Bitcoin Forum>Bitcoin>Development & Technical Discussion
Author

Topic: Why cant get RSZ from Bitcoin Transaction? (Read 286 times)

MixMAx123
full member
Activity: 161
Merit: 168
Why cant get RSZ from Bitcoin Transaction?
January 06, 2024, 10:02:15 AM
#14
Quote from: nc50lc on January 06, 2024, 01:19:02 AM
Quote from: MixMAx123 on January 05, 2024, 06:44:18 PM
In the section: P2SH-P2WPKH
Code:
 hashPrevouts:
    dSHA256(db6b1b20aa0fd7b23880be2ecbd4a98130974cf4748fb66092ac4d3ceb1a547701000000)
  = b0287b4a252ac05af83d2dcef00ba313af78a3e9c329afa216eb3aa2a7b4613a
The last 4 bytes "01000000" are not clear to me where they come from.
It's the second option.
It is the 'Transaction ID' and 'Output Index' of the input(s).

You can refer to the other examples which work similarly but used different sighash flag that are different from the prevIndex.

Yes, that's plausible.
Thank you very much, they helped me a lot!
I'd like to send you merit, but I don't have any more.
MixMAx123
full member
Activity: 161
Merit: 168
Re: Why cant get RSZ from Bitcoin Transaction?
January 05, 2024, 06:44:18 PM
#12
I would need some help at one point.
It is about the documentation of: https://github.com/bitcoin/bips/blob/master/bip-0143.mediawiki
In the section: P2SH-P2WPKH
Code:
 hashPrevouts:
    dSHA256(db6b1b20aa0fd7b23880be2ecbd4a98130974cf4748fb66092ac4d3ceb1a547701000000)
  = b0287b4a252ac05af83d2dcef00ba313af78a3e9c329afa216eb3aa2a7b4613a
The last 4 bytes "01000000" are not clear to me where they come from.
There are two possibilities that could be confused.
Option 1: It could be the HashCode. "01000000"
Option 2: It could be the index of the previous transaction. (prevIndex) "01000000".
In both options, it would be "01000000".
Thank you very much
MixMAx123
full member
Activity: 161
Merit: 168
Re: Why cant get RSZ from Bitcoin Transaction?
January 02, 2024, 08:59:33 AM
#10
Quote from: nc50lc on January 02, 2024, 03:01:35 AM
Code:
02000000
a8ea6358b5a2efe25e5b6813b5298c603666c90b3061eea0aed7108588ce6f52
18606b350cd8bf565266bc352f0caddcf01e8fa789dd8a15386327cf8cabe198
e977d313dd88253458ea455fd4a8256453acd7ad193b2c72ae376492ed338e1f01000000
1976a9148e6e804524d16ff27b51fa0b0e65463028ffd4b888ac
77cd300000000000
feffffff
8942f7fbf60d9102e812e3d720d2c0918f68b1dbb3cd7e76366ddf055e051f56
0a6a1800
01000000

Thank you for that too! This is really very useful!
MixMAx123
full member
Activity: 161
Merit: 168
Re: Why cant get RSZ from Bitcoin Transaction?
January 02, 2024, 08:29:00 AM
#9
Quote from: nc50lc on January 02, 2024, 03:01:35 AM
That transaction's Z-value should be:
Code:
67927cd4db3a11cd954cf8903f65f1ddbd0e601cba1a3b74cf1136e53f509592

Very nice! The Sig-Hash is right!
Thank you very much, that helps :-)
I will now take a lot of time to dig through the BIP143!
I try to analyze the calculation alone and implement it in my code.
If I can't do it, I'll ask again here.
Many thanks to everyone who also helped here and posted helpful links :-)

nc50lc
legendary
Activity: 2394
Merit: 5531
Self-proclaimed Genius
Re: Why cant get RSZ from Bitcoin Transaction?
January 06, 2024, 01:19:02 AM
#8
Quote from: MixMAx123 on January 05, 2024, 06:44:18 PM
In the section: P2SH-P2WPKH
Code:
  hashPrevouts:
    dSHA256(db6b1b20aa0fd7b23880be2ecbd4a98130974cf4748fb66092ac4d3ceb1a547701000000)
  = b0287b4a252ac05af83d2dcef00ba313af78a3e9c329afa216eb3aa2a7b4613a
The last 4 bytes "01000000" are not clear to me where they come from.
It's the second option.
It is the 'Transaction ID' and 'Output Index' of the input(s).

You can refer to the other examples which work similarly but used different sighash flag that are different from the prevIndex.
NotATether
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
Re: Why cant get RSZ from Bitcoin Transaction?
January 02, 2024, 09:07:52 AM
#7
Quote from: MixMAx123 on January 02, 2024, 08:29:00 AM
Quote from: nc50lc on January 02, 2024, 03:01:35 AM
That transaction's Z-value should be:
Code:
67927cd4db3a11cd954cf8903f65f1ddbd0e601cba1a3b74cf1136e53f509592

Very nice! The Sig-Hash is right!
Thank you very much, that helps :-)
I will now take a lot of time to dig through the BIP143!
I try to analyze the calculation alone and implement it in my code.
If I can't do it, I'll ask again here.
Many thanks to everyone who also helped here and posted helpful links :-)



Keep in mind that in the BIP143, the first two elements related to hashprevout and hashsequence are a concatenation of all the prevouts and sequences in the transaction inputs (from first to last) respectively.

And everywhere that says "sha256 hash" for an element, they mean you need to do a double sha256 hash on it, as well as a another double hash on the whole byte sequence once you've assembled it.
NotATether
legendary
Activity: 1568
Merit: 6660
bitcoincleanup.com / bitmixlist.org
Re: Why cant get RSZ from Bitcoin Transaction?
January 02, 2024, 06:30:52 AM
#6
You can already get the R and S values of any non-taproot transaction directly from the bytes.

To get the z values, just follow the BIP143 format posted by nc50lc or you can read it at https://medium.com/coinmonks/creating-and-signing-a-segwit-transaction-from-scratch-ec98577b526a ,

Or for legacy (non-segwit signalling) transactions, follow the format here: https://medium.com/@ottosch/manually-creating-and-signing-a-bitcoin-transaction-87fbbfe46032

I am following the process of signing raw transactions, but there are a few values which you cannot get directly from the transaction itself and you'll need to get by looking at previous transactions, such as the scriptpubkey of the previous outpoint and its value in sats.
whanau
member
Activity: 113
Merit: 28
Re: Why cant get RSZ from Bitcoin Transaction?
January 02, 2024, 03:55:59 AM
#5
Quote from: nc50lc on January 02, 2024, 03:01:35 AM
Quote from: ?? on ??
For example this one?

TestNet TxId:  ac919ea7cd1564fe0826851076041d58185b2ca04f2305f22dd60b63ac476913
According to BIP143: https://github.com/bitcoin/bips/blob/master/bip-0143.mediawiki#p2sh-p2wpkh
That transaction's Z-value should be:
Code:
67927cd4db3a11cd954cf8903f65f1ddbd0e601cba1a3b74cf1136e53f509592
SHA2562x of (remove breakspaces):
Code:
02000000
a8ea6358b5a2efe25e5b6813b5298c603666c90b3061eea0aed7108588ce6f52
18606b350cd8bf565266bc352f0caddcf01e8fa789dd8a15386327cf8cabe198
e977d313dd88253458ea455fd4a8256453acd7ad193b2c72ae376492ed338e1f01000000
1976a9148e6e804524d16ff27b51fa0b0e65463028ffd4b888ac
77cd300000000000
feffffff
8942f7fbf60d9102e812e3d720d2c0918f68b1dbb3cd7e76366ddf055e051f56
0a6a1800
01000000

But since we can't find a tool that supports SegWit, I can't cross-check if it's correct, so please CMIIAW.


I 'plugged in' the message to the usual signature check algorithm and it r's matched so the z-value quoted by nc50lc is correct.
I will go away and learn the BIP page. Thanks

Code:
Msg: 02000000a8ea6358b5a2efe25e5b6813b5298c603666c90b3061eea0aed7108588ce6f5218606b350cd8bf565266bc352f0caddcf01e8fa789dd8a15386327cf8cabe198e977d313dd88253458ea455fd4a8256453acd7ad193b2c72ae376492ed338e1f010000001976a9148e6e804524d16ff27b51fa0b0e65463028ffd4b888ac77cd300000000000feffffff8942f7fbf60d9102e812e3d720d2c0918f68b1dbb3cd7e76366ddf055e051f560a6a180001000000 


Public key  = b17450a1cabad6f734df66e4ea6a85882c8a14ce350733a20f83f2f10448803e 17a6393dfd1e448bc2d810100e0a4cef8966f92cd866ef7a4e759998a3bf6d2a 

r           = 0d8e8eaa6ecaa92eae1208b04fd6306f02bc66078fab46c9a60bfbf94a49ee18
s           = 770a265fe229918c0d67b0bc73dc4408248939d2b261f2b6ea4b7c9c5bcd123c
z           = 67927cd4db3a11cd954cf8903f65f1ddbd0e601cba1a3b74cf1136e53f509592

Result r    = d8e8eaa6ecaa92eae1208b04fd6306f02bc66078fab46c9a60bfbf94a49ee18
Signature matches!


nc50lc
legendary
Activity: 2394
Merit: 5531
Self-proclaimed Genius
Re: Why cant get RSZ from Bitcoin Transaction?
January 02, 2024, 03:01:35 AM
#4
Quote from: ?? on ??
For example this one?

TestNet TxId:  ac919ea7cd1564fe0826851076041d58185b2ca04f2305f22dd60b63ac476913
According to BIP143: https://github.com/bitcoin/bips/blob/master/bip-0143.mediawiki#p2sh-p2wpkh
That transaction's Z-value should be:
Code:
67927cd4db3a11cd954cf8903f65f1ddbd0e601cba1a3b74cf1136e53f509592
SHA2562x of (remove breakspaces):
Code:
02000000
a8ea6358b5a2efe25e5b6813b5298c603666c90b3061eea0aed7108588ce6f52
18606b350cd8bf565266bc352f0caddcf01e8fa789dd8a15386327cf8cabe198
e977d313dd88253458ea455fd4a8256453acd7ad193b2c72ae376492ed338e1f01000000
1976a9148e6e804524d16ff27b51fa0b0e65463028ffd4b888ac
77cd300000000000
feffffff
8942f7fbf60d9102e812e3d720d2c0918f68b1dbb3cd7e76366ddf055e051f56
0a6a1800
01000000

But since we can't find a tool that supports SegWit, I can't cross-check if it's correct, so please CMIIAW.
nc50lc
legendary
Activity: 2394
Merit: 5531
Self-proclaimed Genius
Re: Why cant get RSZ from Bitcoin Transaction?
January 01, 2024, 03:41:16 AM
#3
Quote from: ?? on ??
Is it correct that the Z-value is the signature hash?
It's quite complicated to manually compute specially in transactions with multiple inputs.
It's the data that was signed, basically the Hash256 (SHA256 2x) of the output of "Step9" in this diagram: https://en.bitcoin.it/w/images/en/7/70/Bitcoin_OpCheckSig_InDetail.png

For the sake of simplicity, here's a 1input-1output p2pkh testnet transaction I used for testing: 4d1b9b5999d63fa77983efc663bef4cc76bf13820771a6b3ab436a93fd33dc4e
RAW (use that tool to get r, S, Z):
Code:
01000000011605ebaaf9f879b432d0331d287201e1f132f939fb35498a737a54caeb4906e9010000006a473044022024f3353d2412ed4721eddc3efcc632d934772c3683e8a5f80505f1bee67c0689022068e66bfc569924d571be6acb1094127a882a0e3c98789ea578378e03d1f799c5012102f617c1916a4538d08c0abf6c57c3504396f53a61cc4aeca5c8e6a73a16709566fdffffff0104100000000000001976a9146f7176518dc6d4f9f574f3cb76bf8f06f21f6cff88ac00000000
Result of Step 9:
Code:
01000000011605ebaaf9f879b432d0331d287201e1f132f939fb35498a737a54caeb4906e9010000001976a91443fc0f21f73898be3afa09ef7189796d3b37c9e288acfdffffff0104100000000000001976a9146f7176518dc6d4f9f574f3cb76bf8f06f21f6cff88ac0000000001000000
HASH256 of the above = Z-value:
Code:
d5a1e5dd5159ef3a73b7f8246895b9f5afe5f29e363b325fb6f41036aab5a209
nc50lc
legendary
Activity: 2394
Merit: 5531
Self-proclaimed Genius
Re: Why cant get RSZ from Bitcoin Transaction?
December 31, 2023, 07:15:07 AM
#2
Quote from: bane77 on December 31, 2023, 05:03:34 AM
I m guessing something is missing in the transaction Huh
The transaction in question spent "p2pk" (Pay-to-PubKey) outputs, so I'm guessing that the tool that you've tried simply doesn't support p2pk scriptSig.

For r and S of that particular txn, you can get it from the input's scriptSig since it is a valid DER-encoded ECDSA signature;
For the first input:
  • r: 64bfde07ac93d16f8559d89831e11ac461cc448486f6b7304a379f4aab4fc96f
  • S: 5e2f0f6aed03a6338ab66bd9ad11496ff9ac91f6b134c918f74bf7ded699849f
The Z-value however isn't in the signature, it has to be computed.

I've tried other p2pk transactions and it resulted with the same error.
So try to find another tool that supports it.
bane77
newbie
Activity: 17
Merit: 0
Re: Why cant get RSZ from Bitcoin Transaction?
December 31, 2023, 05:03:34 AM
#1
Playing around with rsz values and i stumble on from example  this transaction and cant retrieve rsz: 

 https://www.blockchain.com/explorer/transactions/btc/4dcc0f56c1bec15e29c3efdaf562cf6a2893e2b819112e9ea4e92d6b256a79db   

I try on www.2coins.org with Transaction ID and Raw Tx, i get: Transaction ID is probably wrong or with Raw Tx:Invalid Data In Raw Tx. I also try with Iceland RSZ script and also get error: ValueError: invalid literal for int() with base 16: ''

I m guessing something is missing in the transaction Huh

Can please someone explain?

Thanks!
Bitcoin Forum>Bitcoin>Development & Technical Discussion
Jump to: