Jonathan Underwood [ARCHIVE] on Nostr: 📅 Original date posted:2019-06-29 📝 Original message:Even if the difference is ...
📅 Original date posted:2019-06-29
📝 Original message:Even if the difference is apparent outside the signed data (in the output).
Signing the data explicitly is more secure.
ie. if some sort of vulnerability / way to break this system for 1-of-1
multisig is found, someone who signed a single sig xpub whitelist will not
be exposed.
2019年6月29日(土) 13:43 Dmitry Petukhov <dp at simplexum.com>:
> В Sat, 29 Jun 2019 09:19:41 +0900
> Jonathan Underwood <junderwood at bitcoinbank.co.jp> пишет:
>
> > > Other note: you have 'unused' value of 1 for `m` in your scheme, why
> > > not require m=1 for single-sig case, and use 0 as indicator that
> > > there are a serlal number following it?
> > >
> >
> > 0x00 is single sig, aka, OP_CHECKSIG
> >
> > 0x01 is multisig, aka, 1-of-3, 1-of-2 OP_CHECKMULTISIG
>
> This informatin is available in per-output redeem/witness script,
> signer will be able to distinguish between multisig/single-sig by
> looking at this script. I think it only need to know the total number
> of keys participating in the signing, and check that this number
> matches the particulars of redeem/witness script.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20190629/04fd8336/attachment.html>
📝 Original message:Even if the difference is apparent outside the signed data (in the output).
Signing the data explicitly is more secure.
ie. if some sort of vulnerability / way to break this system for 1-of-1
multisig is found, someone who signed a single sig xpub whitelist will not
be exposed.
2019年6月29日(土) 13:43 Dmitry Petukhov <dp at simplexum.com>:
> В Sat, 29 Jun 2019 09:19:41 +0900
> Jonathan Underwood <junderwood at bitcoinbank.co.jp> пишет:
>
> > > Other note: you have 'unused' value of 1 for `m` in your scheme, why
> > > not require m=1 for single-sig case, and use 0 as indicator that
> > > there are a serlal number following it?
> > >
> >
> > 0x00 is single sig, aka, OP_CHECKSIG
> >
> > 0x01 is multisig, aka, 1-of-3, 1-of-2 OP_CHECKMULTISIG
>
> This informatin is available in per-output redeem/witness script,
> signer will be able to distinguish between multisig/single-sig by
> looking at this script. I think it only need to know the total number
> of keys participating in the signing, and check that this number
> matches the particulars of redeem/witness script.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20190629/04fd8336/attachment.html>