Bitcoin Forum
April 22, 2018, 04:09:00 AM *
News: Latest stable version of Bitcoin Core: 0.16.0  [Torrent]. (New!)
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: signing message from segwit adress  (Read 322 times)
Lincoln6Echo
Legendary
*
Offline Offline

Activity: 1960
Merit: 1017


Don't use bitcoin.de if you care about privacy!


View Profile
November 13, 2017, 04:26:26 PM
 #1

Hi there,

I was wondering the othe day when will it possible to sign a message when using a segwit adress. It is an important feature to me and I still didn't transfer most of my funds to a segwit adress because segwit adresses lack this feature.

Is there a timeline available when a standard for signing with segwit wil be available or is it technical impossible to do?











▄█████████████▄
█░░░░░░░░░░░░░█
█░░░░░░░░░░░░░█
█░░░░░░░░░░░░░█
█░░░░▄███▄░░░░█
█░░░░█████░░░░█
█░░░░▀███▀░░░░█
█░░░░░░░░░░░░░█
█░░░░░░░░░░░░░█
█░░░░░░░░░░░░░█
██████▀▀███████
▀█████▄▄██████▀

         ▄▄██████████████▄▄
       ▄█▀▀              ▀▀█▄
     ▄█▀                    ▀█▄
    ██     ▄▄▀▀▀▀▀▀▀▀▀▀▄▄     ██
   ██   ▄▀▀ ▄▄████████▄▄ ▀▀▄   ██
   █  ▄▀ ▄██▀▀▀      ▀▀▀██▄ ▀▄ 
   █  ██▀ ▄▄        ▄▄ ▀██ ▐ 
   █  ▐█▌ ████ ▄▄▄▄ ████ ▐█▌▐ 
  ██  ██▄ ▀▀  ▀▄▄▀  ▀▀ ▄█▐  ██
 ▐██  ▀▄ ▀▀█▄▄▄      ▄▄▄█▀▀ ▄▀  ██▌
 ████▄  ▀▄▄ ▀▀███████▀▀ ▄▄▀  ▄████
▐██▌▀██▄▄  ▀▀▄▄▄▄▄▄▄▄▄▄▀▀  ▄▄██▀▐██▌
██▀   ▀▀██▄▄            ▄███▀▀   ▀██
          ▀▀████████████▀▀
vivid









████████████
███████████████
██░░░░░██████████
██░░░░░████████████
███████████████████
██░░░░░░░░░░░░░░░██
███████████████████
██░░░░░░░░░░░░░░░██
███████████████████
██░░░░░░░░░░░░░░░██
███████████████████
███████████████████
PRESALE
FEBRUARY 23










1524370140
Hero Member
*
Offline Offline

Posts: 1524370140

View Profile Personal Message (Offline)

Ignore
1524370140
Reply with quote  #2

1524370140
Report to moderator
1524370140
Hero Member
*
Offline Offline

Posts: 1524370140

View Profile Personal Message (Offline)

Ignore
1524370140
Reply with quote  #2

1524370140
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1524370140
Hero Member
*
Offline Offline

Posts: 1524370140

View Profile Personal Message (Offline)

Ignore
1524370140
Reply with quote  #2

1524370140
Report to moderator
1524370140
Hero Member
*
Offline Offline

Posts: 1524370140

View Profile Personal Message (Offline)

Ignore
1524370140
Reply with quote  #2

1524370140
Report to moderator
achow101
Moderator
Legendary
*
Offline Offline

Activity: 1372
Merit: 1273


3F1Y9yquzvY6RWvKbw2n2zeo9V5mvBhADU


View Profile WWW
November 13, 2017, 05:03:34 PM
 #2

Message signing is done with private and public keys. Addresses are neither of those; the are representations of an output script. You can't sign with an output script. Signing a message with an address should never have been called that in the first place; the address is not a public key so it can't be used to sign or verify anything. So no, it is technically impossible because it is impossible to know what script you want a public key to map to to get the address a message was signed with.

Lincoln6Echo
Legendary
*
Offline Offline

Activity: 1960
Merit: 1017


Don't use bitcoin.de if you care about privacy!


View Profile
November 13, 2017, 08:12:11 PM
 #3

Message signing is done with private and public keys. Addresses are neither of those; the are representations of an output script. You can't sign with an output script. Signing a message with an address should never have been called that in the first place; the address is not a public key so it can't be used to sign or verify anything. So no, it is technically impossible because it is impossible to know what script you want a public key to map to to get the address a message was signed with.
Thank you for your fast reply.

