Author: Karl Johan Alm 2018-03-27 08:09:41
Published on: 2018-03-27T08:09:41+00:00
Pieter Wuille has suggested including a version number in the signature that corresponds to a set of validation flags. If a verifier doesn't know the version number, it can be reported as inconclusive. Another solution is to verify twice, once with all consensus rules and once with standardness rules. If both are valid, the signature is valid; if both are invalid, the signature is invalid; if they're different, then the signature validation is reported as inconclusive. Pieter thinks that double verify approach seems promising. In response to RPC commands, Pieter suggests extending the existing signmessage/verifymessage RPC. The legacy behavior could be depended on somewhere, so adding legacy mode or simply doing the old way for 1xx is sufficient. Regarding the message signing functionality, Pieter warns about the danger of using prehashed messages since it could be used to trick someone into signing an actual transaction. Therefore, it's better to always forcibly prefix "Bitcoin signed message" to avoid unintentionally signing something.
Updated on: 2023-06-13T00:59:54.600375+00:00