[Bug] signrawtransaction of multisig with explicit privkey doesn't work

Gavin Andresen

legendary

Activity: 1652

Merit: 2301

Chief Scientist

Thanks for helping test!

kjj

legendary

Activity: 1302

Merit: 1026

Ok, I found it. I did the same commands that you did, and I got different outputs, so I did some digging.

When I patched my local copy of 0.7.1 with the delta from pull 1818, it didn't take. I tracked the bug down and fixed it.

Works fine now.

I'm going to do a few more test runs to be sure, but so far it all looks good. We should probably get this merged in ASAP.

Gavin Andresen

legendary

Activity: 1652

Merit: 2301

Chief Scientist

Hmmm.... works for me. See: https://gist.github.com/3966071 for exactly what I did to create and then spend a 2-of-3 on the main network, with keys that are not in my wallet.

kjj

legendary

Activity: 1302

Merit: 1026

Hmm, nope, didn't help.

Code:

bitcoind signrawtransaction 0100000001fbf9aa4434c561f25dd0510f5f1f5c4a945a2efe61868fc4ac20665bf5d2bcbe0100000000ffffffff0180969800000000001976a914ae56b4db13554d321c402db3961187aed1bbed5b88ac00000000 '[{"txid":"bebcd2f55b6620acc48f8661fe2e5a944a5c1f5f0f51d05df261c53444aaf9fb","vout":1,"scriptPubKey":"a914b34f5c13be2c394ca52dcddfee832b9a95e0701087","redeemScript":"524104360d5036b9a0e94187f3224b77a190a477788ab2f4b18366ff4b48dd63721219248f50b5afbae6c3111b091e1af083b0d5117966a96ce74963469664a04ee3eb4104ee69cafbb8f24ffe969b4c1310269eb0d896440aa858436bb58775bb5a5d5909e6cb8a65b4de24dd9770c6bf44d2183a1bd311bafaaa95c04cad2aa979d740694104cc8525385180a8e2a3fac4490de35d7f5da8ffb10860039c04648e6ed11a0c11c4769a2a0cd8fbe625119d907f77c0e6c28d45206b2cc5b18a8520256333545553ae"}]' '["5HqmKC5TvQnE8oKJfbtqxpqRPKuu6Qvqzpt3k3wDyEExExqyu3y"]'

{
"hex" : "0100000001fbf9aa4434c561f25dd0510f5f1f5c4a945a2efe61868fc4ac20665bf5d2bcbe01000000cc004cc9524104360d5036b9a0e94187f3224b77a190a477788ab2f4b18366ff4b48dd63721219248f50b5afbae6c3111b091e1af083b0d5117966a96ce74963469664a04ee3eb4104ee69cafbb8f24ffe969b4c1310269eb0d896440aa858436bb58775bb5a5d5909e6cb8a65b4de24dd9770c6bf44d2183a1bd311bafaaa95c04cad2aa979d740694104cc8525385180a8e2a3fac4490de35d7f5da8ffb10860039c04648e6ed11a0c11c4769a2a0cd8fbe625119d907f77c0e6c28d45206b2cc5b18a8520256333545553aeffffffff0180969800000000001976a914ae56b4db13554d321c402db3961187aed1bbed5b88ac00000000",
"complete" : false
}

I get the same hex out no matter which of the three keys I use, or even if I use all three keys. If I try to feed that hexout back in with a different key, I always get this:

Code:

bitcoind signrawtransaction "0100000001fbf9aa4434c561f25dd0510f5f1f5c4a945a2efe61868fc4ac20665bf5d2bcbe01000000cc004cc9524104360d5036b9a0e94187f3224b77a190a477788ab2f4b18366ff4b48dd63721219248f50b5afbae6c3111b091e1af083b0d5117966a96ce74963469664a04ee3eb4104ee69cafbb8f24ffe969b4c1310269eb0d896440aa858436bb58775bb5a5d5909e6cb8a65b4de24dd9770c6bf44d2183a1bd311bafaaa95c04cad2aa979d740694104cc8525385180a8e2a3fac4490de35d7f5da8ffb10860039c04648e6ed11a0c11c4769a2a0cd8fbe625119d907f77c0e6c28d45206b2cc5b18a8520256333545553aeffffffff0180969800000000001976a914ae56b4db13554d321c402db3961187aed1bbed5b88ac00000000" '[{"txid":"bebcd2f55b6620acc48f8661fe2e5a944a5c1f5f0f51d05df261c53444aaf9fb","vout":1,"scriptPubKey":"a914b34f5c13be2c394ca52dcddfee832b9a95e0701087","redeemScript":"524104360d5036b9a0e94187f3224b77a190a477788ab2f4b18366ff4b48dd63721219248f50b5afbae6c3111b091e1af083b0d5117966a96ce74963469664a04ee3eb4104ee69cafbb8f24ffe969b4c1310269eb0d896440aa858436bb58775bb5a5d5909e6cb8a65b4de24dd9770c6bf44d2183a1bd311bafaaa95c04cad2aa979d740694104cc8525385180a8e2a3fac4490de35d7f5da8ffb10860039c04648e6ed11a0c11c4769a2a0cd8fbe625119d907f77c0e6c28d45206b2cc5b18a8520256333545553ae"}]' '["Second Key Goes Here"]'

{
"hex" : "0100000001fbf9aa4434c561f25dd0510f5f1f5c4a945a2efe61868fc4ac20665bf5d2bcbe01000000ce0000004cc9524104360d5036b9a0e94187f3224b77a190a477788ab2f4b18366ff4b48dd63721219248f50b5afbae6c3111b091e1af083b0d5117966a96ce74963469664a04ee3eb4104ee69cafbb8f24ffe969b4c1310269eb0d896440aa858436bb58775bb5a5d5909e6cb8a65b4de24dd9770c6bf44d2183a1bd311bafaaa95c04cad2aa979d740694104cc8525385180a8e2a3fac4490de35d7f5da8ffb10860039c04648e6ed11a0c11c4769a2a0cd8fbe625119d907f77c0e6c28d45206b2cc5b18a8520256333545553aeffffffff0180969800000000001976a914ae56b4db13554d321c402db3961187aed1bbed5b88ac00000000",
"complete" : false
}

The only difference is that the second one has three placeholders for signatures, while the first has only one.

kjj

legendary

Activity: 1302

Merit: 1026

Quote from: Gavin Andresen on September 10, 2012, 08:58:46 AM

I just submitted a pull request to fix this:
https://github.com/bitcoin/bitcoin/pull/1818

Quote

This pull request makes three functional changes:

Adds "redeemScript" to listunspent output, when listing a p2sh/multisig output
Adds "redeemScript" to signrawtransaction's second argument (list of previous transaction outputs)
Adds a new RPC command, "createmultisig" that is just like "addmultisigaddress" but instead of adding the multisig address/redeemScript to the wallet, returns them in a JSON object.

It also includes new unit tests for the raw transaction API argument checking code (and refactors some argument checking to remove some code duplication).

I just pulled in 1818 and compiled it on my box. Having some problems...

Code:

kjj@inana# bitcoind signrawtransaction 0100000001473d8d74be3bf15aa2fad193535fca18e0be4c04387db1d043895e48a649a1770100000000ffffffff0180969800000000001976a914ae56b4db13554d321c402db3961187aed1bbed5b88ac00000000 '[{"txid":"77a149a6485e8943d0b17d38044cbee018ca5f5393d1faa25af13bbe748d3d47","vout":1,"redeemScript":"5241043c29e1fb734da2011303cd179917777372b6c31a188d61a3631d6eab0a95093e8aefea89aed984558c740fe01fb0eef296c940dd5fd78efeecd483a07b9402d8410489ad17da02ee59f7956264a22ee75dc6e0524aacc16a19eeeaa91abca24f08c6a5051f94c61f20f4fcab0fce9e8faab1e4f306d4cc92128cc434ce5ebd2fde6941041edfba4d6adf731c2eff112ab01524c0ee60fb882d093d445811448b4f58d9c0bf482e356a05fb6281293e11dd28d0d352a1a37edcaf10513386b56a514c830853ae","scriptPubKey":"a9142cde97168f599d9add3d4ab2e30b88d04aa2dbfe87"}]'
{
"hex" : "0100000001473d8d74be3bf15aa2fad193535fca18e0be4c04387db1d043895e48a649a17701000000cc004cc95241043c29e1fb734da2011303cd179917777372b6c31a188d61a3631d6eab0a95093e8aefea89aed984558c740fe01fb0eef296c940dd5fd78efeecd483a07b9402d8410489ad17da02ee59f7956264a22ee75dc6e0524aacc16a19eeeaa91abca24f08c6a5051f94c61f20f4fcab0fce9e8faab1e4f306d4cc92128cc434ce5ebd2fde6941041edfba4d6adf731c2eff112ab01524c0ee60fb882d093d445811448b4f58d9c0bf482e356a05fb6281293e11dd28d0d352a1a37edcaf10513386b56a514c830853aeffffffff0180969800000000001976a914ae56b4db13554d321c402db3961187aed1bbed5b88ac00000000",
"complete" : false
}
kjj@inana# bitcoind signrawtransaction 0100000001473d8d74be3bf15aa2fad193535fca18e0be4c04387db1d043895e48a649a1770100000000ffffffff0180969800000000001976a914ae56b4db13554d321c402db3961187aed1bbed5b88ac00000000 '[{"txid":"77a149a6485e8943d0b17d38044cbee018ca5f5393d1faa25af13bbe748d3d47","vout":1,"redeemScript":"5241043c29e1fb734da2011303cd179917777372b6c31a188d61a3631d6eab0a95093e8aefea89aed984558c740fe01fb0eef296c940dd5fd78efeecd483a07b9402d8410489ad17da02ee59f7956264a22ee75dc6e0524aacc16a19eeeaa91abca24f08c6a5051f94c61f20f4fcab0fce9e8faab1e4f306d4cc92128cc434ce5ebd2fde6941041edfba4d6adf731c2eff112ab01524c0ee60fb882d093d445811448b4f58d9c0bf482e356a05fb6281293e11dd28d0d352a1a37edcaf10513386b56a514c830853ae","scriptPubKey":"a9142cde97168f599d9add3d4ab2e30b88d04aa2dbfe87"}]' '["5KMsiwRcYLVHp59rf6FtfbAzC4xRZ2Pmxy1KznF9mHtDvV6ix7g"]'
{
"hex" : "0100000001473d8d74be3bf15aa2fad193535fca18e0be4c04387db1d043895e48a649a17701000000cc004cc95241043c29e1fb734da2011303cd179917777372b6c31a188d61a3631d6eab0a95093e8aefea89aed984558c740fe01fb0eef296c940dd5fd78efeecd483a07b9402d8410489ad17da02ee59f7956264a22ee75dc6e0524aacc16a19eeeaa91abca24f08c6a5051f94c61f20f4fcab0fce9e8faab1e4f306d4cc92128cc434ce5ebd2fde6941041edfba4d6adf731c2eff112ab01524c0ee60fb882d093d445811448b4f58d9c0bf482e356a05fb6281293e11dd28d0d352a1a37edcaf10513386b56a514c830853aeffffffff0180969800000000001976a914ae56b4db13554d321c402db3961187aed1bbed5b88ac00000000",
"complete" : false
}

The privkey shown is for one of the three pubkeys in the multisig address, none of which are in the wallet.

To save a little time, the transaction I'm trying to redeem is 77a149a6485e8943d0b17d38044cbee018ca5f5393d1faa25af13bbe748d3d47 and the multisig address is 35nGJpcQr4pYVyFVR3BPbdaWUSk6NBryUD.

The multisig info can be found with:

Code:

bitcoind createmultisig 2 '["043c29e1fb734da2011303cd179917777372b6c31a188d61a3631d6eab0a95093e8aefea89aed984558c740fe01fb0eef296c940dd5fd78efeecd483a07b9402d8","0489ad17da02ee59f7956264a22ee75dc6e0524aacc16a19eeeaa91abca24f08c6a5051f94c61f20f4fcab0fce9e8faab1e4f306d4cc92128cc434ce5ebd2fde69","041edfba4d6adf731c2eff112ab01524c0ee60fb882d093d445811448b4f58d9c0bf482e356a05fb6281293e11dd28d0d352a1a37edcaf10513386b56a514c8308"]'
{
"address" : "35nGJpcQr4pYVyFVR3BPbdaWUSk6NBryUD",
"redeemScript" : "5241043c29e1fb734da2011303cd179917777372b6c31a188d61a3631d6eab0a95093e8aefea89aed984558c740fe01fb0eef296c940dd5fd78efeecd483a07b9402d8410489ad17da02ee59f7956264a22ee75dc6e0524aacc16a19eeeaa91abca24f08c6a5051f94c61f20f4fcab0fce9e8faab1e4f306d4cc92128cc434ce5ebd2fde6941041edfba4d6adf731c2eff112ab01524c0ee60fb882d093d445811448b4f58d9c0bf482e356a05fb6281293e11dd28d0d352a1a37edcaf10513386b56a514c830853ae"
}

Ooh, just had a thought. I used addmultisigaddress to add this multisig to the wallet, but the private keys are not in the wallet. Could it be ignoring the command-line provided keys because it thinks it owns that address? I'll create a fresh batch of keys tomorrow to check that.

Gavin Andresen

legendary

Activity: 1652

Merit: 2301

Chief Scientist

I just submitted a pull request to fix this:
https://github.com/bitcoin/bitcoin/pull/1818

Quote

This pull request makes three functional changes:

Adds "redeemScript" to listunspent output, when listing a p2sh/multisig output
Adds "redeemScript" to signrawtransaction's second argument (list of previous transaction outputs)
Adds a new RPC command, "createmultisig" that is just like "addmultisigaddress" but instead of adding the multisig address/redeemScript to the wallet, returns them in a JSON object.

It also includes new unit tests for the raw transaction API argument checking code (and refactors some argument checking to remove some code duplication).

grazcoin

sr. member

Activity: 284

Merit: 250

Quote from: Gavin Andresen on September 04, 2012, 08:36:14 AM

It is too late to add new RPC features to the 0.7 release, so no fix until the next release.

In this case, I have hacked some temporary solution until the official one comes.
It works for me (tm).
The patch is against bitcoin-0.7.0rc1
https://ubtcbank.com/patches/0001-Workaround-bug-signrawtransaction-of-multisig-with-e.patch

This hack enables generating P2SH scripts required to sign a
multisig tx while explicit privkeys are given.
The public keys required for generating the relevant mutisig address
are given in the array of the private keys. They are detected and
used to insert the required P2SH scripts to the temp keystore.
The hack supports only n-of-n tx.
It was tested only with 2-of-2 multisig.
This is only a hack until final fix is available.

Gavin Andresen

legendary

Activity: 1652

Merit: 2301

Chief Scientist

Quote from: grazcoin on September 03, 2012, 02:56:57 PM

So either a fifth optional argument for the P2SH scripts or extending the 3rd argument to include both privkeys and P2SH script would do the job.

I'm leaning towards extending the 2nd argument, to give previous inputs and, if the previous inputs are P2SH, previous inputs scripts.

Along with a new 'rawmultisigaddress' that is just like addmultisigaddress, but doesn't add the redemption script to the wallet but instead returns it.

Quote

... or was it the addmultisigaddress that added the P2SH scripts?

addmultisigaddress added the P2SH scripts to the wallet.

RE: when can you expect a fix:

It is too late to add new RPC features to the 0.7 release, so no fix until the next release.

grazcoin

sr. member

Activity: 284

Merit: 250

Quote from: Gavin Andresen on September 03, 2012, 08:56:09 AM

Bug. I never tested the combination of signing a pay-to-script-hash transaction with non-wallet private keys.

I'm not 100% sure how to fix it, though. The problem is private keys, public keys, and P2SH scripts are all stored in a "keystore." When you give the third argument to signrawtransaction, it creates a keystore that contains just the private keys (and the corresponding public keys) that you give, and uses that to sign the transaction.

There's currently no way to give it the P2SH script that corresponds to 34y6HmY6zTH51KTC9vd36HasNL4kLKcisC, but the transaction signing code needs that information.

I think the right fix is to give signrawtransaction both the private key(s) and any P2SH information needed...

Gavin, thanks for the quick reply.
So either a fifth optional argument for the P2SH scripts or extending the 3rd argument to include both privkeys and P2SH script would do the job.
In the case that explicit privkeys are given but no P2SH script are given, then something similar to bitcoind importprivkey $PRIVKEY should happen within the tempKeystore that also retrieves everything required from the blockchain. Obviously all information is available within the privkey and the blockchain, since signing seems to work after importing the privkey.
Supplying explicit P2SH scripts as an argument could avoid the (probably expensive) P2SH scripts retrieval.
... or was it the addmultisigaddress that added the P2SH scripts?

Can you spare few more words about it?
When such a fix is expected?
Grazcoin

Gavin Andresen

legendary

Activity: 1652

Merit: 2301

Chief Scientist

Bug. I never tested the combination of signing a pay-to-script-hash transaction with non-wallet private keys.

I'm not 100% sure how to fix it, though. The problem is private keys, public keys, and P2SH scripts are all stored in a "keystore." When you give the third argument to signrawtransaction, it creates a keystore that contains just the private keys (and the corresponding public keys) that you give, and uses that to sign the transaction.

There's currently no way to give it the P2SH script that corresponds to 34y6HmY6zTH51KTC9vd36HasNL4kLKcisC, but the transaction signing code needs that information.

I think the right fix is to give signrawtransaction both the private key(s) and any P2SH information needed...

grazcoin

sr. member

Activity: 284

Merit: 250

Hi there,

I was trying to sign a multisig rawtx using explicit privkey and encountered some problems.
Description below:

1. create multisig address from 2 addresses ("1MZNrRbGg8AD7rz8TLw451DByJF6e3CZDZ", "12oESJ63gKmf7EtqEdrV7Xnid8dmYTBKE3")

Code:

$ bitcoind addmultisigaddress 2 '["04e89a79651522201d756f14b1874ae49139cc984e5782afeca30ffe84e5e6b2cfadcfe9875c490c8a1a05a4debd715dd57471af8886ab5dfbb3959d97f087f77a","0455cf4a3ab68a011b18cb0a86aae2b8e9cad6c6355476de05247c57a9632d127084ac7630ad89893b43c486c5a9f7ec6158fb0feb708fa9255d5c4d44bc0858f8"]'
34y6HmY6zTH51KTC9vd36HasNL4kLKcisC

2. create tx of 1BTC to 1LCSzvp2xWHFt3x1qnz8JNGX1sXEfy48pJ. There are enough funds:
http://blockchain.info/unspent?address=34y6HmY6zTH51KTC9vd36HasNL4kLKcisC

Code:

$ bitcoind createrawtransaction '[{"txid":"8e7068fcbad6059ef5add9615888606bf0c20b7be076c8e7f969ad8b0e056ecb","vout":1}]' '{"1LCSzvp2xWHFt3x1qnz8JNGX1sXEfy48pJ":1}'
0100000001cb6e050e8bad69f9e7c876e07b0bc2f06b60885861d9adf59e05d6bafc68708e0100000000ffffffff0100e1f505000000001976a914d294ab0b27d2cdd04a43f0a8c6105222a444e93b88ac00000000

3. try to sign with no explicit privkey and no privkey in my main wallet. Not signed as expected.

Code:

$ bitcoind signrawtransaction 0100000001cb6e050e8bad69f9e7c876e07b0bc2f06b60885861d9adf59e05d6bafc68708e0100000000ffffffff0100e1f505000000001976a914d294ab0b27d2cdd04a43f0a8c6105222a444e93b88ac00000000 '[{"scriptPubKey": "a91423f2ad603145e5ef55dec9ae4cd38a0bf37f5d9887", "vout": 1, "txid": "8e7068fcbad6059ef5add9615888606bf0c20b7be076c8e7f969ad8b0e056ecb"}]'
{
"hex" : "0100000001cb6e050e8bad69f9e7c876e07b0bc2f06b60885861d9adf59e05d6bafc68708e0100000000ffffffff0100e1f505000000001976a914d294ab0b27d2cdd04a43f0a8c6105222a444e93b88ac00000000",
"complete" : false
}

4. try to give explicit privkey (of first address). Not signed. Not expected.

Code:

$ bitcoind signrawtransaction 0100000001cb6e050e8bad69f9e7c876e07b0bc2f06b60885861d9adf59e05d6bafc68708e0100000000ffffffff0100e1f505000000001976a914d294ab0b27d2cdd04a43f0a8c6105222a444e93b88ac00000000 '[{"scriptPubKey": "a91423f2ad603145e5ef55dec9ae4cd38a0bf37f5d9887", "vout": 1, "txid": "8e7068fcbad6059ef5add9615888606bf0c20b7be076c8e7f969ad8b0e056ecb"}]' '["5KCqBSbPfaQtMaYgU1aZHqFoWqcJC1RrgCUr11M8sBX93K2UQR4"]'
{
"hex" : "0100000001cb6e050e8bad69f9e7c876e07b0bc2f06b60885861d9adf59e05d6bafc68708e0100000000ffffffff0100e1f505000000001976a914d294ab0b27d2cdd04a43f0a8c6105222a444e93b88ac00000000",
"complete" : false
}

5. import privkey and try to sign with no explicit privkey. Signed as expected.

Code:

$ bitcoind importprivkey 5KCqBSbPfaQtMaYgU1aZHqFoWqcJC1RrgCUr11M8sBX93K2UQR4
$ bitcoind addmultisigaddress 2 '["...","..."]' # signing doesn't work without re-running addmultisigaddress
34y6HmY6zTH51KTC9vd36HasNL4kLKcisC
$ bitcoind signrawtransaction 0100000001cb6e050e8bad69f9e7c876e07b0bc2f06b60885861d9adf59e05d6bafc68708e0100000000ffffffff0100e1f505000000001976a914d294ab0b27d2cdd04a43f0a8c6105222a444e93b88ac00000000 '[{"scriptPubKey": "a91423f2ad603145e5ef55dec9ae4cd38a0bf37f5d9887", "vout": 1, "txid": "8e7068fcbad6059ef5add9615888606bf0c20b7be076c8e7f969ad8b0e056ecb"}]'
{
"hex" : "0100000001cb6e050e8bad69f9e7c876e07b0bc2f06b60885861d9adf59e05d6bafc68708e01000000d30048304502206c7723e081aacd17e3bf276626ac1d99779f43e046a2757d7a62107fce22c939022100bd02cdf74775e5ea94a4851acb3b89e2aa211b405a95940f5226d473612d871a014c87524104e89a79651522201d756f14b1874ae49139cc984e5782afeca30ffe84e5e6b2cfadcfe9875c490c8a1a05a4debd715dd57471af8886ab5dfbb3959d97f087f77a410455cf4a3ab68a011b18cb0a86aae2b8e9cad6c6355476de05247c57a9632d127084ac7630ad89893b43c486c5a9f7ec6158fb0feb708fa9255d5c4d44bc0858f852aeffffffff0100e1f505000000001976a914d294ab0b27d2cdd04a43f0a8c6105222a444e93b88ac00000000",
"complete" : false
}

6. try to sign with explicit privkey, when privkey is present in main wallet. Not signed. Already expected according to #4.

Code:

$ bitcoind signrawtransaction 0100000001cb6e050e8bad69f9e7c876e07b0bc2f06b60885861d9adf59e05d6bafc68708e0100000000ffffffff0100e1f505000000001976a914d294ab0b27d2cdd04a43f0a8c6105222a444e93b88ac00000000 '[{"scriptPubKey": "a91423f2ad603145e5ef55dec9ae4cd38a0bf37f5d9887", "vout": 1, "txid": "8e7068fcbad6059ef5add9615888606bf0c20b7be076c8e7f969ad8b0e056ecb"}]' '["5KCqBSbPfaQtMaYgU1aZHqFoWqcJC1RrgCUr11M8sBX93K2UQR4"]'
{
"hex" : "0100000001cb6e050e8bad69f9e7c876e07b0bc2f06b60885861d9adf59e05d6bafc68708e0100000000ffffffff0100e1f505000000001976a914d294ab0b27d2cdd04a43f0a8c6105222a444e93b88ac00000000",
"complete" : false
}

More info:
I am running bitcoin-0.7.0rc1-linux (64bit)

What did I miss?
Grazcoin

Topic: [Bug] signrawtransaction of multisig with explicit privkey doesn't work (Read 3526 times)