It is called: RFC6979 implementation
And it was added in electrum 1.9
https://bitcointalksearch.org/topic/electrum-19-released-324614
Shit I always answer my own questions
Topic: Is the transaction signature random number deterministically generated? (Read 517 times)
April 19, 2016, 12:31:21 AM
Actually i found the answer:
It is called: RFC6979 implementation
And it was added in electrum 1.9
https://bitcointalksearch.org/topic/electrum-19-released-324614
Shit I always answer my own questions
It is called: RFC6979 implementation
And it was added in electrum 1.9
https://bitcointalksearch.org/topic/electrum-19-released-324614
Shit I always answer my own questions
April 19, 2016, 12:21:30 AM
bump, please answer, this is important!
Good question. Have you Googled on this topic? BIP32, k values, etc. ?My understanding is that only one Private - Public key pair is created with BIP32. From these, decendents are created. Therefore, the "k" value occurs only once.
I didnt know there was a BIP in it. So i have to look it up, but i`d prefer if somebody with electrum code knowledge would answer it.
There is a K value created every time a transaction occurs from a wallet. Thats how a transaction chain is formed, and it links your previous spendings from thad address to the new one.
And of course if the RNG is compromized, the K value will leak info about the private key.
So its imperative to have a random, yet deterministic signature for every transaction, to not rely on flawed hardware RNG
Here was a question asked 1 year ago, and back then the wallets havent got it:
http://bitcoin.stackexchange.com/questions/36127/problems-with-deterministic-ecdsa-based-on-rfc6979-in-bitcoin
April 18, 2016, 09:39:32 PM
bump, please answer, this is important!
April 14, 2016, 07:51:39 AM
Is the signed transaction signature that should always be random,is that deterministically generated in electrum?
It is called the "k" value, and when the address is reused, it always generates a new one when a transaction is signed.
If the RNG is compromized, then after many key reuses the private key is compromized too.
Is this k value deterministically generated in electrum wallets?
It is called the "k" value, and when the address is reused, it always generates a new one when a transaction is signed.
If the RNG is compromized, then after many key reuses the private key is compromized too.
Is this k value deterministically generated in electrum wallets?
Jump to: