Signmessage #8226
Signmessage #8226
Conversation
|
There is a variety of signature schemes in the market. Therefore I implemented Electrum's signature scheme: I checked against sparrow wallet and the verification succeeds.
|
|
In the future if it becomes necessary one could add a flag to select the signature scheme of choice. Also for reviewers: I was tempted to make hsmd sign any message fromwire, adding more flexibility in |
Lagrang3
force-pushed
the
signmessage
branch
3 times, most recently
from
d291224 to
0a82edd
Compare
|
Electrum-style is probably the worst of the options accepted by OCEAN fwiw BIP 322 will be required if you need to support Taproot in the future. BIP 137 would be probably trivial to add here (just a version byte change) |
Lagrang3
force-pushed
the
signmessage
branch
2 times, most recently
from
ec989c7 to
0024b60
Compare
Lagrang3
force-pushed
the
signmessage
branch
3 times, most recently
from
a8d0e9b to
2f7c19d
Compare
with custom keys. Changelog-Added: HSMD: add new wire api to sign messages with bitcoin wallet keys. Signed-off-by: Lagrang3 <lagrang3@protonmail.com>
To validate BIP137 signatures produced by core-lightning in tests. Changelog-None. Signed-off-by: Lagrang3 <lagrang3@protonmail.com>
Lagrang3
force-pushed
the
signmessage
branch
2 times, most recently
from
3a49a38 to
f134ed0
Compare
|
Tested on Ocean! |
signmessagewithkey: allows to sign a message with a key associated with one bitcoin address in our wallet. Changelog-Added: add a new rpc command signmessagewithkey to #put messages with keys from our wallet. Signed-off-by: Lagrang3 <lagrang3@protonmail.com>
| @@ -356,6 +356,15 @@ msgdata,hsmd_sign_message,msg,u8,len | |||
| msgtype,hsmd_sign_message_reply,123 | |||
| msgdata,hsmd_sign_message_reply,sig,secp256k1_ecdsa_recoverable_signature, | |||
|
|
|||
| # sign a raw message with a derived key | |||
| msgtype,hsmd_sign_message_with_key,45 | |||
There was a problem hiding this comment.
Can we call this bip137_sign_message? We're going to want to do 332 eventually, though it's a complex mess and I'm not sure I even understand it :(
| struct issued_address_type *listaddrtypes = | ||
| wallet_list_addresses(tmpctx, cmd->ld->wallet, 1, NULL); |
There was a problem hiding this comment.
the db doesn't contain types for old keys. You need to iterate from 1 to db_get_intvar(cmd->ld->wallet->db, "bip32_max_index", 0); to get all keys.
You could use wallet_get_addrtype() once you've found a match, and refuse if we never issued that keyidx as a p2wpkh?
| u8 sig[65]; | ||
| secp256k1_ecdsa_recoverable_signature rsig; | ||
|
|
||
| if (!fromwire_hsmd_sign_message_with_key_reply(msg, &rsig)) { |
There was a problem hiding this comment.
We should use hsm_is_capable, and add the new msg type to capabilities. This means that an older VLS will not crash: we can tell the user it's not supported.
Add a new rpc called
signmessagewithkeythat can be used to sign messages using any keyfrom our wallet. You cannot directly select the key to use, but instead you provide a bitcoin address
and the wallet will figure out which of our keys corresponds to that bitcoin address.
Solves issue #8199
TODO:
devtools/bip137-verifysignature)