Blockchain.info - Bitcoin Block explorer & Currency Statistics

[Stefan Thomas]

10 BTC bounty for anyone who can finish the function below (depends on bitcoin-js) and produce a verifyMessage as well.

I implemented this as you asked:

https://github.com/bitcoinjs/bitcoinjs-lib/commit/9b2f94a028a7bc9bed94e0722563e9ff1d8e8db8

When ErebusBat asked for this on IRC it seemed like a fairly innocent feature request, I had no idea what I was getting myself into. A few hours later I was implementing the Tonelli-Shanks algorithm (another JavaScript first I think?) and calculating Legendre symbols.

The reason for all the complexity? Bitcoin's message signing facility uses compact signatures which use public key extraction to recover the pubkey from the signature. The Bitcoin core devs happily do their little calls out to the OpenSSL API, not realizing they just pulled in pages worth of algorithms.

Public key extraction is also very computationally expensive. Generating compact signatures is even worse, as the algorithm does 1-4 test verifications while signing. There are some more optimizations I can do, but this will almost certainly be too slow to run on smartphones. (Unless you find a way to hook up BitcoinJS' BigInt to a native big integer implementation of course.)

There is still one bug I have to figure out related to our implementation of Shamir's trick. Hopefully I'll be able to do that this weekend. We could really use a proper suite of unit tests for bitcoinjs-lib.

(The four test cases at the bottom of message.js will obviously be removed once I officially release this.)

[ErebusBat]

Wow, just wow.  What is your address?

[BkkCoins]

Wow, just wow.  What is your address?

Ya, when I see the programming skillz of some community members around here it just make me feel like Salieri listening to Mozart.

[2weiX]

Wow, just wow.  What is your address?

Ya, when I see the programming skillz of some community members around here it just make me feel like Salieri listening to Mozart.

I hate myself for having hated math in school and university.

*punches self in eye*
*with a fork*

[piuk]

I implemented this as you asked:

Amazing work Stefan. I kind of feel like this now http://www.youtube.com/watch?v=tqY3VHubd_g Thank You.

On Message.js line 40 I think there is a slight typo (should be r & s instead of two r's?)

var rBa = obj.r.toByteArrayUnsigned();
var sBa = obj.s.toByteArrayUnsigned();

Where would you like the bounty to be sent?

Sign Message Now available by clicking on the blue icon on the [Receive Money] tab.



Verify Message available under "More Actions"

[2weiX]

cant find the "sign message" thingy - could find the "verify message" thingy tho.

[BkkCoins]

cant find the "sign message" thingy - could find the "verify message" thingy tho.

It's the little blue "i" next to each address. Brings up a menu.

Just verified a message signed by satoshi client and it worked for me.

piuk: Do you think maybe the "More Actions" button could be moved or duplicated up top? I find I have to scroll way down just to see it. Or maybe I have too many addresses.

[2weiX]

gribble for one doesnt accept my signatures.
might be cause i am on via webchat tho.

[piuk]

piuk: Do you think maybe the "More Actions" button could be moved or duplicated up top? I find I have to scroll way down just to see it. Or maybe I have too many addresses.

I guess I could try it on the top right.

gribble for one doesnt accept my signatures.
might be cause i am on via webchat tho.

I seems some messages validate and other don't

$ ./bitcoind verifymessage 1Q1AtvCyKhtveGm3187mgNRh5YcukUWjQC HwwPlMpx6qOwsUVK8Bn1UKB0byrlPmBzEgkKDWGVxO5Z4eFJzTg1tE1gyv8AYW+VB+iBb1rEbPhr8sE9oE5Le2Y= "Testing 123" = false

$./bitcoind verifymessage 1Q1AtvCyKhtveGm3187mgNRh5YcukUWjQC H/0CJ7DU3A2Yhx2M5mEqo+SiRIX1yGX+cHx91UJunWeQKJyEvQLs3xtgljHqqsrNhHmVnjtmfdRjdOg4toflftY= "Testing" = true

Stephan, any chance this could be related to this issue I had with DER encoding a while back (http://crypto.stackexchange.com/questions/1795/converting-a-der-ecdsa-signature-to-asn-1)?

