[SOLVED] Generating and verifying signed messages for Altcoins

[tuaris]

I've put together some PHP code that is able to sign and verify signed message.  It is available on GitHub https://github.com/tuaris/CryptoCurrencyPHP.

The code is pretty simple to follow and it works fine for Bitcoin.

I just can't understand why it fails to generate a valid signature for Altcoins and also fails to verify a signed message from an Altcoin client.  I've made sure to set the correct address version when hashing/encoding the public key.

Besides that, is there anything different that is done when signing and verifying messages for other "address versions"?

Edit: Problem solved.  This now works properly for any crypto currency

[EcuaMobi]

I've put together some PHP code that is able to sign and verify signed message.  It is available on GitHub https://github.com/tuaris/CryptoCurrencyPHP.

The code is pretty simple to follow and it works fine for Bitcoin.

I just can't understand why it fails to generate a valid signature for Altcoins and also fails to verify a signed message from an Altcoin client.  I've made sure to set the correct address version when hashing/encoding the public key.

Besides that, it there anything different that is done when signing and verifying messages for other "address versions"?

There are an address version and a private key version. Did you change both or just the address?

Nice tool! I'm checking it now.

[tuaris]

I've put together some PHP code that is able to sign and verify signed message.  It is available on GitHub https://github.com/tuaris/CryptoCurrencyPHP.

The code is pretty simple to follow and it works fine for Bitcoin.

I just can't understand why it fails to generate a valid signature for Altcoins and also fails to verify a signed message from an Altcoin client.  I've made sure to set the correct address version when hashing/encoding the public key.

Besides that, it there anything different that is done when signing and verifying messages for other "address versions"?

There are an address version and a private key version. Did you change both or just the address?

Nice tool! I'm checking it now.

I could be wrong, but I think for signing and verifying the private key prefix does not come into effect.  Also, I just found this page: https://github.com/bitcoinjs/bitcoinjs-lib/blob/master/src/networks.js  It looks like there are indeed some more items that need to be adjusted.  I just can't wrap my head around the difference in the "messagePrefix", why bitcoin uses x18 and the others use x19.

I'll continue to research this but any tips would be helpful.

Thanks.

[lyth0s]

If you put this thread in the technical section of the forums instead of the "Beginners" section you will get much better responses and help from other devs. I know you can't move this thread yourself so maybe just lock it and then create a new thread in the technical support section.

[tuaris]

I am having trouble locating where this byte prefix "0x18" is used and defined in the Bitcoin sorce code.

This is what I found so far:
src/main.cpp#L80

Code:

const string strMessageMagic = "Bitcoin Signed Message:\n";

And where that gets used when signing/verifying a message:
src/rpcmisc.cpp#L367 and src/wallet/rpcwallet.cpp#L496

Code:

CHashWriter ss(SER_GETHASH, 0);
ss << strMessageMagic;
ss << strMessage;

But I do not see anything indicating that that byte prefix is being utilized.

[tuaris]

I am having trouble locating where this byte prefix "0x18" is used and defined in the Bitcoin sorce code.

This is what I found so far:
src/main.cpp#L80

Code:

const string strMessageMagic = "Bitcoin Signed Message:\n";

And where that gets used when signing/verifying a message:
src/rpcmisc.cpp#L367 and src/wallet/rpcwallet.cpp#L496

Code:

CHashWriter ss(SER_GETHASH, 0);
ss << strMessageMagic;
ss << strMessage;

But I do not see anything indicating that that byte prefix is being utilized.

Okay, figured it out with the help of this source code comment:
bitcoinj/core/Utils.java#L510.  

It's the message length for the line.  
0x18 being decimal value 24, for 24 characters in this "Bitcoin Signed Message:\n".
0x19 being decimal value 25, for 25 characters in this "Zetacoin Signed Message:\n".

Where is this officially documented?

[koad]

I am wondering about this too.

The prefix is used in libraries and third party apps but it doesn't seem to be the same as the bitcoin source code.  The code you referenced in the source uses `strMessageMagic` without adding the prefix so I am wondering why so many clients/libraries out there do it.

I am also wondering what kinds of bad things might happen if this prefix or message magic itself is set incorrectly,..


/koad