search

lian / bitcoin-ruby

bitcoin utils and protocol in ruby.
Other
923 stars 323 forks source link

Wrong compressed address and signature for private key #208

Closed NicosKaralis closed 7 years ago

NicosKaralis commented 7 years ago

I'm having some trouble to generate signatures for private keys generated from other sources. I'm using version 0.0.10

  1. go to https://www.bitaddress.org and generate a wallet

  2. go to wallet details and get the hex version of the private key

    for this example I'm going to use the following:

    1. Private key: 5Huhk7PuiUGZj5anDfSZMz1pG4Loo3Ubf1r2zF9LydWVJgW5aJR
    2. Private Key Hexadecimal 0C4C8E302E7A074A8A1C2600CD1AF07505843ADB2C026EA822F46D3B5A98DD1F
    3. Bitcoin Address 12g8srXQboDkA8eGUXDwWvtZeVuwPGULJp
    4. Bitcoin Address Compressed 1MSALjAKqntzEFqbtxaPBMvpkip2of1nAV

  3. Go to console and type

    k = Bitcoin::Key.new('0C4C8E302E7A074A8A1C2600CD1AF07505843ADB2C026EA822F46D3B5A98DD1F')

  4. to be sure check the details

    $ k.priv
 => "0c4c8e302e7a074a8a1c2600cd1af07505843adb2c026ea822f46d3b5a98dd1f"
# Private key is correct

$ k.instance_eval { @pubkey_compressed = false }
$ k.addr
 => "12g8srXQboDkA8eGUXDwWvtZeVuwPGULJp"
# Uncompressed public key is correct
$ k.sign_message 'test'
=> "HC4ERGE66u0kJpkipFx2R2RnX/jwD8m/WQLArEv134vY15ibNR5D5FZ9Hq1Klg2QYVvbyz9G23wt/YDnvW5tyew="
# This is correctly signed

$ k.instance_eval { @pubkey_compressed = true }
$ k.addr
 => "12BRzETRJe2B4UWqh2r9YrktLGwniwFDve"
# Compressed public key is incorrect
$ k.sign_message 'test'
=> "IrzW6l32cDbnyOpSuXCuI/FAwGnIvKdfErgfTkfsiSWkWEj2lTOK1yTYmwKDYNBKRxGcPaAA2q19M1iDZW2ZtXk="
# Not a valid signature (for both keys, valid or invalid)

  5. Also, I don't know if this is a mistake or if is intended

    $ k.sign_message 'test'
=> "HM/6HsVwjSkQxkwm87mdJhGFCLAMIUU03Vhk7kAWwypmIouljf/tmurom4ed9/B/ZVkAjh5dufoPBv0gLDVQnQk="
$ k.sign_message 'test'
=> "HJbW8bwK+cNk3M885RmLGeZ2k4MO5CXUvHBwVBEhS1mtGX/y9XmJ/BGTfLMzCGAr0zP8Ca9X8crrcT2fP4VDwXk="
$ k.sign_message 'test'
=> "G4YUEjgX4wlIsI/tZUn8lkbHJ4CXL+cuemuX7UvxrDzG18LPIDVaRhWGy3PCjMCdxgwJiUmyV8Z2oa+dDOIwZHA="
$ k.sign_message 'test'
=> "HMeyIXPXu8Rnahq3xLyd8XEm3ALeJv5RIsa7T+M0uaJjOLkP+ODeNcdIhpDEnKvlY23+Wgc4Zd45B1MlRNr0oiQ="
$ k.sign_message 'test'
=> "GzFHCXea/HgHyf+5nbV473FI0OmRQcdJxOIMpSHKyN4RaM2EihgQHYKtiAw48l872H4fQUcbcf7zmFf14OuOl4I="

    Each sign_message returns a different signature and none of them are checking out correctly

TL;DR: The Bitcoin Address Compressed is wrong and the sign_message method doesn't work

azuchi commented 7 years ago

maybe you used ruby 2.4.0. OpenSSL::PKey::EC in openssl with Ruby 2.4 has bug. This problem is solved with the pull request https://github.com/lian/bitcoin-ruby/pull/207 .

So, wait for the next version or use ruby2.3 or build this gem.

NicosKaralis commented 7 years ago

Thanks, that solved my issue.

Using 'master' until the official release