Bitcoin Forum>Bitcoin>Bitcoin Technical Support
Author

Topic: Building a 2-of-(1+(1-of-2)) multisig transaction [i.e A + (B or C)] (Read 2200 times)

weex
legendary
Activity: 1102
Merit: 1014
Building a 2-of-(1+(1-of-2)) multisig transaction [i.e A + (B or C)]
November 12, 2015, 08:44:39 PM
#26
Quote from: thelink2012 on November 12, 2015, 02:42:33 PM
It's easily changeable how many k, m and n you'll use on the form  Lips sealed
Left the PR in coinbin, though their broadcaster doesn't seem to accept those transactions at all, one have to use the blockchain.info broadcaster for instance.

If there's already a name for this kind of p2sh let me know, I named it Mandatory Multisig for the lack of imagination.

Thanks thelink2012, I'll check it out shortly.
amaclin
legendary
Activity: 1260
Merit: 1019
Re: Building a 2-of-(1+(1-of-2)) multisig transaction [i.e A + (B or C)]
November 12, 2015, 03:12:10 PM
#25
thelink2012, perfect work!

http://webbtc.com/script/cdf3b234610e4224116220ef08198a5fa354451490983972c077fd2cf57efa43:0
2 + ( 2 of 3 )

http://webbtc.com/script/d04b2d714737f355d6cbc6d2d2307ed383835e425a85d06757689ce50ba0bccf:0
1 + ( 1 of 2 )

http://webbtc.com/script/1edccd06efaf2d7d610f45911506437a0ac258f8f902616fc26f260b6f30a5fd:0
3 + ( 1 of 3 )
thelink2012
newbie
Activity: 6
Merit: 0
Re: Building a 2-of-(1+(1-of-2)) multisig transaction [i.e A + (B or C)]
November 12, 2015, 02:42:33 PM
#24
It's easily changeable how many k, m and n you'll use on the form  Lips sealed
Left the PR in coinbin, though their broadcaster doesn't seem to accept those transactions at all, one have to use the blockchain.info broadcaster for instance.

If there's already a name for this kind of p2sh let me know, I named it Mandatory Multisig for the lack of imagination.
weex
legendary
Activity: 1102
Merit: 1014
Re: Building a 2-of-(1+(1-of-2)) multisig transaction [i.e A + (B or C)]
November 12, 2015, 01:41:07 PM
#23
I meant for this case. The second part only needs to be 1 of 2 so the transaction could be smaller.
amaclin
legendary
Activity: 1260
Merit: 1019
Re: Building a 2-of-(1+(1-of-2)) multisig transaction [i.e A + (B or C)]
November 12, 2015, 03:48:11 AM
#22
Quote from: weex on November 12, 2015, 03:44:30 AM
Seems like that will work fine. Just for my own understanding, is there any reason that couldn't be  a 1 + (1 of 2).
I suppose then it would depend more about how individual signatures are handled.
It could be any of (k + (m of n)) where k + m + n <= 15

Update: where k + n <= 15
weex
legendary
Activity: 1102
Merit: 1014
Re: Building a 2-of-(1+(1-of-2)) multisig transaction [i.e A + (B or C)]
November 12, 2015, 03:44:30 AM
#21
Seems like that will work fine. Just for my own understanding, is there any reason that couldn't be  a 1 + (1 of 2). I suppose then it would depend more about how individual signatures are handled.
amaclin
legendary
Activity: 1260
Merit: 1019
Re: Building a 2-of-(1+(1-of-2)) multisig transaction [i.e A + (B or C)]
November 12, 2015, 01:43:10 AM
#20
Quote from: thelink2012 on November 11, 2015, 05:17:07 PM
Nice, it worked great (tx). Thanks amaclin Cheesy
I'll make sure it's all fine and open a PR on coinbin, weex.
http://webbtc.com/script/1c41724a7b16ecd5e11867864d834eb24e9d22b372c86aa7869c4cc0b6b36d52:0

this is 1 + (2-of-3)

Code:
0362d792df06ec0fd954d28a94d071451e39aad4df7fc2e65b4beb39d4a19edf7e
OP_CHECKSIGVERIFY
2
02a7d3c5d155c592917af2dc2f9c0168627dc80463d396882d2e80da5a36f36360
035b7c902e47f3e48d57c5031d4a30c8f4f93cbdc4d2cd57e9af66ccb591a1bb46
03f4d266a0404a26b643e66b5712d997c2efdba22cb1bbe53bf79ed1465a548012
3
OP_CHECKMULTISIG
weex
legendary
Activity: 1102
Merit: 1014
Re: Building a 2-of-(1+(1-of-2)) multisig transaction [i.e A + (B or C)]
November 11, 2015, 08:27:33 PM
#19
Very cool, except I'm actually having a hard time parsing that redeem script with anything. I guess I'll need to try it with hashmal. Any ideas?

0048304502210097c8efca04e2f8ada930f3bccdb145598ac5b9d89f52e99cd109174dae41973c0 22066acbccf66a833b1cfb174b154c1841232d4314bc915c5f1455e5598af7b32db014830450221 00b0410b62a539c22deb3b0410209087415bcb99a75dccc1b2ec2b14476a2c449602203b3758654 e2a86a4028b07936d298ebca39937eda98bb75204cc22684fe8c69001483045022100b03ce2e1f3 72c6ec95667b77101479da2613de1a72629fd31f1da719d184e9a702200e2eb309d3495eb58c7f0 4c8d0e7aa6dd94f64c2c3863331ebd76ff2b033d0dc014c8c210362d792df06ec0fd954d28a94d0 71451e39aad4df7fc2e65b4beb39d4a19edf7ead522102a7d3c5d155c592917af2dc2f9c0168627 dc80463d396882d2e80da5a36f3636021035b7c902e47f3e48d57c5031d4a30c8f4f93cbdc4d2cd 57e9af66ccb591a1bb462103f4d266a0404a26b643e66b5712d997c2efdba22cb1bbe53bf79ed14 65a54801253ae
thelink2012
newbie
Activity: 6
Merit: 0
Re: Building a 2-of-(1+(1-of-2)) multisig transaction [i.e A + (B or C)]
November 11, 2015, 05:17:07 PM
#18
Nice, it worked great (tx). Thanks amaclin Cheesy
I'll make sure it's all fine and open a PR on coinbin, weex.
weex
legendary
Activity: 1102
Merit: 1014
Re: Building a 2-of-(1+(1-of-2)) multisig transaction [i.e A + (B or C)]
November 10, 2015, 09:21:55 PM
#17
Quote from: thelink2012 on November 10, 2015, 04:17:59 PM
By the way, as I mentioned, I'm new to bitcoin development, and I'm confused about one thing. This is a non-standard transaction, right? If I broadcast it to the network, chances are the money will be unspeadable because nodes don't want to run those kind of transactions? Also, weex, is the purposes you need that to broadcast to the bitcoin network or...?
When I did a multisig transaction before it was a simple 2-of-3 redeem script and coinb.in's source code was the simplest way for me to get it done in a way that had a nice interface. There are other apps that do it but they're less flexible.

I want a A+(B or C) type of transaction because I'm thinking it would be a good way to pay a mediator to a transaction. 2-of-3 doesn't work as well because the buyer and seller could collude to cut the mediator out. Not that that would be great for their reputation but I'd also like to see more complicated redeem scripts be easier to generate. Coinb.in's site and source are useful anyways(for signing and broadcast) but this is the best project to extend in this way.
amaclin
legendary
Activity: 1260
Merit: 1019
Re: Building a 2-of-(1+(1-of-2)) multisig transaction [i.e A + (B or C)]
November 10, 2015, 04:26:46 PM
#16
Quote from: thelink2012 on November 10, 2015, 04:17:59 PM
Oh, doesn't it? I've been looking in the table at this wiki page and on the outputs of this opcode there's a bool.
You should not mess OP_CHECKSIG and OP_CHECKSIGVERIFY

Quote
Is there another place I can find more trustworty documentation about those ops?
For free?

Quote
By the way, as I mentioned, I'm new to bitcoin development, and I'm confused about one thing. This is a non-standard transaction, right?
This is standard transaction today.
https://bitcoin.org/en/glossary/p2sh-address
Quote
A Bitcoin payment address comprising a hashed script, allowing the spender to create a standard pubkey script that Pays To Script Hash (P2SH). The script can be almost any valid pubkey script.
thelink2012
newbie
Activity: 6
Merit: 0
Re: Building a 2-of-(1+(1-of-2)) multisig transaction [i.e A + (B or C)]
November 10, 2015, 04:17:59 PM
#15
Quote from: weex on November 10, 2015, 03:57:11 PM
Thanks Amaclin, sorry but that ship has sailed. Do you have any comment on the OP_DROP question?
If it's me piloting the ship, I don't really mind him doing that instead. You probably will be better with his experience on the matter, I'm learning about these things not long ago and thus I both do it slower and with doubts popping up.

Quote from: amaclin on November 10, 2015, 04:07:18 PM
Quote from: thelink2012 on November 10, 2015, 02:57:27 PM
after the OP_CHECKSIGVERIFY as that pushes true to the stack

Quote from: weex on November 10, 2015, 03:57:11 PM
Thanks Amaclin, sorry but that ship has sailed. Do you have any comment on the OP_DROP question?

OP_CHECKSIGVERIFY does not push true to the stack
Oh, doesn't it? I've been looking in the table at this wiki page and on the outputs of this opcode there's a bool. Is there another place I can find more trustworty documentation about those ops?

By the way, as I mentioned, I'm new to bitcoin development, and I'm confused about one thing. This is a non-standard transaction, right? If I broadcast it to the network, chances are the money will be unspeadable because nodes don't want to run those kind of transactions? Also, weex, is the purposes you need that to broadcast to the bitcoin network or...?
amaclin
legendary
Activity: 1260
Merit: 1019
Re: Building a 2-of-(1+(1-of-2)) multisig transaction [i.e A + (B or C)]
November 10, 2015, 04:07:18 PM
#14
Quote from: thelink2012 on November 10, 2015, 02:57:27 PM
after the OP_CHECKSIGVERIFY as that pushes true to the stack

Quote from: weex on November 10, 2015, 03:57:11 PM
Thanks Amaclin, sorry but that ship has sailed. Do you have any comment on the OP_DROP question?

OP_CHECKSIGVERIFY does not push true to the stack
weex
legendary
Activity: 1102
Merit: 1014
Re: Building a 2-of-(1+(1-of-2)) multisig transaction [i.e A + (B or C)]
November 10, 2015, 03:57:11 PM
#13
Quote from: amaclin on November 10, 2015, 03:54:43 PM
Quote from: weex on October 30, 2015, 10:15:29 AM
BTW, I created a bounty for this at bountify.co if you want to claim it.
I can do it by standalone C++/Qt program. Just to prove the concept.
Sorry, my knowledge in javascript/web is too poor to write financial applications.
Thanks Amaclin, sorry but that ship has sailed. Do you have any comment on the OP_DROP question?
amaclin
legendary
Activity: 1260
Merit: 1019
Re: Building a 2-of-(1+(1-of-2)) multisig transaction [i.e A + (B or C)]
November 10, 2015, 03:54:43 PM
#12
Quote from: weex on October 30, 2015, 10:15:29 AM
BTW, I created a bounty for this at bountify.co if you want to claim it.
I can do it by standalone C++/Qt program. Just to prove the concept.
Sorry, my knowledge in javascript/web is too poor to write financial applications.
weex
legendary
Activity: 1102
Merit: 1014
Re: Building a 2-of-(1+(1-of-2)) multisig transaction [i.e A + (B or C)]
November 10, 2015, 03:37:53 PM
#11
Tried to get an answer from IRC but no luck. Will ask again later.
thelink2012
newbie
Activity: 6
Merit: 0
Re: Building a 2-of-(1+(1-of-2)) multisig transaction [i.e A + (B or C)]
November 10, 2015, 02:57:27 PM
#10
Quote from: amaclin on October 30, 2015, 06:27:41 AM
Quote from: weex on October 29, 2015, 07:04:26 PM
The redeem script is valid if signed by A and (B or C).

1. take 3 pubkeys

2. create a redeem script
Code:
OP_CHECKSIGVERIFY OP_1 OP_2 OP_CHECKMULTISIG

3. hash it and receive p2sh address 3xxxxx

4. fund this address

5. create raw transaction spending this address

6. sign it with ( and ) or ( and )

7. create scriptSig for your raw transaction
Code:
OP_0

8. voila!
isn't there the need, at the redeem script, to put a OP_DROP after the OP_CHECKSIGVERIFY as that pushes true to the stack, which will be confused with the signature for OP_CHECKMULTISIG?
weex
legendary
Activity: 1102
Merit: 1014
Re: Building a 2-of-(1+(1-of-2)) multisig transaction [i.e A + (B or C)]
October 31, 2015, 01:01:00 PM
#9
Btw, the reason why I asked is to be used in a decentralized market protocol with more info at https://bitcointalksearch.org/topic/ann-rein-decentralized-freelance-market-1232915
weex
legendary
Activity: 1102
Merit: 1014
Re: Building a 2-of-(1+(1-of-2)) multisig transaction [i.e A + (B or C)]
October 30, 2015, 10:15:29 AM
#8
Awesome. To clarify,  the equivalent of creating this address is just up to step 3. Then funding and spending can be done later by anyone who has the address and redeem script (plus keys) respectively. That's a lot simpler than I thought it would be. BTW, I created a bounty for this at bountify.co if you want to claim it.
amaclin
legendary
Activity: 1260
Merit: 1019
Re: Building a 2-of-(1+(1-of-2)) multisig transaction [i.e A + (B or C)]
October 30, 2015, 06:27:41 AM
#7
Quote from: weex on October 29, 2015, 07:04:26 PM
The redeem script is valid if signed by A and (B or C).

1. take 3 pubkeys

2. create a redeem script
Code:
OP_CHECKSIGVERIFY OP_1 OP_2 OP_CHECKMULTISIG

3. hash it and receive p2sh address 3xxxxx

4. fund this address

5. create raw transaction spending this address

6. sign it with ( and ) or ( and )

7. create scriptSig for your raw transaction
Code:
OP_0

8. voila!
weex
legendary
Activity: 1102
Merit: 1014
Re: Building a 2-of-(1+(1-of-2)) multisig transaction [i.e A + (B or C)]
October 29, 2015, 11:06:17 PM
#6
Pretty sweet. I'll try it out and report back whatever I can put together.
achow101
staff
Activity: 3458
Merit: 6793
Just writing some code
Re: Building a 2-of-(1+(1-of-2)) multisig transaction [i.e A + (B or C)]
October 29, 2015, 10:38:40 PM
#5
Quote from: weex on October 29, 2015, 10:34:57 PM
I checked with gmaxwell on irc and he said there's no software written that does this easily but if the script is p2sh then it can work. If anyone has any recommendations for p2sh tools, your posting them is greatly appreciated! Grin
This tool, hashmal: https://bitcointalksearch.org/topic/hashmal-transaction-script-ide-alpha-1168604, is quite useful for testing whether scripts work or not.
weex
legendary
Activity: 1102
Merit: 1014
Re: Building a 2-of-(1+(1-of-2)) multisig transaction [i.e A + (B or C)]
October 29, 2015, 10:34:57 PM
#4
I checked with gmaxwell on irc and he said there's no software written that does this easily but if the script is p2sh then it can work. If anyone has any recommendations for p2sh tools, your posting them is greatly appreciated! Grin
weex
legendary
Activity: 1102
Merit: 1014
Re: Building a 2-of-(1+(1-of-2)) multisig transaction [i.e A + (B or C)]
October 29, 2015, 07:12:26 PM
#3
Quote from: achow101 on October 29, 2015, 07:06:17 PM
I do not believe that this is currently possible.

https://twitter.com/jgarzik/status/472574342514368512
achow101
staff
Activity: 3458
Merit: 6793
Just writing some code
Re: Building a 2-of-(1+(1-of-2)) multisig transaction [i.e A + (B or C)]
October 29, 2015, 07:06:17 PM
#2
I do not believe that this is currently possible.
weex
legendary
Activity: 1102
Merit: 1014
Re: Building a 2-of-(1+(1-of-2)) multisig transaction [i.e A + (B or C)]
October 29, 2015, 07:04:26 PM
#1
The standard multisig is 2-of-3 where any two of the three keys can sign a redeem script to make it valid. I would like to build a redeem script that requires one key and either of two other keys. So for keys A, B, and C. The redeem script is valid if signed by A and (B or C). How can I do this? I would prefer if I had a tool like coinb.in that I could use for the process. Any ideas?
Bitcoin Forum>Bitcoin>Bitcoin Technical Support
Jump to: