Quote
Is it possible to do the same for SIGHASH_ALL if we assume that setting any z-value is possible and that we can change our public key to any value?
It depends. If you have to sign your public key (or a hash of that key, or some previous transaction output where you have to know that key) then no. But if you can use any public key, then it is possible. I can imagine some weird script with constant signature and variable public key, something like "OP_OVER 300602010102010101 OP_EQUALVERIFY OP_CHECKSIG", then you can make a transaction, get your z-value and put your matching public key in such script.Also note you can do such things in Bitcoin Message:
Code:
message="Hello World"
address="1psPJZYEJrjPtY6kw5Tqtj4mW2yXSSDuH"
signature="GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE="
Here you have r=1 and s=1 in a signature for some arbitrary message. Of course both k and d are unknown, but it does not matter if you can use any public key. address="1psPJZYEJrjPtY6kw5Tqtj4mW2yXSSDuH"
signature="GwAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAABAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAE="
