Once an output is spent, then everybody on the network knows whatever they need to know to verify that it was correctly spent.
ie. public keys, number of actual signers, number of potential signers, etc -- all of that stuff.
Up until the output is spent, P2SH keeps all that stuff private (because they're looking at the script hash, not the script). But in order to spend it somebody has to produce the script, and everybody has to be able to see it to verify that it matches the hash. And then they have to do whatever the script says, and everybody has to be able to prove that they did it.
Topic: How much information is shared with a multisig transaction/address? (Read 973 times)
March 18, 2014, 10:34:08 AM
For both a transaction entering, and, leaving a multisig address, along with the address itself, what information do people who are **NOT** part of the address themselves see (I.E. Someone random on the network, such as a miner, or simply a full-node)?
Do they know the public key/hashed public key (I.E. address) of the participating clients?
Do they know how many clients there are (N in M-of-N)?
Do they know how many clients are needed to sign a key (M in M-of-N)?
And, another question:-
If I know two pub keys (I.E. pubA & pubB), can I determine if an address/transaction on the network includes those two pub keys in a 2-of-3? And how resource wasteful would that be (Checking to see if an address/transaction included my two pub keys)? So, imagine I was part of a service, I gave them my two pubkeys, and, they randomly generated their pubkey (from one of their private keys), then send $amount BTC to the address they generated without telling me the third key, would I be able to determine what address they sent to and be able to cash out my money? Or am I clueless without that third key (And thus even though I should be able to cash out the money (Due to me owning enough privatekeys), I can't because I don't know the TXID)?
Sorry, slightly confused about multisig.
Note:- Please give each answer a three-part answer, for both:-
1. Address on its own (I.E. address that has never had a transaction in/out)
2. Address with a singular TXIN
3. Address with a singular TXIN and singular TXOUT
EDIT:- Also, small little question at the end, is there anything random about a multisig address generation? I.E. if I had the three pubkeys and ran createmultisig ten times, would I always get the same address, assuming I used the same pubkeys & M-of-N?
Do they know the public key/hashed public key (I.E. address) of the participating clients?
Do they know how many clients there are (N in M-of-N)?
Do they know how many clients are needed to sign a key (M in M-of-N)?
And, another question:-
If I know two pub keys (I.E. pubA & pubB), can I determine if an address/transaction on the network includes those two pub keys in a 2-of-3? And how resource wasteful would that be (Checking to see if an address/transaction included my two pub keys)? So, imagine I was part of a service, I gave them my two pubkeys, and, they randomly generated their pubkey (from one of their private keys), then send $amount BTC to the address they generated without telling me the third key, would I be able to determine what address they sent to and be able to cash out my money? Or am I clueless without that third key (And thus even though I should be able to cash out the money (Due to me owning enough privatekeys), I can't because I don't know the TXID)?
Sorry, slightly confused about multisig.
Note:- Please give each answer a three-part answer, for both:-
1. Address on its own (I.E. address that has never had a transaction in/out)
2. Address with a singular TXIN
3. Address with a singular TXIN and singular TXOUT
EDIT:- Also, small little question at the end, is there anything random about a multisig address generation? I.E. if I had the three pubkeys and ran createmultisig ten times, would I always get the same address, assuming I used the same pubkeys & M-of-N?
There are 2 types of multisig: "traditional" one, with all public keys shown in the scriptPubKey; and P2SH
With the traditional one, all public keys, and the redemption rules, are known to everyone at any time
With P2SH, only the payee would know the public keys and the redemption rules, until it is spent
March 18, 2014, 10:25:17 AM
Quote
what information do people who are **NOT** part of the address themselves see
As long as you don't spend anything from a certain multisig address, everything stays secret from the third parties.
As soon as you have spent anything from such an address, everybody gets to know:
1) How many signatures were needed (N) for how many keys (M)
2) Each of the M public keys
March 18, 2014, 08:16:18 AM
For both a transaction entering, and, leaving a multisig address, along with the address itself, what information do people who are **NOT** part of the address themselves see (I.E. Someone random on the network, such as a miner, or simply a full-node)?
Do they know the public key/hashed public key (I.E. address) of the participating clients?
Do they know how many clients there are (N in M-of-N)?
Do they know how many clients are needed to sign a key (M in M-of-N)?
And, another question:-
If I know two pub keys (I.E. pubA & pubB), can I determine if an address/transaction on the network includes those two pub keys in a 2-of-3? And how resource wasteful would that be (Checking to see if an address/transaction included my two pub keys)? So, imagine I was part of a service, I gave them my two pubkeys, and, they randomly generated their pubkey (from one of their private keys), then send $amount BTC to the address they generated without telling me the third key, would I be able to determine what address they sent to and be able to cash out my money? Or am I clueless without that third key (And thus even though I should be able to cash out the money (Due to me owning enough privatekeys), I can't because I don't know the TXID)?
Sorry, slightly confused about multisig.
Note:- Please give each answer a three-part answer, for both:-
1. Address on its own (I.E. address that has never had a transaction in/out)
2. Address with a singular TXIN
3. Address with a singular TXIN and singular TXOUT
EDIT:- Also, small little question at the end, is there anything random about a multisig address generation? I.E. if I had the three pubkeys and ran createmultisig ten times, would I always get the same address, assuming I used the same pubkeys & M-of-N?
Do they know the public key/hashed public key (I.E. address) of the participating clients?
Do they know how many clients there are (N in M-of-N)?
Do they know how many clients are needed to sign a key (M in M-of-N)?
And, another question:-
If I know two pub keys (I.E. pubA & pubB), can I determine if an address/transaction on the network includes those two pub keys in a 2-of-3? And how resource wasteful would that be (Checking to see if an address/transaction included my two pub keys)? So, imagine I was part of a service, I gave them my two pubkeys, and, they randomly generated their pubkey (from one of their private keys), then send $amount BTC to the address they generated without telling me the third key, would I be able to determine what address they sent to and be able to cash out my money? Or am I clueless without that third key (And thus even though I should be able to cash out the money (Due to me owning enough privatekeys), I can't because I don't know the TXID)?
Sorry, slightly confused about multisig.
Note:- Please give each answer a three-part answer, for both:-
1. Address on its own (I.E. address that has never had a transaction in/out)
2. Address with a singular TXIN
3. Address with a singular TXIN and singular TXOUT
EDIT:- Also, small little question at the end, is there anything random about a multisig address generation? I.E. if I had the three pubkeys and ran createmultisig ten times, would I always get the same address, assuming I used the same pubkeys & M-of-N?
Jump to: