Signing non-standard transaction

[jl2012]

I am trying to create a transaction to implement my proposed color coin protocol. Test-net transaction id is a0eecca313623fb39ddf92ed36782ec58003fec049d8395166b459bfbbfa3e7a . The output script is

Code:

bc0167de574bfa6c2e04af2b80bf2717399ec614 OP_NOP3 OP_DROP OP_DUP OP_HASH160 ef8a580d4a2f946cf9bb4c18cee113061ffe1912 OP_EQUALVERIFY OP_CHECKSIG

Where

Code:

bc0167de574bfa6c2e04af2b80bf2717399ec614 = RIPEMD160(SHA256(76a914a42f15b5fd15552aa14973bfc59039fbc095580488ac))

and 76a914a42f15b5fd15552aa14973bfc59039fbc095580488ac is the script of the previous output

The new script is, of course, non-standard but it should act exactly like a normal pay-to-pubkey-hash transaction.

Then, I use this command to create a raw transaction to spend to colored coin:

Code:

bitcoind --testnet createrawtransaction '[{"txid":"a0eecca313623fb39ddf92ed36782ec58003fec049d8395166b459bfbbfa3e7a","vout":0}]' '{"n1mkYwsdnQap2fcHrzoiZQgxceKFkVrrER":1.78}'

and bitcoind returns:

Code:

01000000017a3efabbbf59b4665139d849c0fe0380c52e7836ed92df9db33f6213a3cceea00000000000ffffffff0180109c0a000000001976a914de2ef3cd43d270c9aba0c165fc9dc0a8ed0148cc88ac00000000

I try to use signrawtransaction to sign it, and unsurprisingly, bitcoind fails to sign. Is there any easy way to sign the transaction? (The public key is 03D8D93A4F4BF9628742D2C580E83508941474A924A24F5A4339AE0AD200F2B3FD)

[1715572654]

1715572654

[1715572654]

1715572654

[jackjack]

I suggest you to sign it by hand:
Format it correctly (corresponding to the sighash), copy the bytes in your clipboard (using a hex editor), sign it with bitcoin-qt, un-base64 the signature, drop the first byte and divide the remaining 64bytes long string into two 32bytes long ones (r and s) (See edit 1)
Format r and s correctly (DER format), then create the scriptpubkey (see the sighash article on the wiki)

PS1: you can use a tool to sign the transaction more easily, search for jasvet in the dev&tech forum

PS2: I can do it for you if you're not interested in the process but rather in the result

Edit 1: I forgot about the "Bitcoin signing message" prefix... You actually need a tool to sign your bytes

[Mike Hearn]

Your best bet for this type of work is to use bitcoinj or perhaps Jeff's new txtool program.

[blueadept]

Your best bet for this type of work is to use bitcoinj or perhaps Jeff's new txtool program.

+1 for BitcoinJ, use the ScriptBuilder class to write your custom ScriptSig and the Transaction class (calculateSignature method) to sign with the appropriate key.  I haven't looked too closely at Jeff's tool, but I'm not sure it'd work.

Code:

Transaction tx = new Transaction();
tx.addInput(prevtxout);
tx.addOutput(...);
tx.getInput(0).setScriptSig(
    new ScriptBuilder()
        .data(tx.calculateSignature(0, // input number
            key, // ECKey instantiated with the private key you provided
            tx.getInput(0).getConnectedOutput().getScriptPubKey(), // ScriptPubKey from the output - you can also just use prevtxout.getScriptPubKey()
            SigHash.ALL, // the SIGHASH_ALL sighash flags
            false // SIGHASH_ANYONECANPAY is false
        ).encodeToBitcoin()) // Encode the signature to Bitcoin format and return as byte array, which is what data() expects
        .data(key.getPubKey()) // Add key to top of stack since this is an address/pubkeyhash transaction and not just a pubkey transaction
        .build()  // Build the ScriptSig
);

Fairly simple, though there's setup to do to get all of that stuff into the right variables to start with