1 2017-05-31 01:02:50 <Chris_Stewart_5> Does Bitcoin Core support importing a BIP32 xpub key and deriving addresses from it?
2 2017-05-31 01:08:09 <achow101> Chris_Stewart_5, no
3 2017-05-31 01:14:04 <Chris_Stewart_5> Thanks achow101
4 2017-05-31 16:23:24 <zeusalmighty> quick question. If segregated witness uses any can spend script, couldn't someone "spend" from that and generate an invalid transaction that legacy nodes would validate but segwit nodes would not?
5 2017-05-31 16:24:05 <abpa> that's why it's a soft fork
6 2017-05-31 17:02:45 <arubi> zeusalmighty, p2sh uses the same "anyone can spend" mechanism, but "anyone can spend" in itself is not a real technical term. of course any script without a checksig is "anyone can spend" eventually when it's relayed. the soft forked rules add the option of nesting a checksig in both p2sh and segwit scripts
7 2017-05-31 17:04:17 <arubi> older nodes consider these scripts as non standard, so they won't hear about them being spent, but when they're in a block these old clients are able to check the coin supply and that no new coins were generated
8 2017-05-31 18:55:50 <SopaXorzTaker> hm
9 2017-05-31 18:55:57 <SopaXorzTaker> oh, not quiet there anymore?
10 2017-05-31 18:56:05 <SopaXorzTaker> arubi, continue
11 2017-05-31 18:56:15 <arubi> so, is that the public key that you use?
12 2017-05-31 18:56:27 <SopaXorzTaker> I'd like you to help testing the u1*G + u2*Q part
13 2017-05-31 18:56:35 <arubi> okay, I can do that
14 2017-05-31 18:56:40 <SopaXorzTaker> I mean, give me an u1, u2, G, Q
15 2017-05-31 18:56:55 <arubi> give me the private key and message that you used, I'll sign it
16 2017-05-31 18:56:55 <SopaXorzTaker> and the expected value
17 2017-05-31 18:57:17 <SopaXorzTaker> arubi, well
18 2017-05-31 18:57:24 <SopaXorzTaker> the code signs a message successfully
19 2017-05-31 18:57:27 <SopaXorzTaker> here it is:
20 2017-05-31 18:57:48 <SopaXorzTaker> r, s = (0x241097efbf8b63bf145c8961dbdf10c310efbb3b2676bbc0f8b08505c9e2f795, 0x021006b7838609339e8b415a7f9acb1b661828131aef1ecbc7955dfb01f3ca0e)
21 2017-05-31 18:57:51 <arubi> so lets see the signature, pubkey and message
22 2017-05-31 18:57:57 <SopaXorzTaker> z = 0x4b688df40bcedbe641ddb16ff0a1842d9c67ea1c3bf63f3e0471baa664531d1a
23 2017-05-31 18:58:17 <SopaXorzTaker> Q = (0x779dd197a5df977ed2cf6cb31d82d43328b790dc6b3b7d4437a427bd5847dfcd, 0xe94b724a555b6d017bb7607c3e3281daf5b1699d6ef4124975c9237b917d426f)
24 2017-05-31 18:58:30 <SopaXorzTaker> k = 0x49a0d7b786ec9cde0d0721d72804befd06571c974b191efb42ecf322ba9ddd9a // not needed, just FIY
25 2017-05-31 18:58:38 <arubi> I know..
26 2017-05-31 18:58:46 <arubi> Q isn't needed either, FYI :)
27 2017-05-31 18:59:51 <arubi> is this z the actual message, or before the hash?
28 2017-05-31 19:00:08 <arubi> the signature is invalid. it would've been valid signed by :
29 2017-05-31 19:00:18 <SopaXorzTaker> r, s ---> Q
30 2017-05-31 19:00:19 <arubi> 03779DD197A5DF977ED2CF6CB31D82D43328B790DC6B3B7D4437A427BD5847DFCD or 033C8B232DDCED8C7D7A1EDF9DD81B68683B3ADA2B25ED18C8423D6C632AF30E38
31 2017-05-31 19:00:28 <SopaXorzTaker> z is the hash
32 2017-05-31 19:00:43 <SopaXorzTaker> this signature is valid
33 2017-05-31 19:00:51 <arubi> what does this mean: 'r, s ---> Q' ?
34 2017-05-31 19:00:56 <SopaXorzTaker> because it was in a test case and my code successfuly calculates it
35 2017-05-31 19:01:28 <SopaXorzTaker> https://crypto.stackexchange.com/questions/41316/complete-set-of-test-vectors-for-ecdsa-secp256k1
36 2017-05-31 19:01:36 <SopaXorzTaker> (see first answer for the test case)
37 2017-05-31 19:01:51 <arubi> again I ask, what does 'r, s ---> Q' mean?
