Always create 70 byte signatures with low R values
ClosedPublic
Actions

Authored by deadalnix on Nov 19 2019, 14:48.

Details

Reviewers

Group Reviewers

Restricted Project

Commits

rSTAGING1a5829a4b8bf: Always create 70 byte signatures with low R values
rABC1a5829a4b8bf: Always create 70 byte signatures with low R values

Summary

When extra entropy is not specified by the caller, CKey::Sign will
now always create a signature that has a low R value and is at most
70 bytes. The resulting signature on the stack will be 71 bytes when
the sighash byte is included.

Using low R signatures means that the resulting DER encoded signature
will never need to have additional padding to account for high R
values.

This is a partial backport of Core PR13666 : https://github.com/bitcoin/bitcoin/pull/13666/commits/18dfea0dd082af18dfb02981b7ee1cd44d514388

Test Plan

make check
./test/functional/test_runner.py

Diff Detail

Repository

rABC Bitcoin ABC

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

deadalnix created this revision.Nov 19 2019, 14:48

Herald added a reviewer: Restricted Project. · View Herald TranscriptNov 19 2019, 14:48

Build Bitcoin-ABC / Diffs / Diff Testing started.

deadalnix added a child revision: D4468: Use 71 byte signature for DUMMY_SIGNATURE_CREATOR.Nov 19 2019, 15:15

Build Bitcoin-ABC / Diffs / Diff Testing passed.

Harbormaster completed remote builds in B8155: Diff 14200.Nov 19 2019, 15:18

jasonbcox accepted this revision.Nov 20 2019, 01:03

This revision is now accepted and ready to land.Nov 20 2019, 01:03

Closed by commit rABC1a5829a4b8bf: Always create 70 byte signatures with low R values (authored by Andrew Chow <achow101-github@achow101.com>, committed by deadalnix). · Explain WhyNov 20 2019, 12:35

This revision was automatically updated to reflect the committed changes.

deadalnix added a commit: rABC1a5829a4b8bf: Always create 70 byte signatures with low R values.

deadalnix added a commit: rSTAGING1a5829a4b8bf: Always create 70 byte signatures with low R values.Apr 7 2020, 21:44

majcosta mentioned this in D12897: [backport#19379] tests: Add fuzzing harness for SigHasLowR(...) and ecdsa_signature_parse_der_lax(...).Dec 14 2022, 20:12

majcosta mentioned this in rABC312733002f4a: [backport#19379] tests: Add fuzzing harness for SigHasLowR(...) and….Dec 15 2022, 00:29

PiRK mentioned this in D16685: [electrum] grind ecdsa low R signature when using libsecp256k1.Aug 28 2024, 07:09

PiRK mentioned this in rABCb0d72c50a89b: [electrum] grind ecdsa low R signature when using libsecp256k1.Sep 3 2024, 06:19

Revision Contents
Changeset List

Path

Size

src/

key.h

2 lines

key.cpp

32 lines

test/

key_tests.cpp

51 lines

script_tests.cpp

2 lines

test/

functional/

data/

rpc_psbt.json

8 lines

util/

data/

txcreatesignv2.hex

2 lines

Diff 14229

View Options

src/key.h

View Options

src/key.cpp

View Options

src/test/key_tests.cpp

View Options

src/test/script_tests.cpp

View Options

test/functional/data/rpc_psbt.json

View Options

test/util/data/txcreatesignv2.hex

Always create 70 byte signatures with low R valuesClosedPublicActions

Details

Diff Detail

Event Timeline

Revision ContentsChangeset List

Diff 14229

src/key.h

src/key.cpp

src/test/key_tests.cpp

src/test/script_tests.cpp

test/functional/data/rpc_psbt.json

test/util/data/txcreatesignv2.hex

Always create 70 byte signatures with low R values
ClosedPublic
Actions

Revision Contents
Changeset List