[coinb.in] Open Source, Multi Signature, HD Wallet, SegWit/Bech32 and more!

[OutCast3k]

I've made a few changes to improve usability and fixed a couple of small bugs.

The biggest change I've made is an update for those wanting to manipulate the transaction inputs, so let me know how you get on - any suggestions are most welcome.

[americandesi]

I've made a few changes to improve usability and fixed a couple of small bugs.

The biggest change I've made is an update for those wanting to manipulate the the transaction inputs, so let me know how you get on - any suggestions are most welcome.

Thanks mate. I had sent you a PM a few days ago. Kindly have a look and appreciate if you could reply.

[malevolent]

It might be over 500 bytes... in which case (I'm told) it won't get confirmed by anyone.

500 bytes is only for the scriptSig to pass the IsStandard() check.

[yiidev]

Is the service currently operational?

I noticed that on your site, you currently have this message up:
We're currently experiecing some techincal issues. Service will return to normal shortly. Sorry for any inconvenience caused.

I was trying to test this functionality out, I do not believe I can currently complete a transaction.  When I attempt to "Sign" - nothing happens.  It just sits there - am I doing something wrong?

I was able to create the multi-sig address, and I was able to send a small amount of BTC to this address.  Now I am trying to sign the transaction and release the funds.

[OutCast3k]

Is the service currently operational?

I noticed that on your site, you currently have this message up:
We're currently experiecing some techincal issues. Service will return to normal shortly. Sorry for any inconvenience caused.

Yes the mutlisig part of the site is fully operational.

I was trying to test this functionality out, I do not believe I can currently complete a transaction.  When I attempt to "Sign" - nothing happens.  It just sits there - am I doing something wrong?

I was able to create the multi-sig address, and I was able to send a small amount of BTC to this address.  Now I am trying to sign the transaction and release the funds.

I've just tested it and it works, what browser are you using?

[TierNolan]

Actually no! P2SH doesn't have an explicit limitations beyond the 520byte P2SH redeemScript limit, and more importantly the 500-byte scriptSig limit for IsStandard() transactions, so n and m just need to fit within that. Try it!

Does this mean that the reference client hasn't implemented the BIP as stated?  It is supposed to verify that the serialized script is standard, right?

Is the issue that the isStandard() only checks the scriptPub and the serialized script is in the scriptSig?

[waxwing]

Actually no! P2SH doesn't have an explicit limitations beyond the 520byte P2SH redeemScript limit, and more importantly the 500-byte scriptSig limit for IsStandard() transactions, so n and m just need to fit within that. Try it!

Does this mean that the reference client hasn't implemented the BIP as stated?  It is supposed to verify that the serialized script is standard, right?

Is the issue that the isStandard() only checks the scriptPub and the serialized script is in the scriptSig?

The 520 byte limit for the redeemscript is "absolute" (not depending on isStandard()). ie your m signatures plus your n pubkeys plus a few bytes must be less than 520.

The 500 byte limit for the whole scriptSig is an isStandard() rule, and so you can send out transactions which violate this limit via for example Eligius. Or, at least, you *may* be able to.

[TierNolan]

The 520 byte limit for the redeemscript is "absolute" (not depending on isStandard()). ie your m signatures plus your n pubkeys plus a few bytes must be less than 520.

The 500 byte limit for the whole scriptSig is an isStandard() rule, and so you can send out transactions which violate this limit via for example Eligius. Or, at least, you *may* be able to.

My question was about the contents of the serialized script in the p2sh.  It sounds like that doesn't actually have to be a standard script (unlike what the BIP says).

[waxwing]

The 520 byte limit for the redeemscript is "absolute" (not depending on isStandard()). ie your m signatures plus your n pubkeys plus a few bytes must be less than 520.

The 500 byte limit for the whole scriptSig is an isStandard() rule, and so you can send out transactions which violate this limit via for example Eligius. Or, at least, you *may* be able to.

My question was about the contents of the serialized script in the p2sh.  It sounds like that doesn't actually have to be a standard script (unlike what the BIP says).

The contents of the redeemscript/serialized script is M pubkey pubkey ... N OP_CHECKMULTISIG.
I presume this is 'standard' in the sense that this is the form of the pre-p2sh "raw" multisig script.

[TierNolan]

The contents of the redeemscript/serialized script is M pubkey pubkey ... N OP_CHECKMULTISIG.
I presume this is 'standard' in the sense that this is the form of the pre-p2sh "raw" multisig script.

The question was why you can have more than 3 keys for multi-sig, if you use P2SH.  It is supposed to check the serialized script that hashes to the hash, and make sure that is standard too.

This check is obviously not made with P2SH for multisig.

[fbueller]

So, I'm testing Coinb.in against Bitwasp, since clients can't really support P2SH. I've rigorously tested it against bitcoind which works fine. I love the idea of a JS tool to sign these transactions, but I'm having difficulty with a transaction. Coinb.in seems to be replacing the signature added by the first signer, rather than just adding the second?

I created 3Cmsk15NRXapShxZktkCRFfC7ef9Y9ecnw, with this redeemScript:

Code:

5221031174b9ebf4014181289a3923d6d17205a25808dbd6397bc747e0a5631948adc741043ce7c793baf8aec463114411d685b2ebb27e4b4b578543d82bba5c36e17e3950bef11cb1838c9cdb2323db12ac1c132f2aaba10cfc0b3b1528affe507436c5fc41048bff65f68fad7a6519dd8b6f9232e0ce2e39ad9df9fd1c46a26ebabfd915a7257d3fa34d90f0b02e2ddf1e954f0200037834f7987934ce096999b073eb9d4ef053ae

The first key came from bitcoind, the second from coinbin (private key: 5HwKMWwMpdM5vU62K6zMJjse3ZGWUntZbz1W6UdgWySs3MAaEpD), the deterministically derived from electrum.

I created the following raw transaction spending it to two outputs:

Code:

010000000149306d4e998d629471a261e23593aa96f06e37faf9f29a773032fe01fb3ab84e0000000000ffffffff0210270000000000001976a91463bdd38a5e555ad7c775a64139420ba302201c2d88ac204e0000000000001976a914e3ad4cf590cd02b629ca5e65ed8f27d499edefde88ac00000000

I signed it in bitcoind (the first key in the redeemScript), then took the transaction to Coinbin, loaded the verify tab, it confirmed 1 of 2 needed signatures were there:
010000000149306d4e998d629471a261e23593aa96f06e37faf9f29a773032fe01fb3ab84e00000 000f400473044022041e3be1f1f5b2df1504219d45199b02822940885e347354b392e8d638a304dfe02200b3 80ed825e2b82bcdebdf8986ceb58e90de7f0dca73185c491b174cbd3502c9014ca95221031174b9ebf4014181289a3923d6d17205a25808dbd6397bc747e0a5631948adc741043 ce7c793baf8aec463114411d685b2ebb27e4b4b578543d82bba5c36e17e3950bef11cb1838c9cdb 2323db12ac1c132f2aaba10cfc0b3b1528affe507436c5fc41048bff65f68fad7a6519dd8b6f923 2e0ce2e39ad9df9fd1c46a26ebabfd915a7257d3fa34d90f0b02e2ddf1e954f0200037834f79879 34ce096999b073eb9d4ef053aeffffffff0210270000000000001976a91463bdd38a5e555ad7c77 5a64139420ba302201c2d88ac204e0000000000001976a914e3ad4cf590cd02b629ca5e65ed8f27 d499edefde88ac00000000

So I copied the private key from the Bitcoin Keys tab, to the Sign tab, as well as the above transaction. I clicked sign, and up pops:
010000000149306d4e998d629471a261e23593aa96f06e37faf9f29a773032fe01fb3ab84e00000 000f4004730440220588e2a0e528e6545cc1650bf608ca92a2eacb6cd2e8ff6e051d1206770672b11022074e 0fd24e9c352ace7112feff2e1c9bd456162760a16a30e3a947bfce44ccd06014ca95221031174b9ebf4014181289a3923d6d17205a25808dbd6397bc747e0a5631948adc741043 ce7c793baf8aec463114411d685b2ebb27e4b4b578543d82bba5c36e17e3950bef11cb1838c9cdb 2323db12ac1c132f2aaba10cfc0b3b1528affe507436c5fc41048bff65f68fad7a6519dd8b6f923 2e0ce2e39ad9df9fd1c46a26ebabfd915a7257d3fa34d90f0b02e2ddf1e954f0200037834f79879 34ce096999b073eb9d4ef053aeffffffff0210270000000000001976a91463bdd38a5e555ad7c77 5a64139420ba302201c2d88ac204e0000000000001976a914e3ad4cf590cd02b629ca5e65ed8f27 d499edefde88ac00000000

Which when passed to the Verify tab says only one signature is added, as highlighted above, and it's different to the one I added. There's an implicit reward here for anyone who can help..

[OutCast3k]

So, I'm testing Coinb.in against Bitwasp, since clients can't really support P2SH. I've rigorously tested it against bitcoind which works fine. I love the idea of a JS tool to sign these transactions, but I'm having difficulty with a transaction. Coinb.in seems to be replacing the signature added by the first signer, rather than just adding the second?

Will run a few tests now..

*edit* my test case worked fine. what browser are you working with?

[fbueller]

Will run a few tests now..

*edit* my test case worked fine. what browser are you working with?

I'm using Chrome on Windows. My linux netbook can't handle that page for some reason, the script becomes unresponsive (debian, iceweasel, 2gb ram), so I did it here. I'll download firefox for windows and try that.

[OutCast3k]

Will run a few tests now..

*edit* my test case worked fine. what browser are you working with?

