Pay2SH - Strange transactions? | Bitcointalksearch.org

hhanh00

sr. member

Activity: 467

Merit: 267

Quote from: Nicolas Dorier on October 25, 2014, 05:50:53 AM

Quote from: Buffer Overflow on October 25, 2014, 03:13:22 AM

Quote from: hhanh00 on October 25, 2014, 01:40:46 AM

Someone should do a best of the blockchain. Some whacked scripts are in there. Grin

Try this one:
https://blockchain.info/tx/e411dbebd2f7d64dafeef9b14b5c59ec60c36779d43f850e5e347abee1e1a455

Maybe this one might is an old attempt at DDOS when the number of sig operation were not limited ? (OP_CHECKSIG do not return from the script, so every op is evaluated)

... maybe most likely a bug, I think OP_CHECKSIG consume the stack so the other one should not be able to execute.

Yes, and it leaves a boolean on the stack which will be used as an arg to the next CHECKSIG.
It's not a good DDOS because the script isn't redeemable and doesn't have to be checked at all.

bernard75

legendary

Activity: 1316

Merit: 1003

Quote from: Buffer Overflow on October 25, 2014, 03:13:22 AM

Quote from: hhanh00 on October 25, 2014, 01:40:46 AM

Someone should do a best of the blockchain. Some whacked scripts are in there. Grin

Try this one:
https://blockchain.info/tx/e411dbebd2f7d64dafeef9b14b5c59ec60c36779d43f850e5e347abee1e1a455

Still going strong. Cheesy

Nicolas Dorier

hero member

Activity: 714

Merit: 662

Quote from: Buffer Overflow on October 25, 2014, 03:13:22 AM

Quote from: hhanh00 on October 25, 2014, 01:40:46 AM

Someone should do a best of the blockchain. Some whacked scripts are in there. Grin

Try this one:
https://blockchain.info/tx/e411dbebd2f7d64dafeef9b14b5c59ec60c36779d43f850e5e347abee1e1a455

Maybe this one might is an old attempt at DDOS when the number of sig operation were not limited ? (OP_CHECKSIG do not return from the script, so every op is evaluated)

... maybe most likely a bug, I think OP_CHECKSIG consume the stack so the other one should not be able to execute.

Buffer Overflow

legendary

Activity: 1652

Merit: 1016

Quote from: hhanh00 on October 25, 2014, 01:40:46 AM

Someone should do a best of the blockchain. Some whacked scripts are in there. Grin

Try this one:
https://blockchain.info/tx/e411dbebd2f7d64dafeef9b14b5c59ec60c36779d43f850e5e347abee1e1a455

hhanh00

sr. member

Activity: 467

Merit: 267

Someone should do a best of the blockchain. Some whacked scripts are in there. Grin

amaclin

legendary

Activity: 1260

Merit: 1019

Quote

UPDATE 2 : My fault, there is 2 valid public key but one invalid one. Which means the spender stuffed data in the redeem.

Update 3: there is one public key used twice

Quote

2 3045022015bd0139bcccf990a6af6ec5c1c52ed8222e03a0d51c334df139968525d2fcd20221009 f9efe325476eb64c3958e4713e9eefe49bf1d820ed58d2112721b134e2a1a5303
0378d430274f8c5ec1321338151e9f27f4c676a008bdf8638d07c0b6be9ab35c71 0378d430274f8c5ec1321338151e9f27f4c676a008bdf8638d07c0b6be9ab35c71 3 OP_CHECKMULTISIG

Nicolas Dorier

hero member

Activity: 714

Merit: 662

The 2nd input of https://blockchain.info/tx/5df1375ffe61ac35ca178ebb0cab9ea26dedbd0e96005dfcee7e379fa513232f is

Quote

0 3045022015bd0139bcccf990a6af6ec5c1c52ed8222e03a0d51c334df139968525d2fcd20221009 f9efe325476eb64c3958e4713e9eefe49bf1d820ed58d2112721b134e2a1a5303 30460221008431bdfa72bc67f9d41fe72e94c88fb8f359ffa30b33c72c121c5a877d922e1002210 089ef5fc22dd8bfc6bf9ffdb01a9862d2

With redeem script being

Quote

2 3045022015bd0139bcccf990a6af6ec5c1c52ed8222e03a0d51c334df139968525d2fcd20221009 f9efe325476eb64c3958e4713e9eefe49bf1d820ed58d2112721b134e2a1a5303 0378d430274f8c5ec1321338151e9f27f4c676a008bdf8638d07c0b6be9ab35c71 0378d430274f8c5ec1321338151e9f27f4c676a008bdf8638d07c0b6be9ab35c71 3 OP_CHECKMULTISIG} NBitcoin.Script

In other words, a p2sh multi sig. Blockchain is bugged.

C# code with NBitcoin :

Quote

var tx = new BlockrTransactionRepository().Get(new uint256("5df1375ffe61ac35ca178ebb0cab9ea26dedbd0e96005dfcee7e379fa513232f"));

Console.WriteLine(tx.Inputs[1].ScriptSig);
var redeemScript = new PayToScriptHashTemplate()
{
VerifyRedeemScript = false
}.ExtractScriptSigParameters(tx.Inputs[1].ScriptSig).RedeemScript;
Console.WriteLine(redeemScript);

The funny thing is that the redeemScript is not correct. It is a 2 - 3 except that there is only one correctly formed public key. This make it non redeemable.

UPDATE : It was indeed spent. Investigating this miracle.
UPDATE 2 : My fault, there is 2 valid public key but one invalid one. Which means the spender stuffed data in the redeem.

hhanh00

sr. member

Activity: 467

Merit: 267

Thanks, turned out my mistake was somewhere else.

Regarding the last script,

Code:

OP_FALSE 3045022015bd0139bcccf990a6af6ec5c1c52ed8222e03a0d51c334df139968525d2fcd20221009f9efe325476eb64c3958e4713e9eefe49bf1d820ed58d2112721b134e2a1a5303 
30460221008431bdfa72bc67f9d41fe72e94c88fb8f359ffa30b33c72c121c5a877d922e1002210089ef5fc22dd8bfc6bf9ffdb01a9862d27687d424d1fefbab9e9c7176844a187a01 
52483045022015bd0139bcccf990a6af6ec5c1c52ed8222e03a0d51c334df139968525d2fcd20221009f9efe325476eb64c3958e4713e9eefe49bf1d820ed58d2112721b134e2a1a5303210378d430274f8c5ec1321338151e9f27f4c676a008bdf8638d07c0b6be9ab35c71210378d430274f8c5ec1321338151e9f27f4c676a008bdf8638d07c0b6be9ab35c7153ae

The first signature is in the redeem script and has to be removed before it is inserted into the transaction to sign. I was missing this part since for a standard tx, the signature is in the input script.

luv2drnkbr

hero member

Activity: 793

Merit: 1026

Whoops. I scrolled past that, looking at op codes. Thanks for the explanation!

amaclin

legendary

Activity: 1260

Merit: 1019

Quote from: luv2drnkbr on October 21, 2014, 09:29:20 AM

How is that determined? Is there a data format not listed on the wiki about scripts?

Everything in wiki. Have you read it?

https://en.bitcoin.it/wiki/Script

Quote

The stacks hold byte vectors. When used as numbers, byte vectors are interpreted as little-endian variable-length integers with the most significant bit determining the sign of the integer. Thus 0x81 represents -1. 0x80 is another representation of zero (so called negative 0). Positive 0 is represented by a null-length vector. Byte vectors are interpreted as Booleans where False is represented by any representation of zero, and True is represented by any representation of non-zero.

luv2drnkbr

hero member

Activity: 793

Merit: 1026

How is that determined? Is there a data format not listed on the wiki about scripts?

amaclin

legendary

Activity: 1260

Merit: 1019

Quote from: luv2drnkbr on October 21, 2014, 09:20:49 AM

Can somebody explain how 0x81 translates to -1? I get the 0x01 code to push the 0x81 byte, but I don't understand why it's a -1.

The highest bit is sign.
0x81 = 0x80 + 0x01

BTW: 0x80 itself is "negative zero"

luv2drnkbr

hero member

Activity: 793

Merit: 1026

Can somebody explain how 0x81 translates to -1? I get the 0x01 code to push the 0x81 byte, but I don't understand why it's a -1.

amaclin

legendary

Activity: 1260

Merit: 1019

Quote from: Buffer Overflow on October 21, 2014, 09:18:39 AM

I guess the miner had isStandard() flag disabled in their config for these transactions to be in the blockchain if they are nonstandard.

First transaction mined by Eligius. This pool has its own IsStandard ( )

Buffer Overflow

legendary

Activity: 1652

Merit: 1016

I guess the miner had isStandard() flag disabled in their config for these transactions to be in the blockchain if they are nonstandard.

amaclin

legendary

Activity: 1260

Merit: 1019

Quote

Another one, harder for me to understand
https://blockchain.info/tx/5df1375ffe61ac35ca178ebb0cab9ea26dedbd0e96005dfcee7e379fa513232f

Of all the P2SH cases in the blockchain, my tool only rejects this one. It looks like a standard 2 of 3 multisig. The 2nd signature is a SIGHASH_SINGLE but the first one is a regular SIGHASH_ALL. Yet, none of the provided public keys seems to match the first one either.
There must be something wrong with my tool but I don't see where.

My advise: take bitcoin-qt sources (local copy just for test this tx) and pass this transaction to the validation method under debugging.

amaclin

legendary

Activity: 1260

Merit: 1019

Quote

OP_RIGHT s a disabled op code. Shouldn't the script fail?

Definitely must fail.
This is a bug on blockchain.info site
In fact the script is

Code:

51            // PUSH 1
0181         // PUSH -1
08 6e879169907c9087 // PUSH p2sh inner script

There are no disabled opcodes in this script

hhanh00

sr. member

Activity: 467

Merit: 267

Cool but how can they be valid? They have disabled op codes.

CIYAM

legendary

Activity: 1890

Merit: 1086

Ian Knowles - CIYAM Lead Developer

Quote from: hhanh00 on October 21, 2014, 08:48:54 AM

Are they allowed to include invalid transactions?

If they are invalid then other nodes would reject them - so I don't think that they could be *invalid*.

hhanh00

sr. member

Activity: 467

Merit: 267

Are they allowed to include invalid transactions?

Topic: Pay2SH - Strange transactions? (Read 2289 times)