Pages:
Author

Topic: [coinb.in] Open Source, Multi Signature, HD Wallet, SegWit/Bech32 and more! - page 17. (Read 74845 times)

sr. member
Activity: 469
Merit: 253
Peter,
Is there any prospect in the future for these limits to be increased? It seems to me there are quite a lot of applications for larger than 15.
Or if that just leads to unacceptably big transactions even with appropriate fees, is there some way that I haven't quite thought of to combine multisig keys to get bigger consensus mechanisms? Or is it possible to use some kind of Shamir's secret sharing idea? (I only know the idea vaguely, not sure how it would work in practice).

Btw, nice work on the site guys.

I'm at the Financial Crypto conference right now and actually just talked to a guy who claims to know of a researcher who has come up with a n-of-m threshold signature scheme that is compatible with existing Bitcoin signatures. Hopefully this will pan out - if it does you'll be able to do secure multisig without a single-point-of-failure (as Shamir's secret sharing does) with transactions and addresses that look identical to standard ones and are the same size as standard transactions. I didn't ask if there were any limits on how many keys could be combined, but there probably aren't.

Thanks. I realised after I wrote that that Shamir shares *secrets* not signatures so that's no good (I guess the clue was in the title Smiley ). Could something be hacked together with CoinSwap?
legendary
Activity: 1120
Merit: 1164
Peter,
Is there any prospect in the future for these limits to be increased? It seems to me there are quite a lot of applications for larger than 15.
Or if that just leads to unacceptably big transactions even with appropriate fees, is there some way that I haven't quite thought of to combine multisig keys to get bigger consensus mechanisms? Or is it possible to use some kind of Shamir's secret sharing idea? (I only know the idea vaguely, not sure how it would work in practice).

Btw, nice work on the site guys.

I'm at the Financial Crypto conference right now and actually just talked to a guy who claims to know of a researcher who has come up with a n-of-m threshold signature scheme that is compatible with existing Bitcoin signatures. Hopefully this will pan out - if it does you'll be able to do secure multisig without a single-point-of-failure (as Shamir's secret sharing does) with transactions and addresses that look identical to standard ones and are the same size as standard transactions. I didn't ask if there were any limits on how many keys could be combined, but there probably aren't.
sr. member
Activity: 469
Merit: 253
Quote
Enter the uncompressed public keys of all the participants, to create a multi signature address. Maximum of 20 allowed.

This is incorrect actually. While the underlying CHECKMULTISIG opcode can support up to 20 pubkeys, P2SH has an additional limit of 520 bytes for the scriptPubKey. That gives a size-dependent maximum of 15 compressed pubkeys, and just 7 with the larger uncompressed keys.

Peter,
Is there any prospect in the future for these limits to be increased? It seems to me there are quite a lot of applications for larger than 15.
Or if that just leads to unacceptably big transactions even with appropriate fees, is there some way that I haven't quite thought of to combine multisig keys to get bigger consensus mechanisms? Or is it possible to use some kind of Shamir's secret sharing idea? (I only know the idea vaguely, not sure how it would work in practice).

Btw, nice work on the site guys.
newbie
Activity: 1
Merit: 0
Really great work here OutCast!

I'm working on a project to create a multisig service and need to create keys server-side without exposing them to end users.  My first thought was to refactor your work to run in a node.js server.  Does this seem like a good solution, and if so have you looked into doing anything similar? 

Ultimately I need to be able to create key pairs, validate user public keys, and create/sign multisig addresses.  For signing I am planning to have users partially sign a multisig transaction with their keys and then send that to my server for final signature and broadcasting from the server.  This would likely mean needing to confirm partially signed transactions sent to the server, though I haven't looked into the feasibility of that yet.  Does your code already support partial signing and validation?
legendary
Activity: 1120
Merit: 1164
Perhaps I'm missing something - it seems to work fine for me using 20 uncompressed [dont recall if I've tried having all 20 required signers yet - trying now].  I understand this code somewhat[not enough]; Please elaborate if possible & let me know what lines are P2SH - I thought this was a bit different.  I'm digging through it blindly.

Incidentally, i thought the p2sh git referenced "+22 signatures"
https://github.com/bitcoin/bips/blob/master/bip-0016.mediawiki

That's "signature operations", not signatures. SigOps is just a metric used to restrict the amount of CPU time processing a block takes as an anti-DoS measure - it's got nothing to do with the actual number of signatures.

