Different signature when signing with bitcoinjs-message and with Electrum

bitcoinjs / bitcoinjs-message

MIT License

129 stars 79 forks source link

Different signature when signing with bitcoinjs-message and with Electrum #28

Closed ademcan closed 4 years ago

ademcan commented 4 years ago

I am trying to sign a message with a nested segwit address (3*). I got the address, the message and the private key, and also opened the wallet on Electrum. However, when signing with Electrum I get a different signature compared to when signing with bitcoinjs-message with the following code:

var signature = bitcoinMessage.sign(
    'test',
    privateKey,
    keyPair.compressed,
    {segwitType: 'p2sh(p2wpkh)'},
);

Do you have any idea what the issue could be? Thanks for your help and for the great work!

junderw commented 4 years ago

There is no guarantee that signatures are deterministic. Or that they are deterministic in the same way.

Sign with Electrum and verify with us.
Sign with us and verify with Electrum.

Please perform the two actions above and tell me if anything fails.

If both succeed this issue should be closed. Thank you.

ademcan commented 4 years ago

Thank you very much Jonathan for your quick reply.

Signing 'test' with Electrum and verifying with bicoinjs-message returns false
Signing 'test' with bitcoinjs-message and verifying with Electrum returns false (Wrong signature)

I realised that I have the same issue as in #20 where only the flag byte is different for simple strings (like 'test'). But when using a more complex message to sign the signatures are completely different.

ademcan commented 4 years ago

I just would like to mention that I didn't have this problem with legacy addresses. I am using the same code as I did previously with a legacy address, here the only difference is the p2sh(p2wpkh) address, hence the {segwitType: 'p2sh(p2wpkh)'} option (and the private key obviously)

junderw commented 4 years ago

Sounds like Electrum differs from Trezor then.

non-legacy message signatures are not standardized, and we just followed Trezor.

junderw commented 4 years ago

ah, wait.

Are you converting the private key to the Electrum format for p2sh-p2wpkh?

That might be it

ademcan commented 4 years ago

No, I am not converting the key, using directly the private key and then using: const keyPair = bitcoin.ECPair.fromWIF(pkey)

ademcan commented 4 years ago

I am also wondering if the string handling is the issue, as Electrum probably considers \n differently than JS. I will come back to you after some more tests and close the issue if I find a solution.

junderw commented 4 years ago

https://github.com/bitcoinjs/bitcoinjs-message/pull/29#issuecomment-686060820

ademcan commented 4 years ago

Thank you @junderw, solved with the PR mentioned above!