P2SH(P2WPKH) signature does not verify in Bitcoin Core or Electrum

majestic84 commented 5 years ago

    const bitcoinMessage = require('bitcoinjs-message')
    let keyPair = bitcoin.ECPair.fromWIF('KxZbvQPvcaiKo1DCbRGgZZfakc6K3qAtXGkLmogmHdop1VhjVR9J')

    let { address } = bitcoin.payments.p2sh({
        redeem: bitcoin.payments.p2wpkh({
            pubkey: keyPair.publicKey
        })
    })
    //output: 3LbZqMMHu371r5Fjve9qNhSQzuNi7EzqUR

    let privateKey = keyPair.privateKey
    let message = 'test123'
    let signature = bitcoinMessage.sign(message, privateKey, keyPair.compressed, { segwitType: 'p2sh(p2wpkh)' })
    console.log(signature.toString('base64'))
    //output: I2ehXowFWMZohHrJN+1IRdDwqN/UILqVmhIOHpeBdS4BYDCQpfDL1tTH7mNg6eeypno+Is8ApgWinkPnnz1NEq8=
    console.log(bitcoinMessage.verify(message, address, signature))
    ///output: true

Same values in latest version of Electrum produces the following signature: H2ehXowFWMZohHrJN+1IRdDwqN/UILqVmhIOHpeBdS4BYDCQpfDL1tTH7mNg6eeypno+Is8ApgWinkPnnz1NEq8=

bitcoinjs-message signature: I2ehXowFWMZohHrJN+1IRdDwqN/UILqVmhIOHpeBdS4BYDCQpfDL1tTH7mNg6eeypno+Is8ApgWinkPnnz1NEq8=

Am I doing something wrong? It seems the signatures are only different in the first character.

junderw commented 5 years ago

yes, they only differ in the flag byte.
iirc, currently only Trezor supports this.

junderw commented 4 years ago

https://github.com/bitcoinjs/bitcoinjs-message/pull/29#issuecomment-686060820

bitcoinjs / bitcoinjs-message

P2SH(P2WPKH) signature does not verify in Bitcoin Core or Electrum #20