Author

Topic: Forced valid signature in old transaction (Read 848 times)

legendary
Activity: 1526
Merit: 1134
October 29, 2012, 07:14:04 AM
#2
Yes, we know. You may wish to talk to Matt Corallo or read his "newscripts" branch of bitcoinj. He has discovered many of these things already.
hero member
Activity: 836
Merit: 1030
bits of proof
October 29, 2012, 06:11:08 AM
#1
While revalidating the entire chain using my independent implementation I found that transaction:

70f7c15c6f62139cc41afa858894650344eda9975b46656d893ee59df8914a3d

validates only if the S value of the signature is forced positive, it seems the ASN.1 coding of the signature in the Satoshi client (probably OpenSSL) is not precise.

Here the wire dump of the involved transactions:

spend:
Code:
0100000001289eb02e8ddc1ee3486aadc1cd1335fba22a8e3e87e3f41b7c5bbe7fb4391d81010000008a47304402206b5c3b1c86748dcf328b9f3a65e10085afcf5d1af5b40970d8ce3a9355e06b5b0220cdbdc23e6d3618e47056fccc60c5f73d1a542186705197e5791e97f0e6582a32014104f25ec495fa21ad14d69f45bf277129488cfb1a339aba1fed3c5099bb6d8e9716491a14050fbc0b2fed2963dc1e56264b3adf52a81b953222a2180d48b54d1e18ffffffff0140420f00000000001976a914e6ba8cc407375ce1623ec17b2f1a59f2503afc6788ac00000000

source:
Code:
01000000014213d2fe8f942dd7a72df14e656baab0e8b2b7f59571771ddf170b588379a2b6010000008b483045022037183e3e47b23634eeebe6fd155f0adbde756bf00a6843a1317b6548a03f3cfe0221009f96bec8759837f844478a35e102618918662869188f99d32dffe6ef7f81427e014104a7d3b0dda6d4d0a44b137a65105cdfed890b09ce2d283d5683029f46a00e531bff1deb3ad3862e0648dca953a4250b83610c4f20861555a2f5638bd3d7aff93dffffffff02ddfb1100000000001976a9142256ff6b9b9fea32bfa8e64aed10ee695ffe100988ac40420f00000000001976a914c62301ef02dfeec757fb8dedb8a45eda5fb5ee4d88ac00000000
Jump to: