[bitcoind] [brainwallet.org] Verify message, different results for same message

[dexX7]

A user in #bitcoin-assets mentioned that the message and signature he generated resolves to another address on brainwallet.org as it was intended to. I tried to pin down the problem and this is what I found out:

A message with the very special char ’ + more than 249 other (normal) chars resolves to different Bitcoin addresses when bitcoind and brainwallet.org is used.

1. ’ + 249 other chars:

Message:

Code:

’XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Signature generated by brainwallet.org:

Code:

HAeEUZHzDgDOZSLakU0TahyaZX6Wb5ViMUJByFqOrVHPE1lNK8XTu3FPMYDAP7erqf7IuHECBKIB3h5ymVfKHjA=

brainwallet.org output:

Code:

Verified to: 17mDAmveV5wBwxajBsY7g1trbMW1DVWcgL

bitcoind "verify message" for 17mDAmveV5wBwxajBsY7g1trbMW1DVWcgL:

Code:

Message verfied.

2. ’ + 250 other chars:

Code:

’XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Signature generated by brainwallet.org:

Code:

HBHMfRLvk0aMj4B9mAY5RRJcweTaYh1q/74/rh3nzv36ytjhgOGumBJwvi0KTv7XhzZdr+wQ05egf05dN3mo5O8=

brainwallet.org output:

Code:

Verified to: 17mDAmveV5wBwxajBsY7g1trbMW1DVWcgL

bitcoind "verify message" for 17mDAmveV5wBwxajBsY7g1trbMW1DVWcgL:

Code:

Message verification failed.

bitcoind "verify message" for 1Cza7rVEy928uJjC5p2oBZAKgTr2c2tFuy:

Code:

Message verified.

While ’ seems to be a very special character, it's a strange behaviour which I can't explain.

[1715043031]

1715043031

[1715043031]

1715043031

[1715043031]

1715043031

[fpgaminer]

Brainwallet.org is borked.  I commented on other issues with signing in this thread.  Your issue is probably related.

[Atruk]

A user in #bitcoin-assets mentioned that the message and signature he generated resolves to another address on brainwallet.org as it was intended to. I tried to pin down the problem and this is what I found out:

A message with the very special char ’ + more than 249 other (normal) chars resolves to different Bitcoin addresses when bitcoind and brainwallet.org is used.

1. ’ + 249 other chars:

Message:

Code:

’XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Signature generated by brainwallet.org:

Code:

HAeEUZHzDgDOZSLakU0TahyaZX6Wb5ViMUJByFqOrVHPE1lNK8XTu3FPMYDAP7erqf7IuHECBKIB3h5ymVfKHjA=

brainwallet.org output:

Code:

Verified to: 17mDAmveV5wBwxajBsY7g1trbMW1DVWcgL

bitcoind "verify message" for 17mDAmveV5wBwxajBsY7g1trbMW1DVWcgL:

Code:

Message verfied.

2. ’ + 250 other chars:

Code:

’XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Signature generated by brainwallet.org:

Code:

HBHMfRLvk0aMj4B9mAY5RRJcweTaYh1q/74/rh3nzv36ytjhgOGumBJwvi0KTv7XhzZdr+wQ05egf05dN3mo5O8=

brainwallet.org output:

Code:

Verified to: 17mDAmveV5wBwxajBsY7g1trbMW1DVWcgL

bitcoind "verify message" for 17mDAmveV5wBwxajBsY7g1trbMW1DVWcgL:

Code:

Message verification failed.

bitcoind "verify message" for 1Cza7rVEy928uJjC5p2oBZAKgTr2c2tFuy:

Code:

Message verified.

While ’ seems to be a very special character, it's a strange behaviour which I can't explain.

I'm investigating this behavior I reported earlier further. I'm doing further investigation which I probably lack the technical expertise to do right. I'm also digging through more forum threads et al.

I am still considering the bitcoin address 1LvCuntsJyFFQsLuJhBXBPokbQa7SAyMr4 invalid for message signing purposes into the future. This is bitcoin and not taking the measure of refuting the address's right to sign messages on my behalf would be the wrong step. Handling Bitcoin properly necessitates some measure of paranoia.

It looks like the little endian big endian issues mentioned here might be at play.

[gmaxwell]

I'm investigating this behavior I reported earlier further. I'm doing further investigation which I probably lack the technical expertise to do right. I'm also digging through more forum threads et al.

I am still considering the bitcoin address 1LvCuntsJyFFQsLuJhBXBPokbQa7SAyMr4 invalid for message signing purposes into the future. This is bitcoin and not taking the measure of refuting the address's right to sign messages on my behalf would be the wrong step. Handling Bitcoin properly necessitates some measure of paranoia.

It looks like the little endian big endian issues mentioned here might be at play.

LOL. The address has nothing to do with anything. You're allowing yourself to get worked up about minor bugs in software you don't understand. Please try to relax.