Author

Topic: Signature explorer (Read 161 times)

legendary
Activity: 2534
Merit: 6080
Self-proclaimed Genius
September 24, 2024, 10:44:45 PM
#7
I don't want to get only (r,s) pair, because it is trivial. I want to get data, behind a given z-value.
-snip-
And it is not just a transaction hash. Instead, it is that thing:
Yeah, I'm aware that it's not the transaction's hash; in fact, I demonstrated how to do it here: https://bitcointalksearch.org/topic/m.63427494
I thought you only need the signature which is what you've asked in the OP.

Anyways, AFAIK, 2coins.org's online rsz tool that can do exactly that but it's exclusive to legacy transactions.
Paste an existing TXID and it'll automatically fetch the transaction from various blockchain API then compute the message hash.
But I'm not aware of any that will work on SegWit and TapRoot transactions, the mentioned website has contact info, perhaps they accept feature requests.
legendary
Activity: 3472
Merit: 10611
September 24, 2024, 10:24:49 PM
#6
They don't have to "store" it, just "compute" and "show to the user". And if this is computationally expensive, then maybe it can be done on a client side, instead of server side?
It is just a bunch of SHA256 hashes, so it is not really expensive in 99% of the cases. That 1% may be those weird transactions that are big and/or are abusing certain things like FindAndDelete.
newbie
Activity: 10
Merit: 37
September 24, 2024, 09:11:13 AM
#5
Quote
Blockstream's explorer can already show the signature of each input
I don't want to get only (r,s) pair, because it is trivial. I want to get data, behind a given z-value.

For example, you can see this transaction:
Code:
01000000000102fff7f7881a8099afa6940d42d1e7f6362bec38171ea3edf433541db4e4ad969f0000000000eeffffffef51e1b804cc89d182d279655c3aa89e815b1b309fe287d9b2b55d57b90ec68a0100000000ffffffff02202cb206000000001976a9148280b37df378db99f66f85c95a783a76ac7a6d5988ac9093510d000000001976a9143bde42dbee7e4dbe6a21b2d50ce2f0167faa815988ac000147304402203609e17b84f6a7d30c80bfa610b5b4542f32a8a0d5447a12fb1366d7f01cc44a0220573a954c4518331561406f90300e8f3358f51928d43c212a8caed02de67eebee0111000000
And then, you can easily notice this signature:
Code:
47304402203609e17b84f6a7d30c80bfa610b5b4542f32a8a0d5447a12fb1366d7f01cc44a0220573a954c4518331561406f90300e8f3358f51928d43c212a8caed02de67eebee01
Then, extracting (r,s) pair is trivial, and anyone can do that easily:
Code:
r=3609e17b84f6a7d30c80bfa610b5b4542f32a8a0d5447a12fb1366d7f01cc44a
s=573a954c4518331561406f90300e8f3358f51928d43c212a8caed02de67eebee
However, to fully verify things, you also need z-value. And it is not just a transaction hash. Instead, it is that thing:
Code:
0100000096b827c8483d4e9b96712b6713a7b68d6e8003a781feba36c31143470b4efd3752b0a642eea2fb7ae638c36f6252b6750293dbe574a806984b8e4d8548339a3bef51e1b804cc89d182d279655c3aa89e815b1b309fe287d9b2b55d57b90ec68a010000001976a9141d0f172a0ecb48aee1be1f2687d2963ae33f71a188ac0046c32300000000ffffffff863ef3e1a92afbfdb97f31ad0fc7683ee943e9abcf2501590ff8f6551f47e5e51100000001000000
And then, you can complete the proof:
Code:
z=c37af31116d1b27caf68aae9e3ac82f1477929014d5b917657d0eb49478cb670
r=3609e17b84f6a7d30c80bfa610b5b4542f32a8a0d5447a12fb1366d7f01cc44a
s=573a954c4518331561406f90300e8f3358f51928d43c212a8caed02de67eebee
Q=025476c2e83188368da1ff3e292e7acafcdb3566bb0ad253f62fc70f07aeee6357
n=fffffffffffffffffffffffffffffffebaaedce6af48a03bbfd25e8cd0364141
1/s=18c3acadca5e7b9fc3cd6b221f30e66fa26c07450aeafe2327f6c51fd7a75147
z/s=df8e03f52bb441d2e9ed959efabceaebbc9211918c5e5420b8164577f9c603eb
r/s=93978dc15dbb351e107f083839792787230beb342db2a8bea4fd3fa18990c6a7
(z/s)G=024D008960C8AAFA40869FDACF9088FC96F68E6AC6DBC26ADAB611145C7BB2C12A
(r/s)Q=03E830824028F11FC59B3D4C1A7A135D1DFB3FD3CA7E7563D896889B46A77DCF13
R=(z/s)G+(r/s)Q
R=023609E17B84F6A7D30C80BFA610B5B4542F32A8A0D5447A12FB1366D7F01CC44A
R.x=3609e17b84f6a7d30c80bfa610b5b4542f32a8a0d5447a12fb1366d7f01cc44a
But: getting this z-value is far from trivial. And it is different, if you have different address types. It is not just a hash of the transaction, it is much more complex. For example: https://github.com/bitcoin/bips/blob/master/bip-0143.mediawiki

So, is there any tool, which would work in that way?
Code:
decodesignatures 01000000000102fff7f7881a8099afa6940d42d1e7f6362bec38171ea3edf433541db4e4ad969f0000000000eeffffffef51e1b804cc89d182d279655c3aa89e815b1b309fe287d9b2b55d57b90ec68a0100000000ffffffff02202cb206000000001976a9148280b37df378db99f66f85c95a783a76ac7a6d5988ac9093510d000000001976a9143bde42dbee7e4dbe6a21b2d50ce2f0167faa815988ac000147304402203609e17b84f6a7d30c80bfa610b5b4542f32a8a0d5447a12fb1366d7f01cc44a0220573a954c4518331561406f90300e8f3358f51928d43c212a8caed02de67eebee0111000000
{
  "signatures": [
    {
      "hex": "47304402203609e17b84f6a7d30c80bfa610b5b4542f32a8a0d5447a12fb1366d7f01cc44a0220573a954c4518331561406f90300e8f3358f51928d43c212a8caed02de67eebee01",
      "r": "3609e17b84f6a7d30c80bfa610b5b4542f32a8a0d5447a12fb1366d7f01cc44a",
      "s": "573a954c4518331561406f90300e8f3358f51928d43c212a8caed02de67eebee",
      "sighash": "01",
      "data": "0100000096b827c8483d4e9b96712b6713a7b68d6e8003a781feba36c31143470b4efd3752b0a642eea2fb7ae638c36f6252b6750293dbe574a806984b8e4d8548339a3bef51e1b804cc89d182d279655c3aa89e815b1b309fe287d9b2b55d57b90ec68a010000001976a9141d0f172a0ecb48aee1be1f2687d2963ae33f71a188ac0046c32300000000ffffffff863ef3e1a92afbfdb97f31ad0fc7683ee943e9abcf2501590ff8f6551f47e5e51100000001000000",
      "z": "c37af31116d1b27caf68aae9e3ac82f1477929014d5b917657d0eb49478cb670",
      "version": 1,
      "prevouts": [
        "hex": "96b827c8483d4e9b96712b6713a7b68d6e8003a781feba36c31143470b4efd37",
        "data": "fff7f7881a8099afa6940d42d1e7f6362bec38171ea3edf433541db4e4ad969f00000000ef51e1b804cc89d182d279655c3aa89e815b1b309fe287d9b2b55d57b90ec68a01000000",
        "vin": [
          {
            "txid": "fff7f7881a8099afa6940d42d1e7f6362bec38171ea3edf433541db4e4ad969f",
            "vout": 0
          },
          {
            "txid": "ef51e1b804cc89d182d279655c3aa89e815b1b309fe287d9b2b55d57b90ec68a",
            "vout": 1
          }
        ]
      ],
      "sequence": [
        "hex": "52b0a642eea2fb7ae638c36f6252b6750293dbe574a806984b8e4d8548339a3b",
        "data": "eeffffffffffffff",
        "sequences": [
          4294967278,
          4294967295
        ]
      ]     
      "vin": [
        {
          "txid": "ef51e1b804cc89d182d279655c3aa89e815b1b309fe287d9b2b55d57b90ec68a",
          "vout": 1,
          "scriptSig": {
            "hex": "1976a9141d0f172a0ecb48aee1be1f2687d2963ae33f71a188ac"
          },
          "value": 6.00000000,
          "sequence": 4294967295
        }
      ],
      "outputs": "863ef3e1a92afbfdb97f31ad0fc7683ee943e9abcf2501590ff8f6551f47e5e5",
      "locktime": 17,
      "sighash": "01000000"
    }
  ]
}

Quote
the explorer has to store this additional data on top of what they are storing
They don't have to "store" it, just "compute" and "show to the user". And if this is computationally expensive, then maybe it can be done on a client side, instead of server side?
legendary
Activity: 2534
Merit: 6080
Self-proclaimed Genius
September 23, 2024, 11:53:14 PM
#4
However, when I think about it, I guess we could need another kind of explorer: a signature explorer.
Blockstream's explorer can already show the signature of each input when you toggle "Details +" button at the right-hand side of the TXID (below).
It's hidden by default since the information aren't meant for and useless for regular users.

Check if out if it satisfies your use-case.
legendary
Activity: 2352
Merit: 6089
bitcoindata.science
September 23, 2024, 10:59:58 AM
#3
Well, there are many questions about z-values. Extracting them from transactions, and signed messages, can be tedious.
To be clear the z-values aren't part of the transaction so they are not stored in the blockchain to be "extracted". They have to be computed, then the explorer has to store this additional data on top of what they are storing (that is tens of gigabytes of additional data).

I honestly don't see the utility for such a explorer though.

Talking about different explorers, someone was recently Talking about a OP_RETURN explorer, which would allow users to search for particular messages written in the blockchain.  This could be a more interesting idea imo
legendary
Activity: 3472
Merit: 10611
September 23, 2024, 09:00:10 AM
#2
Well, there are many questions about z-values. Extracting them from transactions, and signed messages, can be tedious.
To be clear the z-values aren't part of the transaction so they are not stored in the blockchain to be "extracted". They have to be computed, then the explorer has to store this additional data on top of what they are storing (that is tens of gigabytes of additional data).

I honestly don't see the utility for such a explorer though.
newbie
Activity: 10
Merit: 37
September 22, 2024, 03:49:39 PM
#1
There are many kinds of block explorers: some are just showing regular blockchain data, as they are handled by full nodes. Some are UTXO-based, and focused on pruned ones. However, when I think about it, I guess we could need another kind of explorer: a signature explorer.

Why it would be needed? Well, there are many questions about z-values. Extracting them from transactions, and signed messages, can be tedious. It is much, much easier, to just hack into the client, and dump signatures in that way, than to write a code from scratch, which would handle FindAndDelete, Segwit, Taproot, Bitcoin Message, and who knows what.

Also, actually signed messages are quite similar, to what is really shown by block explorers anyway. For example: instead of scriptSig, there is a previous output script. Another thing is that if you can see, what is actually signed, then you can better understand different sighashes, SIGHASH_SINGLE bug, s-value grinding, and so on.
Jump to: