Open ybce opened 1 month ago
I tried running the following and it came out false:
signature = "IAheSKap+fzPF7Ny+21r87GqcyNSAwCG+pCmpE9gUBT7ANHuQEnk3zBsvQI27a1bknE8JI5ZyFvVksIJVZd1NxQ="
addr = "191arn68nSLRiNJXD8srnmw4bRykBkVv6o"
msg = "010203"
Bitcoin::MessageSign.verify_message(addr, signature, msg)
And when I try verifying the signature using the address and the plain text message I get true back: Bitcoin::MessageSign.verify_message(address, signature, "010203") \true
Can you provide the value of address in this case?
Yes the address I was using was this: tb1prgrtw5sag3gsxrafu2f36dpzuyfpf7lhaea5zvk8f0rtuepqtepqsma6za
(taproot on signet)
I had to set Bitcoin.chain_params = :signet
before calling verify_message
or else the parse_from_addr
function would throw an error.
I just tried everything again with a mainnet address and got the same issue happening:
Bitcoin.chain_params = :mainnet
address = "bc1q54xd8kn6qayzqeyxmltsfyagjjaftayr3tem7s" // Native Segwit Address
signature = "IAheSKap+fzPF7Ny+21r87GqcyNSAwCG+pCmpE9gUBT7ANHuQEnk3zBsvQI27a1bknE8JI5ZyFvVksIJVZd1NxQ="
Bitcoin::MessageSign.verify_message(address, signature, "010203") \\ true
Bitcoin::MessageSign.verify_message(address, signature, "12345") \\ true
Edit:
Okay I tried with a "Legacy" address according to OneKey which start with 1 like in your example and it worked fine, does this mean this is the only address type that the library supports for message verification?
@ybce There was a bug in the interpreter flag settings when checking BIP322. I fixed it, please use the fixed version v1.7.0.
Thank you for the quick fix, I'll test out the new version today
@azuchi I tried this again and now it always returns false
Bitcoin.chain_params = :mainnet
address = "bc1q54xd8kn6qayzqeyxmltsfyagjjaftayr3tem7s" // Native Segwit Address
signature = "IAheSKap+fzPF7Ny+21r87GqcyNSAwCG+pCmpE9gUBT7ANHuQEnk3zBsvQI27a1bknE8JI5ZyFvVksIJVZd1NxQ="
Bitcoin::MessageSign.verify_message(address, signature, "010203") \\ false
Bitcoin::MessageSign.verify_message(address, signature, "12345") \\ false
@ybce How did you create this signature? Regarding native segwit, the library currently only supports simple
scheme in BIP322.
I created it using the example app here in the OneKey documentation: https://developer.onekey.so/connect-to-software/webapp-connect-onekey/btc/api-reference/signmessage
Thanks for the clarification
If I try anything other than a legacy address it doesn't work. Can you provide an example of an address that's has simple scheme in BIP-322?
Thanks again for your help
A signature for the BIP322 simple scheme can be generated using this library as follows:
key = Bitcoin::Key.generate
address = key.to_p2wpkh
message = "010203"
signature = Bitcoin::MessageSign.sign_message(
key, message, address: address, format: Bitcoin::MessageSign::FORMAT_SIMPLE
)
It seems that OneKey also supports bip322-simple
as a type. In BIP-322, a simple signature is defined as a witness stack, but your signature "IAheSKap+fzPF7Ny+21r87GqcyNSAwCG+pCmpE9gUBT7ANHuQEnk3zBsvQI27a1bknE8JI5ZyFvVksIJVZd1NxQ="
appears to have less data than a P2WPKH witness stack (public key and signature).
IAheSKap+fzPF7Ny+21r87GqcyNSAwCG+pCmpE9gUBT7ANHuQEnk3zBsvQI27a1bknE8JI5ZyFvVksIJVZd1NxQ=
This signature appears to be a legacy P2PKH signature. Therefore, when verifying this signature, you must use the legacy address (P2PKH) instead of the Segwit address.
If you want to create a signature for a segwit address, you need to generate the signature by specifying bip322-simple
.
Thanks for the information @azuchi I'll look at this and see what we can do, we need to support multiple address types like taproot, native segwit and legacy on signet and mainne but OneKey doesn't really offer many options when signing messages which is the way we're generating these signatures
Hello,
I am trying to verify a signed message using the
MessageVerify
module but I'm running into some strange behaviour.I have a signature from the demo app located here: https://developer.onekey.so/connect-to-software/webapp-connect-onekey/btc/api-reference/signmessage This gives me a signature in base64:
IAheSKap+fzPF7Ny+21r87GqcyNSAwCG+pCmpE9gUBT7ANHuQEnk3zBsvQI27a1bknE8JI5ZyFvVksIJVZd1NxQ=
And when I try verifying the signature using the address and the plain text message I get true back:
Bitcoin::MessageSign.verify_message(address, signature, "010203") \\true
But swapping the signature or message for anything random always returns true, I tried with mainnet and signet and both give me the same result, returning true for any signature/message
Is there something else I'm missing here that should be setup? I'm not too familiar with Bitcoin message signing and verification so I apologize in advance if I'm missing something obvious here.