Bitcoin Forum
December 14, 2017, 11:58:52 PM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: [bitcoind] [brainwallet.org] Verify message, different results for same message  (Read 2134 times)
dexX7
Legendary
*
Offline Offline

Activity: 1064



View Profile WWW
October 11, 2013, 03:54:13 AM
 #1

A user in #bitcoin-assets mentioned that the message and signature he generated resolves to another address on brainwallet.org as it was intended to. I tried to pin down the problem and this is what I found out:

A message with the very special char ’ + more than 249 other (normal) chars resolves to different Bitcoin addresses when bitcoind and brainwallet.org is used.

1. ’ + 249 other chars:

Message:

Code:
’XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Signature generated by brainwallet.org:

Code:
HAeEUZHzDgDOZSLakU0TahyaZX6Wb5ViMUJByFqOrVHPE1lNK8XTu3FPMYDAP7erqf7IuHECBKIB3h5ymVfKHjA=

brainwallet.org output:

Code:
Verified to: 17mDAmveV5wBwxajBsY7g1trbMW1DVWcgL

bitcoind "verify message" for 17mDAmveV5wBwxajBsY7g1trbMW1DVWcgL:

Code:
Message verfied.

2. ’ + 250 other chars:

Code:
’XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Signature generated by brainwallet.org:

Code:
HBHMfRLvk0aMj4B9mAY5RRJcweTaYh1q/74/rh3nzv36ytjhgOGumBJwvi0KTv7XhzZdr+wQ05egf05dN3mo5O8=

brainwallet.org output:

Code:
Verified to: 17mDAmveV5wBwxajBsY7g1trbMW1DVWcgL

bitcoind "verify message" for 17mDAmveV5wBwxajBsY7g1trbMW1DVWcgL:

Code:
Message verification failed.

bitcoind "verify message" for 1Cza7rVEy928uJjC5p2oBZAKgTr2c2tFuy:

Code:
Message verified.


While ’ seems to be a very special character, it's a strange behaviour which I can't explain.

1513295932
Hero Member
*
Offline Offline

Posts: 1513295932

View Profile Personal Message (Offline)

Ignore
1513295932
Reply with quote  #2

1513295932
Report to moderator
1513295932
Hero Member
*
Offline Offline

Posts: 1513295932

View Profile Personal Message (Offline)

Ignore
1513295932
Reply with quote  #2

1513295932
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
1513295932
Hero Member
*
Offline Offline

Posts: 1513295932

View Profile Personal Message (Offline)

Ignore
1513295932
Reply with quote  #2

1513295932
Report to moderator
1513295932
Hero Member
*
Offline Offline

Posts: 1513295932

View Profile Personal Message (Offline)

Ignore
1513295932
Reply with quote  #2

1513295932
Report to moderator
1513295932
Hero Member
*
Offline Offline

Posts: 1513295932

View Profile Personal Message (Offline)

Ignore
1513295932
Reply with quote  #2

1513295932
Report to moderator
fpgaminer
Hero Member
*****
Offline Offline

Activity: 560



View Profile WWW
October 11, 2013, 06:15:03 AM
 #2

Brainwallet.org is borked.  I commented on other issues with signing in this thread.  Your issue is probably related.

Atruk
Hero Member
*****
Offline Offline

Activity: 700



View Profile
October 11, 2013, 07:26:24 AM
 #3

A user in #bitcoin-assets mentioned that the message and signature he generated resolves to another address on brainwallet.org as it was intended to. I tried to pin down the problem and this is what I found out:

A message with the very special char ’ + more than 249 other (normal) chars resolves to different Bitcoin addresses when bitcoind and brainwallet.org is used.

1. ’ + 249 other chars:

Message:

Code:
’XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Signature generated by brainwallet.org:

Code:
HAeEUZHzDgDOZSLakU0TahyaZX6Wb5ViMUJByFqOrVHPE1lNK8XTu3FPMYDAP7erqf7IuHECBKIB3h5ymVfKHjA=

brainwallet.org output:

Code:
Verified to: 17mDAmveV5wBwxajBsY7g1trbMW1DVWcgL

bitcoind "verify message" for 17mDAmveV5wBwxajBsY7g1trbMW1DVWcgL:

Code:
Message verfied.

2. ’ + 250 other chars:

Code:
’XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX

Signature generated by brainwallet.org:

Code:
HBHMfRLvk0aMj4B9mAY5RRJcweTaYh1q/74/rh3nzv36ytjhgOGumBJwvi0KTv7XhzZdr+wQ05egf05dN3mo5O8=

brainwallet.org output:

Code:
Verified to: 17mDAmveV5wBwxajBsY7g1trbMW1DVWcgL

bitcoind "verify message" for 17mDAmveV5wBwxajBsY7g1trbMW1DVWcgL:

Code:
Message verification failed.

bitcoind "verify message" for 1Cza7rVEy928uJjC5p2oBZAKgTr2c2tFuy:

Code:
Message verified.


While ’ seems to be a very special character, it's a strange behaviour which I can't explain.

I'm investigating this behavior I reported earlier further. I'm doing further investigation which I probably lack the technical expertise to do right. I'm also digging through more forum threads et al.

I am still considering the bitcoin address 1LvCuntsJyFFQsLuJhBXBPokbQa7SAyMr4 invalid for message signing purposes into the future. This is bitcoin and not taking the measure of refuting the address's right to sign messages on my behalf would be the wrong step. Handling Bitcoin properly necessitates some measure of paranoia.

It looks like the little endian big endian issues mentioned here might be at play.

gmaxwell
Moderator
Legendary
*
qt
Offline Offline

Activity: 2366



View Profile
October 11, 2013, 11:42:35 PM
 #4

I'm investigating this behavior I reported earlier further. I'm doing further investigation which I probably lack the technical expertise to do right. I'm also digging through more forum threads et al.

I am still considering the bitcoin address 1LvCuntsJyFFQsLuJhBXBPokbQa7SAyMr4 invalid for message signing purposes into the future. This is bitcoin and not taking the measure of refuting the address's right to sign messages on my behalf would be the wrong step. Handling Bitcoin properly necessitates some measure of paranoia.

It looks like the little endian big endian issues mentioned here might be at play.
LOL. The address has nothing to do with anything. You're allowing yourself to get worked up about minor bugs in software you don't understand. Please try to relax.

Bitcoin will not be compromised
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!