The javascript code invokes a method called toByteArrayUnsigned; that name is evocative of conversion to an unsigned representation (i.e. always positive, even if the first bit is a 1), and that's wrong for DER

[Stefan Thomas]

Stephan, any chance this could be related to this issue I had with DER encoding a while back (http://crypto.stackexchange.com/questions/1795/converting-a-der-ecdsa-signature-to-asn-1)?

No, these signatures aren't DER encoded at all. I'll take a look at your test cases and debug!

[Stefan Thomas]

No, these signatures aren't DER encoded at all. I'll take a look at your test cases and debug!

Fixed: https://github.com/bitcoinjs/bitcoinjs-lib/compare/de6cfd37db...49114d6540

I also simplified the code somewhat: https://github.com/bitcoinjs/bitcoinjs-lib/commit/de6cfd37db72a8c29acacaf2aa33d46e88ca4b15

And by "somewhat" I mean a LOT. ^^'

Apparently all the fancy algorithm stuff I did was completely superfluous. - Thanks to Joric for the pointer.

[IveBeenBit]

New bug - in IE 9.09(?) when trying to send a custom transaction and have change returned to the sending address & with a 0.0005 miner fee, when I click "review transaction" I get the following error:

TypeError: Unable to get value of the property 'toByteArrayUnsigned': object is null or undefined

Also, the text/table formating is still screwed up in Opera 12.01. If it would help you to know what I mean, I can send you a screen capture if you PM me an email address.

[Joric]

Apparently all the fancy algorithm stuff I did was completely superfluous. - Thanks to Joric for the pointer.

You're welcome! Damn, I should read forum more often, I wrote js siginig/verifying code 08-12 and the bounty was pledged 08-14. My tip jar is in the signature.

[piuk]

Fixed: https://github.com/bitcoinjs/bitcoinjs-lib/compare/de6cfd37db...49114d6540

Thanks Stefan, seems to be working well now.

2weiX, are you able to confirm the signatures work with gribble?

New bug - in IE 9.09(?) when trying to send a custom transaction and have change returned to the sending address & with a 0.0005 miner fee, when I click "review transaction" I get the following error:

TypeError: Unable to get value of the property 'toByteArrayUnsigned': object is null or undefined

Also, the text/table formating is still screwed up in Opera 12.01. If it would help you to know what I mean, I can send you a screen capture if you PM me an email address.

Whoops, I introduced this bug when I merged the some changes last night. Should be fixed now. Please send screenshots to support@pi.uk.com if you can.

You're welcome! Damn, I should read forum more often, I wrote js siginig/verifying code 08-12 and the bounty was pledged 08-14. My tip jar is in the signature.

Ah, I didn't realize it was already on brainwallet.org. Thanks.

[Stefan Thomas]

I also went ahead and fixed the DER bug: https://github.com/bitcoinjs/bitcoinjs-lib/commit/07f9d55ccb6abd962efb6befdd37671f85ea4ff9

@piuk: Can you have a look at the patch please and let me know if it looks correct to you?

Where would you like the bounty to be sent?

The BitcoinJS tip jar is: 13SjwsodtKsAhQwPx14s7aqKpnooeep4i5

Feel free to split the bounty between Joric and me. I did it mostly because I thought it'd be fun (and it was. )

[Peter Todd]

Feature request: It'd be nice if there was a way to set specify what network fees anonymous transactions are sent with. Fee priority is going to be in the mainline client soon, and the current system with <0.0005BTC fees sometimes takes an inordinately long amount of time to get into a block. Usually I send my own transfers with fees of more like 0.01; $0.15USD isn't a big deal if you're transferring $150USD...

Also: Stefan, great work!

[zvs]

Hi,
We've checked  http://blockchain.info/pools again and still couldn't find 50BTC.com on diagramm.
It seems very strange, cause  we have more than 1,1 Th/S. An we've found lot of blocks.
It is some special attitude to us?)))
Could we somehow handle it?

