where is the source code for BaseSignatureChecker.CheckSig() method in core?

[pooya87]

https://github.com/bitcoin/bitcoin/blob/master/src/script/interpreter.cpp#L366

I am trying to figure out how the CheckSig(vchSig, vchPubKey, scriptCode, sigversion); method works but i can't find the method itself on github. all i could find was the base method from the BaseSignatureChecker class inside interpreter.h file which seems to be an abstract one that returns false.

could you direct me to the implementation of this method?

[achow101]

https://github.com/bitcoin/bitcoin/blob/master/src/script/interpreter.cpp#L1395

[pooya87]

Thanks @achow101
one follow up question: why is CPubKey constructor comparing first byte of the public key with 6 and 7 when the first byte by ECC standard is always 4 (for uncompressed keys)?
https://github.com/bitcoin/bitcoin/blob/99813a9745fe10a58bedd7a4cb721faf14f907a4/src/pubkey.h#L61

[gmaxwell]

ANSI X9.62-1998 Sections 4.3.6 and 4.3.7, "Hybrid pubkeys".

It's a useless combination of compressed (sign flagging) and uncompressed (65 bytes).

[pooya87]

ANSI X9.62-1998 Sections 4.3.6 and 4.3.7, "Hybrid pubkeys".
It's a useless combination of compressed (sign flagging) and uncompressed (65 bytes).

Interesting enough this transaction (on testnet) is rejected by most nodes (non-mandatory-script-verify-flag (Public key is neither compressed or uncompressed) (code 64)) but blockcypher seems to have accepted it
https://live.blockcypher.com/btc-testnet/tx/62767e45ece34f062d30b96e42c06e859060a39f7a0d415ef16093e1eb5a444d/
not sure if it ever confirms.

the public key used was the hybrid format (unless i made a mistake in its encoding):

Code:

060759817c1ea18215c87e05c61b1240a82a610d7c5adc20096e7c8e0e776a76243b3efb8274648e9cd74ad4cb19dfe2407a5bc61cc1830d8b064dfa206b329f58

can you explain why?

EDIT:
after some hours i decided to mine it myself on regtest. FWIW it seems like that tx above is rejected by nodes for some rule that is a non-standard rule but is not disabled by the flags for some reason.

this is my current chain tip:

Code:

{
"hash" : "00c90e72e64f1f32a85eb3deaeddb1885d2941284f8e7e3b2023a8a3978d1bdd",
"confirmations" : 1,
"size" : 403,
"height" : 106,
"version" : 1,
"merkleroot" : "d6ebe31145006e3d74193f992230397e1aa1fe557dbedb63660f506aa6b4a43e",
"tx" : [
"90bc34258b9488da8de495faabe61b5bae30938ded29045ff558573afb991a35",
"2580a4449a7f073d7105af05f04544931e6ae3050c1f7bd49b1bd9350bd9efa3"
],
"time" : 1587641791,
"nonce" : 436207616,
"bits" : "207fffff",
"difficulty" : 0.00000000,
"chainwork" : "00000000000000000000000000000000000000000000000000000000000000d6",
"previousblockhash" : "009785fe83e565c66fffa92c583b3f40b4b26cdae7c1dd4322cfc857fd5cd302"
}

the second tx id is this (same hybrid pubkey as above 0x060759....):

Code:

0100000001dad4a3d113daffc5bcbf320daa32d23c26584ae90a71361cd38ae4fe1b855140010000008b483045022100cc3fb974db4f96fbecbb778992d2cdb105b96d33b60bc50a3898980364d6f798022043413d9a658ac18af7eecbeb132d3d479eaf5d55d8b8a28c117464ace01974670141060759817c1ea18215c87e05c61b1240a82a610d7c5adc20096e7c8e0e776a76243b3efb8274648e9cd74ad4cb19dfe2407a5bc61cc1830d8b064dfa206b329f58ffffffff0114410f000000000017a9143e443375e10eef0236cdb243bdec473918c9a1dd8700000000

in other words the tx was indeed mined and is valid.

[gmaxwell]

Yes, hybrid keys in non-segwit scripts are valid-- as they were accepted by the original software by virtue of openssl's behaviour, but they're non-standard so they generally won't relay or get mined on mainnet.