38 2017-05-31 19:02:08 <arubi> is Q the public key you for verifying?
39 2017-05-31 19:02:32 <arubi> oh wait, I did get the same key as you did
40 2017-05-31 19:02:44 <arubi> 03779DD197A5DF977ED2CF6CB31D82D43328B790DC6B3B7D4437A427BD5847DFCD is you Q, I somehow misread it
41 2017-05-31 19:02:57 <arubi> okay, yes. what's the next issue? :)
42 2017-05-31 19:07:08 <SopaXorzTaker> arubi, I just noted that Q can be derived from r, s as you said that it's not necessary
43 2017-05-31 19:07:39 <arubi> ah alright, I'll link you to u1, u2, u1*G, u2*P in a bit
44 2017-05-31 19:08:50 <SopaXorzTaker> \k
45 2017-05-31 19:08:52 <SopaXorzTaker> k
46 2017-05-31 19:09:02 <arubi> SopaXorzTaker, https://gist.github.com/fivepiece/2acfcf197ce28535c2e814502ca94cdf
47 2017-05-31 19:16:59 <Chris_Stewart_5> Has anyone tried to hash and verify the signature on 0.14.1 from here: https://github.com/bitcoin/bitcoin/releases
48 2017-05-31 19:17:35 <SopaXorzTaker> thansk
49 2017-05-31 19:17:38 <Chris_Stewart_5> The hash I'm getting for v0.14.1.tar.gz is 4391db...9834
50 2017-05-31 19:17:38 <SopaXorzTaker> thanks*
51 2017-05-31 19:19:18 <arubi> trying..
52 2017-05-31 19:22:18 <arubi> well I'm getting the same hash. is this supposed to be the same one as in bitcoin.org/bin/ ?
53 2017-05-31 19:22:40 <Chris_Stewart_5> the same hash as I got?
54 2017-05-31 19:23:07 <Chris_Stewart_5> I'm looking at sigs from here: bitcoin.rg/en/download
55 2017-05-31 19:23:34 <Chris_Stewart_5> and there is a link to verify release signatures
56 2017-05-31 19:23:38 <arubi> right, same hash, but that one isn't in the signature file
57 2017-05-31 19:24:12 <Chris_Stewart_5> Yeah... the hash in the sig file is f21203..f9a3
58 2017-05-31 19:24:24 <Chris_Stewart_5> wumpus: ?
59 2017-05-31 19:24:54 <arubi> I'm seeing 0c6920a9f3181a95ca029fdac5342b5702569ee441ec2128d19051f281683058 bitcoin-0.14.1-x86_64-linux-gnu.tar.gz
60 2017-05-31 19:25:09 <SopaXorzTaker> wow, fixed
61 2017-05-31 19:25:32 <SopaXorzTaker> apparently in point_multiply you don't set R to G and then multiply by scalar - 1
62 2017-05-31 19:25:37 <SopaXorzTaker> instead you set R to 0
63 2017-05-31 19:25:38 <Chris_Stewart_5> Yeah, I was looking at bitcoin-0.14.1.tar.gz
64 2017-05-31 19:25:55 <arubi> oh right
65 2017-05-31 19:26:02 <SopaXorzTaker> and then when adding, just return the other number
66 2017-05-31 19:26:15 <Chris_Stewart_5> The hash is wrong for that tar ball as well?
67 2017-05-31 19:26:54 <arubi> no it's good
68 2017-05-31 19:27:07 <arubi> wait I have to re-check the first one
69 2017-05-31 19:29:59 <arubi> so v0.14.1.tar.gz and bitcoin-0.14.1.tar.gz are different
70 2017-05-31 19:32:07 <arubi> well yes, one from bitcoin.org is just source code and the one from github has some github specific stuff in it
71 2017-05-31 19:33:02 <arubi> and bitcoin-0.14.1.tar.gz is the one signed
72 2017-05-31 19:36:06 <Chris_Stewart_5> ah, I think i was getting confused by the fact if you download from github.com the file is renamed from v0.14.1.tar.gz -> bitcoin-0.14.1.tar.gz
73 2017-05-31 19:38:18 <arubi> yea actually I always assumed these were the same. I only ever check the signature for the binaries when I run them
74 2017-05-31 19:39:08 <Chris_Stewart_5> Yeah, I am setting up a new machine that is why I am going through it
75 2017-05-31 19:40:17 <arubi> nice. it's worth taking the time