search

ACken2 / bip322-js

A Javascript library that provides utility functions related to the BIP-322 signature scheme
https://acken2.github.io/bip322-js/
MIT License
19 stars 13 forks source link

Signature verification returns false even if it should return true #12

Open matteocoppola opened 1 month ago

matteocoppola commented 1 month ago

Greetings, one of our users is signing with his Ordinal Key (using Xverse wallet) the JSON.stringify() result of this following message:

{
    "runeId": "840000:3",
    "orderType": 0,
    "orderPosition": "buy",
    "orderAmount": 1332,
    "orderPrice": 7.51,
    "ownerBtckey": "020bb343eb11c05861b5d5607391a71b14fc941b6e50c52070fbb7c0665e7a48e2",
    "ownerOrdKey": "56f4b67b0ade2e9ba69244db27dd980e58c4445ffb29c60dac4a2c7bc08688ac",
    "ownerBtcAddress": "3KZKi6aWvoZp2BjSYm8X126AeExpqdqvyh",
    "ownerOrdAddress": "bc1pvnkl5kgyjnr33yn5myvlqvw0nahnrqx2mj6a8j4ggpy09gvt3pdq4nf2sl"
}

Generating the signature: AUBeB9HL+fbcTrVOSwzZvSn/oDluEckq0st4YMgr0nelFOT1qpA9HiohI6uGNDQnu47YUbFHWM0CrkiT7VdWf6Na

Using bip322-js to verify this signature, it returns FALSE: bip322.Verifier.verifySignature(data.ordinalAddress, JSON.stringify(data.message), data.signature)

This bug here is happening to a few of our users (not all of them), which makes me think it must be something related to how the library uses the Ordinal Address of the user.

Please help us addressing the issue and let us know if you need more details. Thank you!

ACken2 commented 1 month ago

Hi,

I have attempted to verify your BIP322 signature and message (which I assumed is signed by bc1pvnkl5kgyjnr33yn5myvlqvw0nahnrqx2mj6a8j4ggpy09gvt3pdq4nf2sl) using the following command on a Bitcoin Core compiled for BIP-322 support (https://github.com/kallewoof/bitcoin/tree/202201-bip322):

verifymessage "bc1pvnkl5kgyjnr33yn5myvlqvw0nahnrqx2mj6a8j4ggpy09gvt3pdq4nf2sl" "AUBeB9HL+fbcTrVOSwzZvSn/oDluEckq0st4YMgr0nelFOT1qpA9HiohI6uGNDQnu47YUbFHWM0CrkiT7VdWf6Na" "{"runeId":"840000:3","orderType":0,"orderPosition":"buy","orderAmount":1332,"orderPrice":7.51,"ownerBtckey":"020bb343eb11c05861b5d5607391a71b14fc941b6e50c52070fbb7c0665e7a48e2","ownerOrdKey":"56f4b67b0ade2e9ba69244db27dd980e58c4445ffb29c60dac4a2c7bc08688ac","ownerBtcAddress":"3KZKi6aWvoZp2BjSYm8X126AeExpqdqvyh","ownerOrdAddress":"bc1pvnkl5kgyjnr33yn5myvlqvw0nahnrqx2mj6a8j4ggpy09gvt3pdq4nf2sl"}"

However, it also fails verification there, so it is likely that the signature is not valid for the provided message and address.

Is it possible that the message signed was somehow incorrect or that the message was signed using another address?

matteocoppola commented 1 month ago

Hi @ACken2 , thank you for your testing. As we are sure the message is correct and correctly signed, the problem must be outside our codebase. As your test shows that it's not an issue of bip322-js library, then it means the bug is in the Xverse wallet when they use it to sign with the OrdinalAddress. Let's see what they find!