Skip to content

Support signing and verifying messages signed with a segwit address. #874

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Open
wants to merge 2 commits into
base: master
Choose a base branch
from
Open

Support signing and verifying messages signed with a segwit address. #874

wants to merge 2 commits into from

Conversation

sanderkruger
Copy link

No description provided.

@afk11
Copy link
Member

afk11 commented Apr 8, 2021

Hi, thanks for the PR! I haven't been keeping up with cutting edge side of things, but I wasn't 100% sure there was a way to sign a message with a segwit address? Is there a BIP for this?

[1] https://bitcoin-development.narkive.com/EpLpjyeL/sign-verify-message-against-segwit-p2sh-and-bech32-addresses
[2] https://github.com/bitcoin/bips/blob/master/bip-0322.mediawiki#Legacy

afk11
afk11 reviewed Apr 8, 2021
View reviewed changes
src/MessageSigner/MessageSigner.php
* @return bool
*/
public function verify(SignedMessage $signedMessage, PayToPubKeyHashAddress $address, NetworkInterface $network = null): bool
public function verify(SignedMessage $signedMessage, Address $address, NetworkInterface $network = null): bool
Copy link
Member

@afk11 afk11 Apr 8, 2021
edited
Loading

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To my knowledge P2SH, V1 segwit addresses, V0 segwit script-hash addresses shouldn't be accepted, so this would need a check that the address type is P2PKH or P2WPKH (V0 segwit && hash->getSize() == 20)

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

To be honest, I'm a bit new to this. I just noticed that the test wallet I use (Embit Wallet) allows signing of segwit addresses (P2WPKH with a tb1 prefix), tried my changes to this project and saw that it worked. Apparently, both use the same signature algorithm.
I'll look into the verification.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I looked into this a bit further. If I figured it out correctly, BIP322 says that messages can only be signed with bech32 segwit addresses of v0 (besides legacy P2PKH). To check this in the verify method, I'm going to verify that the address is either a PayToPubKeyHashAddress object, or, if it is a SegwitAddress, that the witness program version equals 0.
Wrapped segwit addresses are represented as ScriptHashAddress, so they will fall out too.

Copy link
Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I tried to create a test case for a v1+ address, but it looks like the AddressCreator doesn't handle bech32m, at least no v1 address I could find on-line is recognized. So for now, the MessageSigner will only sign P2PKH or Segwit v0.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@afk11 afk11 afk11 left review comments

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

2 participants

@sanderkruger @afk11