c9a7e6a3ae5076bf7bbbf6cf1732a88ac6776a9140053af91626c8e511b6 3f651161208b56ad0adac88ac68 Title: Re: MultiSig BUT with Bitcoin Addresses NOT Public Keys Post by: damianmontero on January 09, 2015, 05:08:47 PM Let's see that proof. Because if you can help me find the "publicKey" from my EXISTING blockchain.info Here you go: (((( Image excluded ))) Proof accepted. I absolutely do for blockchain.info And also like @amaclin said. Do I have it if I can look up a transaction from this public address in the past? (I mean that happened an hour ago) can I get the public key from the blockchain? After all If your about to FUND my new key. YOU have GOTTEN some money in the past. Also. Does my code (see in the last post) trump this argument? (of which Danny you have won) Title: Re: MultiSig BUT with Bitcoin Addresses NOT Public Keys Post by: damianmontero on January 09, 2015, 06:51:18 PM Just updating the group.
We have created successfully a MultiSig Signature from JUST the Bitcoin Addresses (I think we're the first to do that, can't find anyone else online doing this.) NO PUBKEY WAS USED (well the PubKey HASH was using, but not the original uncompressed full PubKey) See transactions IN (the first from edmundedgar with the public Keys and the second from ME using the code below) https://blockchain.info/address/3PcxJeW5f6Tp4mVAXe4ggGRvDREAPCMF4o Thanks of course to everyone. And especially to edmundedgar for his amazing code examples INCLUDING his private keys (which makes live easier) You need to do a: 1) download edmundedgar's Bitcoin Branching Transaction builder: https://github.com/edmundedgar/bitcoin-branching-transaction-builder 2) run "npm install bitcoinjs-lib" on that root directory 3) Make an app.js in the root of that project with the following code below (of course you have to have NODEjs installed) Code: var bitcoin = require('bitcoinjs-lib');Title: Re: MultiSig BUT with Bitcoin Addresses NOT Public Keys Post by: edmundedgar on January 09, 2015, 09:36:10 PM Just updating the group. We have created successfully a MultiSig Signature from JUST the Bitcoin Addresses (I think we're the first to do that, can't find anyone else online doing this.) NO PUBKEY WAS USED (well the PubKey HASH was using, but not the original uncompressed full PubKey) See transactions IN (the first from edmundedgar with the public Keys and the second from ME using the code below) https://blockchain.info/address/3PcxJeW5f6Tp4mVAXe4ggGRvDREAPCMF4o Thanks of course to everyone. And especially to edmundedgar for his amazing code examples INCLUDING his private keys (which makes live easier) You need to do a: 1) download edmundedgar's Bitcoin Branching Transaction builder: https://github.com/edmundedgar/bitcoin-branching-transaction-builder 2) run "npm install bitcoinjs-lib" on that root directory 3) Make an app.js in the root of that project with the following code below (of course you have to have NODEjs installed) Code: var bitcoin = require('bitcoinjs-lib');Sweet. We should probably: 1) Write a test for the other branch as well 2) Try sending the tx to a 0.10 node before using blochain.info/pushtx on it to prove that the network will really take these things when it starts to upgrade. Title: Re: MultiSig BUT with Bitcoin Addresses NOT Public Keys Post by: damianmontero on January 09, 2015, 09:54:43 PM Sweet. We should probably: 1) Write a test for the other branch as well 2) Try sending the tx to a 0.10 node before using blochain.info/pushtx on it to prove that the network will really take these things when it starts to upgrade. 1) Ok. I have to learn how to do a push request (I suck at GIT) and I'll make a suggestion to your test. 2) the blockchain.info method is a kind of a cheat ;-) But if it works ;-) but I'd LOVE to test that. I'm just happy it's working (and it worked. I got my 2 cents ;-) Who tests on the testnet any more ;-) P.S. Your library will be talked about at tomorrow's Miami Bitcoin hackathon cause it's amazing. Thank you so much for helping me with this. Title: Re: MultiSig BUT with Bitcoin Addresses NOT Public Keys Post by: edmundedgar on January 09, 2015, 11:03:50 PM Who tests on the testnet any more ;-) I'm liking this system where an address I control is hard-coded in the test code, and people test their code by sending real money to it... Title: Re: MultiSig BUT with Bitcoin Addresses NOT Public Keys Post by: edmundedgar on January 10, 2015, 08:34:10 AM Sweet. We should probably: 1) Write a test for the other branch as well 2) Try sending the tx to a 0.10 node before using blochain.info/pushtx on it to prove that the network will really take these things when it starts to upgrade. 1) Ok. I have to learn how to do a push request (I suck at GIT) and I'll make a suggestion to your test. 2) the blockchain.info method is a kind of a cheat ;-) But if it works ;-) but I'd LOVE to test that. I'm just happy it's working (and it worked. I got my 2 cents ;-) Who tests on the testnet any more ;-) P.S. Your library will be talked about at tomorrow's Miami Bitcoin hackathon cause it's amazing. Thank you so much for helping me with this. OK, I just went ahead and added those tests myself. The redeem transaction went fine through a stock bitcoin 0.10, and enough of the network seems to have relayed it for it to show up on blockchain.info. https://blockchain.info/tx/c6b283ed4f2742b3c5aca31380daa423e89620e95a53cddf3d81338dcca95b8c Edit to add: And mined, also by Eligius. Discus Fish doesn't seem to be a thing any more... |