I'm using Chrome on Windows. My linux netbook can't handle that page for some reason, the script becomes unresponsive (debian, iceweasel, 2gb ram), so I did it here. I'll download firefox for windows and try that.

I've made a couple of tweaks to the source code which should decrease the load when attempting to sign, so let me know if your netbook handles it any better.

What version of chrome are you using? How did you get on with firefox?

My tests cases:

https://blockchain.info/tx/652724841d5feea4a80c01225577ed012bef80634e033cd1f2a33a937eeaa2fb

https://blockchain.info/tx/63093ac0911672afb041763d68edca6815952accda98b95dfec5cb96cd1ea129

[fbueller]

I've made a couple of tweaks to the source code which should decrease the load when attempting to sign, so let me know if your netbook handles it any better.

What version of chrome are you using? How did you get on with firefox?

My tests cases:

https://blockchain.info/tx/652724841d5feea4a80c01225577ed012bef80634e033cd1f2a33a937eeaa2fb

https://blockchain.info/tx/63093ac0911672afb041763d68edca6815952accda98b95dfec5cb96cd1ea129

Awesome, cheers.

I tried it again on Chrome. Trying to sign the partially signed transaction just yields a transaction with one different signature.
I tried with the unsigned transaction, and that failed too.

One thing that could be causing trouble is that I'm using one compressed keys, I notice it asks for them to be uncompressed when you're entering them? But, then again, the key I'm having trouble signed with came from Coinb.in.

Have you tried signing the transaction I pasted? I've used Coinbin before, and been telling a lot of people about it.

[OutCast3k]

Awesome, cheers.

I tried it again on Chrome. Trying to sign the partially signed transaction just yields a transaction with one different signature.
I tried with the unsigned transaction, and that failed too.

One thing that could be causing trouble is that I'm using one compressed keys, I notice it asks for them to be uncompressed when you're entering them? But, then again, the key I'm having trouble signed with came from Coinb.in.

Have you tried signing the transaction I pasted? I've used Coinbin before, and been telling a lot of people about it.

As I'm sure you are aware; signatures must be added to the 'scriptSig' in the same order the 'public keys' are found in the 'redeem script', because of this signatures aren't simply inserted to the scriptSig, they are rebuilt. The code for this is here:

Code:

	var pubkeyList = scriptListPubkey(redeemScript);
	var sigsList = scriptListSigs(o.script);
	sigsList[countObject(sigsList)+1] = signature;
	for(x in pubkeyList){
		for(y in sigsList){
			if(Bitcoin.ECDSA.verify(sighash, sigsList[y], pubkeyList[x])){
				s.writeBytes(sigsList[y]);
			}
		}
	}

So, I suspect when the Bitcoin.ECDSA.verify() function is called it fails to validate your signature against a public key because its the wrong kind. (i.e. its compressed when it should be uncompressed) This means its not re-added.

I'm not sure how you'd fix this exactly, but I will have a think.

[fbueller]

As I'm sure you are aware; signatures must be added to the 'scriptSig' in the same order the 'public keys' are found in the 'redeem script', because of this signatures aren't simply inserted to the scriptSig, they are rebuilt. The code for this is here:

Code:

	var pubkeyList = scriptListPubkey(redeemScript);
	var sigsList = scriptListSigs(o.script);
	sigsList[countObject(sigsList)+1] = signature;
	for(x in pubkeyList){
		for(y in sigsList){
			if(Bitcoin.ECDSA.verify(sighash, sigsList[y], pubkeyList[x])){
				s.writeBytes(sigsList[y]);
			}
		}
	}

So, I suspect when the Bitcoin.ECDSA.verify() function is called it fails to validate your signature against a public key because its the wrong kind. (i.e. its compressed when it should be uncompressed) This means its not re-added.

I'm not sure how you'd fix this exactly, but I will have a think.

Ah interesting. I didn't know they had to have a particular order. While you can't just change the public keys in the redeemScript, could scriptListPubkey() decompress public keys as they're encountered? I'm guessing elsewhere it expects them to be uncompressed too to have easy access to the full key.

[fbueller]

Any further thoughts on this? Every client that upgrades to BIP0032 will not be able to use your service, and right now, bitcoind (the only to work with P2SH) returns compressed keys and will not work with your site.

In fact I realize now why it worked before but not now. Back then I created the address with all uncompressed keys! But this is unrealistic right now.

[arorts]

BTW, does anyone know how to import a multi-signature wallet (which requires at least 2 out of 3 keys for basic multi signature)?

I've seen this command in the console but it seems to accept only one private key! How to specify the second, third, etc??

importprivkey <litecoinprivkey> [label] [rescan=true]

Anyone?

[gweedo]

BTW, does anyone know how to import a multi-signature wallet (which requires at least 2 out of 3 keys for basic multi signature)?

I've seen this command in the console but it seems to accept only one private key! How to specify the second, third, etc??

importprivkey <litecoinprivkey> [label] [rescan=true]

Anyone?

addmultisigaddress