Yeah I know that public key is not the public adress.
Nevertheless with old adress format it is possible to 'sign' a message but with segwit adress it's not. Why is that?











▄█████████████▄
█░░░░░░░░░░░░░█
█░░░░░░░░░░░░░█
█░░░░░░░░░░░░░█
█░░░░▄███▄░░░░█
█░░░░█████░░░░█
█░░░░▀███▀░░░░█
█░░░░░░░░░░░░░█
█░░░░░░░░░░░░░█
█░░░░░░░░░░░░░█
██████▀▀███████
▀█████▄▄██████▀

         ▄▄██████████████▄▄
       ▄█▀▀              ▀▀█▄
     ▄█▀                    ▀█▄
    ██     ▄▄▀▀▀▀▀▀▀▀▀▀▄▄     ██
   ██   ▄▀▀ ▄▄████████▄▄ ▀▀▄   ██
   █  ▄▀ ▄██▀▀▀      ▀▀▀██▄ ▀▄ 
   █  ██▀ ▄▄        ▄▄ ▀██ ▐ 
   █  ▐█▌ ████ ▄▄▄▄ ████ ▐█▌▐ 
  ██  ██▄ ▀▀  ▀▄▄▀  ▀▀ ▄█▐  ██
 ▐██  ▀▄ ▀▀█▄▄▄      ▄▄▄█▀▀ ▄▀  ██▌
 ████▄  ▀▄▄ ▀▀███████▀▀ ▄▄▀  ▄████
▐██▌▀██▄▄  ▀▀▄▄▄▄▄▄▄▄▄▄▀▀  ▄▄██▀▐██▌
██▀   ▀▀██▄▄            ▄███▀▀   ▀██
          ▀▀████████████▀▀
vivid









████████████
███████████████
██░░░░░██████████
██░░░░░████████████
███████████████████
██░░░░░░░░░░░░░░░██
███████████████████
██░░░░░░░░░░░░░░░██
███████████████████
██░░░░░░░░░░░░░░░██
███████████████████
███████████████████
PRESALE
FEBRUARY 23










Xynerise
Full Member
***
Offline Offline

Activity: 182
Merit: 162


39twH4PSYgDSzU7sLnRoDfthR6gWYrrPoD


View Profile
November 13, 2017, 10:22:46 PM
 #4

Culled from Reddit:

"All of the signature validation software that I've seen expects a P2PKH address to resolve. Signing with a P2SH-P2WPKH address could be done by deriving the P2PKH address from the privkey, signing with the privkey, and including the P2PKH address along with the signed message. This probably isn't done due to UI.UX concerns whereby the signer might believe that a wrong privkey is being used. Other than that, it's certainly possible.

The situation is similar with sweeping addresses. We derive both P2PKH and P2SH-P2WPKH for sweeping now, so sweeping P2SH-P2WPKH addresses using the privkey is possible.

Something like this: https://pastebin.com/zZCmzsJr"
Segwit addresses are P2SH-P2WPKH and you can't sign messages against P2SH, for example you can't sign a message with a multisig wallet.




By the way, Samouri Wallet for Android has a new option to sign messages with Segwit transactions so it's definitely possible:
http://blog.samouraiwallet.com/post/167306611667/wallet-update-097-coin-control-dust-tx-alerts

Anyone can correct me if I'm wrong.

___________yahoo62278 CAMPAIGN MANAGER________  ◥◥  The Best & Most Popular Manager  ◤◤  ___________
✔ ICO Manager          ✔ Bounty Manager          ✔ Signature Campaign Manager          ✔ Twitter Campaign Manager
█████████████████████████   ADD "yahoo62278" on Telegram & Skype   █████████████████████████
achow101
Moderator
Legendary
*
Offline Offline

Activity: 1372
Merit: 1273


3F1Y9yquzvY6RWvKbw2n2zeo9V5mvBhADU


View Profile WWW
November 13, 2017, 10:59:45 PM
 #5

Yeah I know that public key is not the public adress.
Nevertheless with old adress format it is possible to 'sign' a message but with segwit adress it's not. Why is that?
Because when you "sign with an address" the signer and verifier expect a P2PKH address. It is certainly possible "sign with a segwit address" but the signer would have to somehow signal that the corresponding address is for segwit, or the verifier would need to generate P2PKH, P2SH-P2WPKH, and P2WPKH addresses. Currently it is impossible because there is no standard for how to determine what kind of address "signed" a given message. In fact, there is no standard for message signing anyways.

Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!