Did you give them a list of your IPs? Because if they show up in the list of unknown IPs under the pool graph then that means they haven't linked the IPs to your pool yet.

I did a quick look. Maybe you are 176.9.135.190? That seems near your 50btc.com @ 176.9.130.31 or pool.50btc.com @ 176.9.130.35. I'm answering because I happen to mine at 50btc.

You could look up your last block on blockchain.info and see what it says for "Relayed by" IP.

I see  5.9.24.81 for your 3 most recent blocks which means you'd be the #1 unknown IP with 11 blocks not being tagged as 50btc.com

oh, so that's why 176.9.135.190 firewalled me

not the proper solution, just slows down the distribution of your blocks

like:

https://blockchain.info/inv/00000000000004abca35e6ba287d591901e3abf0077603190167f709df3995e7

the last block, it doesn't report 5.9.24.81, it reports BTC Guild

i assume it's based on the 'CoinBase' message

these blocks:

https://blockchain.info/block-index/261348/000000000000041072034e183b4950799f4c90fc791e153f6aca6dba300d64a6      (<-- good example of being owned due to including transactions)

https://blockchain.info/block-index/261353/000000000000039dcdd2a28c8921eeb3a63dfd52f881c8360abee1109e6a58e4

https://blockchain.info/block-index/261209/00000000000005eb98528803ea1641e72ac006a1cb5d78ad644e63ab12d20511

https://blockchain.info/block-index/261183/000000000000037077bb58bbc476dbe4974f72db94f3582be7121091d5264755

are being attributed to deepbit when they're actually 50btc

this one is triplemining, not deepbit:

https://blockchain.info/block-index/261231/00000000000005398e2fc8b3d25b081cffb0d2afacfa952f1fdd065101cc3a76

and this latest one is 50btc, not deepbit:

https://blockchain.info/block-index/261360/00000000000001b16214c0db6aca7d758cf41713a7e9fe08494d6254be0723cd

as is this one:

https://blockchain.info/block-index/261362/000000000000060092e13b9270a9d0b350ae659ef5fb287302561847f2c5f562

and this:

https://blockchain.info/block-index/261374/00000000000006d3eba265f9a2c5ccd513a4055abd602d8cbbe1a456c968b432

[dancupid]

I spotted a minor spelling error

"Sucessfully decrypted wallet" - should be 'successfully'.

Thanks for the excellent service.

[piuk]

I also went ahead and fixed the DER bug: https://github.com/bitcoinjs/bitcoinjs-lib/commit/07f9d55ccb6abd962efb6befdd37671f85ea4ff9

@piuk: Can you have a look at the patch please and let me know if it looks correct to you?

Where would you like the bounty to be sent?

The BitcoinJS tip jar is: 13SjwsodtKsAhQwPx14s7aqKpnooeep4i5

Feel free to split the bounty between Joric and me. I did it mostly because I thought it'd be fun (and it was. )

Looks good to me, I'll test it later with the java decoding routine. I sent the bounty to you and Joric.

I spotted a minor spelling error

Fixed, thanks.

are being attributed to deepbit when they're actually 50btc

Both deepbit and 50BTC are hosted by the same isp (Hetzner Online) which makes it really hard to separate their blocks. Unfortunately as neither pool tags their coinbase a best guess has to be made.

------

New ticker feed available at http://blockchain.info/exchange_rates_api
SMS Deposits are back https://blockchain.info/wallet/sms-phone-deposits

[phatsphere]

Verify Message available under "More Actions"

It took me literally 15 minutes to find this. Is there any particular reason why it is placed there? I mean, this is independent of the addresses, right?

I think all those features are great, but the UI seems to suffer from adding more features afterwards.

I suggest to replace this blue "i" icon on the left of addresses with a drop-down menu called "actions" on the far right of this table. this table contains those features that are listed when you click on the "i". Then, you can obviously scrap the "archive" icon on the right, too.

Second, I suggest a new top-level page right next to "import / export", called "utilities" or something like that. That's the perfect place for this "verify" feature and probably some others.