You'll find you can create that P2SH address with the Bitcoin RPC interface, but you can't actually spend from it succesfully. Kinda misleading really - if you could do up a patch to fix that and make createmultisigaddress raise an error that'd be great.
full member
Activity: 144
Merit: 100
Quote
Enter the uncompressed public keys of all the participants, to create a multi signature address. Maximum of 20 allowed.

This is incorrect actually. While the underlying CHECKMULTISIG opcode can support up to 20 pubkeys, P2SH has an additional limit of 520 bytes for the scriptPubKey. That gives a size-dependent maximum of 15 compressed pubkeys, and just 7 with the larger uncompressed keys.

Perhaps I'm missing something - it seems to work fine for me using 20 uncompressed [dont recall if I've tried having all 20 required signers yet - trying now].  I understand this code somewhat[not enough]; Please elaborate if possible & let me know what lines are P2SH - I thought this was a bit different.  I'm digging through it blindly.

Incidentally, i thought the p2sh git referenced "+22 signatures"
https://github.com/bitcoin/bips/blob/master/bip-0016.mediawiki
legendary
Activity: 1120
Merit: 1164
Quote
Enter the uncompressed public keys of all the participants, to create a multi signature address. Maximum of 20 allowed.

This is incorrect actually. While the underlying CHECKMULTISIG opcode can support up to 20 pubkeys, P2SH has an additional limit of 520 bytes for the scriptPubKey. That gives a size-dependent maximum of 15 compressed pubkeys, and just 7 with the larger uncompressed keys.
full member
Activity: 144
Merit: 100
Does the multisig address function accept mixed compressed and uncompressed pubkeys?
This multisig script does not accept mixed or uncompresed.  [the multisig "function" is not exclusive to this script - you can do multisig txs other ways, but they are not cool]. You can generate new uncompressed keys using this also.  You do not want to sign with a wallet address that's been used or is/was/might ever be holding funds.  You will have to expose your privkey and create unnecessary vulnerabilities to your existing flimsy security efforts.  Better to generate new pubkeys just for controlling your multisig.
full member
Activity: 144
Merit: 100
this is great! keep up the good work.

* I think it would great to explain the process and concepts in more detail on the site. What is a redeem script?

* say I want to implement the following: pay 0.01 BTC to address #A12 if the year in the timestamp of the last block is equal to 2014. what would it take to make this work?

* btw, the link on the site to your profile is broken. I think you want this: https://bitcointalksearch.org/user/outcast3k-34834  

Thanks for the feedback Smiley

You're right, I will defiantly add more information to the site about the process shortly.

A "redeem script" contains 2 pieces of information, the public keys and the minimum number of signatures required to use it as a spendable input. It is also used to generate the multi signature address itself. There should be some information on the bitcoin wiki about this, but I will also add it to the site shortly.

I believe its possible to manipulate the timestamp of the transaction in the way you've requested, although I will need to do a little bit of testing first.

Thanks for pointing out the broken link, I've since fixed it.

What if I lose the redeemScript? is there a way to retrieve it or regenerate it?  If I don't have the RedeemScript, is it still possible to spend the coins given you have the required keys to "unlock" the transaction?

Yes you can regenerate the redeem script.  You cannot lose your multisig address; you can lose some privkeys - as long as you [or your Agents] saved the total number required to sign.  Best to move & back them up securely [pref using thumbdrive & a browser on a computer that has never connected to the internet ever]
sr. member
Activity: 504
Merit: 254
this is great! keep up the good work.

* I think it would great to explain the process and concepts in more detail on the site. What is a redeem script?

* say I want to implement the following: pay 0.01 BTC to address #A12 if the year in the timestamp of the last block is equal to 2014. what would it take to make this work?

* btw, the link on the site to your profile is broken. I think you want this: https://bitcointalksearch.org/user/outcast3k-34834  

Thanks for the feedback Smiley

You're right, I will defiantly add more information to the site about the process shortly.

A "redeem script" contains 2 pieces of information, the public keys and the minimum number of signatures required to use it as a spendable input. It is also used to generate the multi signature address itself. There should be some information on the bitcoin wiki about this, but I will also add it to the site shortly.

I believe its possible to manipulate the timestamp of the transaction in the way you've requested, although I will need to do a little bit of testing first.

Thanks for pointing out the broken link, I've since fixed it.

What if I lose the redeemScript? is there a way to retrieve it or regenerate it?  If I don't have the RedeemScript, is it still possible to spend the coins given you have the required keys to "unlock" the transaction?
member
Activity: 83
Merit: 10
Does the multisig address function accept mixed compressed and uncompressed pubkeys?
hero member
Activity: 714
Merit: 601
OutCast3K, thank you, the code is neat!

I wish you the best, along with a tip Smiley

Good to hear you find the project useful!

Many thanks for the tip Smiley
hero member
Activity: 714
Merit: 601
- snip -

Easiest solution would be that the buyer and seller come to an agreement and email it to you. You verify receipt by replying with a quote.

Multisig is hard enough as it is. I think if you asked people to sign messages with private keys they would just blank out Smiley

I tend to agree, I think I'll just drop a little message explaining they should contact the mediator first.

Thanks for the feedback Smiley
legendary
Activity: 3710
Merit: 1586
How does your mediation service work? Specifically:

- Does your 1% fee apply to every transaction or only those transactions involving disputes?

- bitrated has a field where you can enter a transaction agreement or contract that specifies, among other things, what the modes of payment will be and what proof of payment must be provided in the event of a dispute. There is no such field on coinb.in. So how would you decide what to do in the event of a dispute?

Hey,

As it stands, the 1% fee would only be applied to those transactions involving disputes.

Most users here seem to make an agreement and sign it with their PGP key in the event a dispute arises, a few other users will get in touch first. Saying that, I suppose a possible solution could be to have users create a message/agreement and sign it (in the browser) with their corresponding private key and then that could be used by the mediator if their is a dispute.

Do you have suggestions or preferences yourself? (or anybody else?)

Easiest solution would be that the buyer and seller come to an agreement and email it to you. You verify receipt by replying with a quote.

Multisig is hard enough as it is. I think if you asked people to sign messages with private keys they would just blank out Smiley
hero member
Activity: 714
Merit: 601
How does your mediation service work? Specifically:

- Does your 1% fee apply to every transaction or only those transactions involving disputes?

- bitrated has a field where you can enter a transaction agreement or contract that specifies, among other things, what the modes of payment will be and what proof of payment must be provided in the event of a dispute. There is no such field on coinb.in. So how would you decide what to do in the event of a dispute?

Hey,

As it stands, the 1% fee would only be applied to those transactions involving disputes.

Most users here seem to make an agreement and sign it with their PGP key in the event a dispute arises, a few other users will get in touch first. Saying that, I suppose a possible solution could be to have users create a message/agreement and sign it (in the browser) with their corresponding private key and then that could be used by the mediator if their is a dispute.

Do you have suggestions or preferences yourself? (or anybody else?)
legendary
Activity: 3710
Merit: 1586
How does your mediation service work? Specifically:

- Does your 1% fee apply to every transaction or only those transactions involving disputes?

- bitrated has a field where you can enter a transaction agreement or contract that specifies, among other things, what the modes of payment will be and what proof of payment must be provided in the event of a dispute. There is no such field on coinb.in. So how would you decide what to do in the event of a dispute?
sr. member
Activity: 412
Merit: 287
bitcoinqt and electrum send to them.
Which is ridiculous, p2sh addresses have been out for years.

Bitcoinj recently added support for p2sh, so I'm expecting the android clients will support them soon.
hero member
Activity: 714
Merit: 601
I would be cool if someone could make an easy android app to arrange and start a poker match.
So everyone will be able to play poker everywhere with just their smartphone and empty pockets Smiley

Nice idea... final project could be pretty awesome.

OutCast3k +10000

Great idea, this is going to change the way people view crypto's
Thank you for finding a really neat solution to a safer pay method Grin

No problem, I'm just glad to see others find this useful Smiley
newbie
Activity: 43
Merit: 0
I would be cool if someone could make an easy android app to arrange and start a poker match.
So everyone will be able to play poker everywhere with just their smartphone and empty pockets Smiley

Nice idea... final project could be pretty awesome.

OutCast3k +10000

Great idea, this is going to change the way people view crypto's
Thank you for finding a really neat solution to a safer pay method Grin
em
newbie
Activity: 4
Merit: 0

here is an example of an exchange implementation using Outkast's multisig [thanks again - much fun]
http://isx.io


Very interesting, thanks.
Pages:
Jump to: