Bitcoin testnet transaction getting dropped with prefix on S

[rohanagarwal94]

So a weird thing is happening lately. The transaction of a particular format is being accepted by blockcypher but it is not getting confirmations, and therefore gets dropped after a day. So the transactions where we add 0x00 prefix to the S part is not getting accepted by the network. And that includes 2 types of transactions out of 4 possible (1 450 length, 1 454 length, 1 0x00 R 452, 1 0x00 S 452).

The address is - This is the transaction hex which is getting dropped. 01000000011dcfb1dbfdb10e845c612dcbdfa59003f515f0d34eedaa86be1ba0d3112d984301000 0006b48304502207e31d081b959a9737752206fda158c25f70ae98ff79fc77e000e7973bcffc973 022100ee0f679280cd49d1f2c8acdf736616fde2b6ff97847854d85ea7f318f1d0f5dd012102e09 ba950a97153ca600874160aeff2180503b09c48eaf1b6e9a996e1ac53878effffffff0210668d06 000000001976a9147717190b2ee8d59e56331c7cfe05dde0d5cd8a9c88ac50c3000000000000197 6a914c9f81199e2995d4422c8c41fec4efa04347e66e388ac00000000

This is happening in the case where the transaction size is 454 also.

Similarly, in the DOGE testnet, the transactions 0x00 prefix are not getting accepted.

450 length, getting accepted 01000000019b378856dc85a0050441c0b2d36df229d044c94068c9fb34bfe7aec62a61e40700000 0006a47304402207796b1bb161e6312d9ca701276017a9ec9214702c1fec6f9737aae33eb397090 022014477b16bf406ec0f3f7b2675697b92db7cf88b9284b34d6d3f4986a8762a8f3012102e09ba 950a97153ca600874160aeff2180503b09c48eaf1b6e9a996e1ac53878effffffff02d0b89fd4e8 0000001976a9147717190b2ee8d59e56331c7cfe05dde0d5cd8a9c88ac50c30000000000001976a 914c9f81199e2995d4422c8c41fec4efa04347e66e388ac00000000

454 length, 0x00 both R & S prefix, not getting accepted 01000000017e19a7db653e9c1894f796e52799d9ef65ec39e73138544f824cc5481825ea3b00000 0006c493046022100adc83ce6cb3d2f89687ae732f70fdd35e5ec1f91afc3c0b09f714af6b54141 830221009aa7dacbfa371e61f572e5dd7bf93eccdca2c7b30a538559766c8d79d60d4ebb012102e 09ba950a97153ca600874160aeff2180503b09c48eaf1b6e9a996e1ac53878effffffff0240caa0 d4e80000001976a9147717190b2ee8d59e56331c7cfe05dde0d5cd8a9c88ac50c30000000000001 976a914c9f81199e2995d4422c8c41fec4efa04347e66e388ac00000000

452 length, 0x00 R prefix, getting accepted 01000000016f3f293165f3e972014d022a97a69e718e49830342c6fde7dc5413b049b7a95400000 0006b483045022100ad44292bd19f1b0a3f00a40c87332eb303e835fa89bb3fe66efd52bdf6791b 2e0220013ffacc47d974cc7bb51d4bb5cbe4e5b2386024bef50174845b04618c8101b5012102e09 ba950a97153ca600874160aeff2180503b09c48eaf1b6e9a996e1ac53878effffffff02b0dba1d4 e80000001976a9147717190b2ee8d59e56331c7cfe05dde0d5cd8a9c88ac50c3000000000000197 6a914c9f81199e2995d4422c8c41fec4efa04347e66e388ac00000000

452 length, 0x00 S prefix, not getting accepted 01000000017e19a7db653e9c1894f796e52799d9ef65ec39e73138544f824cc5481825ea3b00000 0006b48304502201c71b41acb5fb477151ebdcdafb86830df870cf9bb616771149fc4603eab48a7 022100921407eac86abb75d2403a9a69a7d85fc41143eee65f29a64096afad3d00ceec012102e09 ba950a97153ca600874160aeff2180503b09c48eaf1b6e9a996e1ac53878effffffff0240caa0d4 e80000001976a9147717190b2ee8d59e56331c7cfe05dde0d5cd8a9c88ac50c3000000000000197 6a914c9f81199e2995d4422c8c41fec4efa04347e66e388ac00000000

I have been stuck on this for quite some time now. The private key is HD derived. Would appreciate any help on this.

[starmyc]

Not a crypto expert right there, but it seems your signature is considered invalid in that case:

Code:

./src/bitcoin-cli -testnet -datadir=d0 sendrawtransaction 01000000011dcfb1dbfdb10e845c612dcbdfa59003f515f0d34eedaa86be1ba0d3112d9843010000006b48304502207e31d081b959a9737752206fda158c25f70ae98ff79fc77e000e7973bcffc973022100ee0f679280cd49d1f2c8acdf736616fde2b6ff97847854d85ea7f318f1d0f5dd012102e09ba950a97153ca600874160aeff2180503b09c48eaf1b6e9a996e1ac53878effffffff0210668d06000000001976a9147717190b2ee8d59e56331c7cfe05dde0d5cd8a9c88ac50c30000000000001976a914c9f81199e2995d4422c8c41fec4efa04347e66e388ac00000000
error code: -26
error message:
non-mandatory-script-verify-flag (Non-canonical signature: S value is unnecessarily high) (code 64)

With some code reading, I found out that your value is too big to fit the signature, and is simply rejected. This is happening when calling in the secp256k1_ecdsa_signature_normalize (which calls the secp256k1_scalar_is_high function in the secp256k1 library. I suggest you to take a look at those. Bitcoin will reject unnormalized signatures in order to prevent spam.

[rohanagarwal94]

I would have tipped you some BTC if I was any rich. Thanks for the help!!!

[pebwindkraft]

As per my comment on bitcoin.SE (https://bitcoin.stackexchange.com/questions/76982/bitcoin-testnet-transaction-getting-dropped-with-prefix-on-s#comment88834_76982), also the sources for checking the signature are here:
https://github.com/bitcoin/bitcoin/blob/master/src/script/interpreter.cpp#L97
Though not clear where the code -26 comes from...

[Lis_csb]

your signature is seems invalid :

Code:

Code:

./src/bitcoin-cli -testnet -datadir=d0 sendrawtransaction 01000000011dcfb1dbfdb10e845c612dcbdfa59003f515f0d34eedaa86be1ba0d3112d9843010000006b48304502207e31d081b959a9737752206fda158c25f70ae98ff79fc77e000e7973bcffc973022100ee0f679280cd49d1f2c8acdf736616fde2b6ff97847854d85ea7f318f1d0f5dd012102e09ba950a97153ca600874160aeff2180503b09c48eaf1b6e9a996e1ac53878effffffff0210668d06000000001976a9147717190b2ee8d59e56331c7cfe05dde0d5cd8a9c88ac50c30000000000001976a914c9f81199e2995d4422c8c41fec4efa04347e66e388ac00000000
error code: -26
error message:
non-mandatory-script-verify-flag (Non-canonical signature: S value is unnecessarily high) (code 64)

have you see ?