diff options
author | Omar Shibli <omarshib@gmail.com> | 2017-10-31 05:24:28 +0200 |
---|---|---|
committer | Omar Shibli <omarshib@gmail.com> | 2017-10-31 05:24:28 +0200 |
commit | b63ed0e17e872b7e7b8634591b0ddfa3dedfdc73 (patch) | |
tree | ae0d2a682fbaf676ec6be006fe28faba680fa7eb /bip-0175.mediawiki | |
parent | dd1f4e0e263f502bd0acc0113e7ce7615a1d7610 (diff) | |
download | bips-b63ed0e17e872b7e7b8634591b0ddfa3dedfdc73.tar.xz |
security fixes, added payment_base to contract
Diffstat (limited to 'bip-0175.mediawiki')
-rw-r--r-- | bip-0175.mediawiki | 40 |
1 files changed, 22 insertions, 18 deletions
diff --git a/bip-0175.mediawiki b/bip-0175.mediawiki index e4d9325..a3ffd1c 100644 --- a/bip-0175.mediawiki +++ b/bip-0175.mediawiki @@ -74,7 +74,7 @@ Hardened derivation is used at this level. ===Payment address generation=== -For a given contract documents denoted by c<sub>1</sub> ,...,c<sub>n</sub>, payment base extended public key denoted by <code>payment_base</code>, and cryptographic hash function denoted by <code>h</code>. +For a given contract documents denoted by c<sub>1</sub>,...,c<sub>n</sub>, payment base extended public key denoted by <code>payment_base</code>, and cryptographic hash function denoted by <code>h</code>. 1. Compute cryptographic hashes for all contract documents, by applying the hash function. @@ -84,9 +84,9 @@ For a given contract documents denoted by c<sub>1</sub> ,...,c<sub>n</sub>, paym hash_1,...,hash_n -3. Concatenate the sorted hashes and apply the hash function. +3. Prepend payment_base and concatenate the sorted hashes and apply the hash function. - h(hash_1+...+hash_n) + h(payment_base+hash_1+...+hash_n) 4. Compute a partial BIP32 derivation path from the combined hash as defined in Hash to Partial Derivation Path Mapping procedure below. @@ -171,28 +171,28 @@ document 2: 3. Concatenate hashes and apply the hash function. - concatenated hash: - 2c26b46b68ffc68ff99b453c1d30413413422d706483bfa0f98a5e886266e7aefcde2b2edba56bf408601fb721fe9b5c338d10ee429ea04fae5511b68fbf8fb9 + concatenated hash: payment_base + xpub6B3JSEWjqm5GgfzcjPwBixxLPzi15pFM3jq4E4yCzXXUFS5MFdXiSdw7b5dbdPGHuc7c1V4zXbbFRtc9G1njMUt9ZvMdGVGYQSQsurD6HAW2c26b46b68ffc68ff99b453c1d30413413422d706483bfa0f98a5e886266e7aefcde2b2edba56bf408601fb721fe9b5c338d10ee429ea04fae5511b68fbf8fb9 combined hash: - ec321de56af3b66fb49e89cfe346562388af387db689165d6f662a3950286a57 + 310057788c6073640dc222466d003411cd5c1cc0bf2803fc6ebbfae03ceb4451 4. Compute the partial BIP32 derivation path of the combined hash. - 60466/7653/27379/46703/46238/35279/58182/22051/34991/14461/46729/5725/28518/10809/20520/27223 + 12544/22392/35936/29540/3522/8774/27904/13329/52572/7360/48936/1020/28347/64224/15595/17489 5. Prepend <code>payment_base</code> to <code>contract_hash</code> derivation path. - contract_base_pub/60466/7653/27379/46703/46238/35279/58182/22051/34991/14461/46729/5725/28518/10809/20520/27223 + contract_base_pub/12544/22392/35936/29540/3522/8774/27904/13329/52572/7360/48936/1020/28347/64224/15595/17489 or - m/175'/0'/60466/7653/27379/46703/46238/35279/58182/22051/34991/14461/46729/5725/28518/10809/20520/27223 + m/175'/0'/12544/22392/35936/29540/3522/8774/27904/13329/52572/7360/48936/1020/28347/64224/15595/17489 6. Compute public extended key. - xpub6hML7vSU2Hwww9ctwrwt4ijnhJr4n6XaMRox1nnF3PvZKuF1SZoTymnKQHrF9fp2nWJSqv5ZjJSxJJQ8A3PKcBUWhGvTFmuRKpycSCr5coz + xpub6hefaATTG5LbcwyPDvmNfnkyzefoM2TJDoo5astH7Gvs1g8vZURviBWvAvBnWc2CNb8ybJ6mDpnQYVsvNSZ3oUmbssX3rUVG97TFYa6AXVk 7. Compute address of the public extended key (P2PKH). - 1HYjhPTtMmpBJBd5tVepZDAVdvPA7o8KHJ + 1C7f322izqMqLzZzfzkPAjxBzprxDi47Yf ====Verification example (negative test)==== @@ -207,29 +207,33 @@ document 1: baa5a0964d3320fbc0c6a922140453c8513ea24ab8fd0577034804a967248096 -2. Apply the hash function a second time (list of one item). +2. Prepend payment_base + + xpub6B3JSEWjqm5GgfzcjPwBixxLPzi15pFM3jq4E4yCzXXUFS5MFdXiSdw7b5dbdPGHuc7c1V4zXbbFRtc9G1njMUt9ZvMdGVGYQSQsurD6HAWbaa5a0964d3320fbc0c6a922140453c8513ea24ab8fd0577034804a967248096 + +2. Apply hash function 3a08605829413ce0bf551b08d21e4a28dbda6e407f90eff1c448e839050c73a1 3. Compute the partial derivation path. - 14856/24664/10561/15584/48981/6920/53790/18984/56282/28224/32656/61425/50248/59449/1292/29601 + 5338/54412/19213/962/30664/62597/11873/59874/56779/24089/54550/19585/28087/36422/18666/17562 4. Prepend contract_base<sub>pub</sub> to contract_hash derivation path. - contract_base_pub/14856/24664/10561/15584/48981/6920/53790/18984/56282/28224/32656/61425/50248/59449/1292/29601 + contract_base_pub/5338/54412/19213/962/30664/62597/11873/59874/56779/24089/54550/19585/28087/36422/18666/17562 or - m/175'/0'/14856/24664/10561/15584/48981/6920/53790/18984/56282/28224/32656/61425/50248/59449/1292/29601 + m/175'/0'/5338/54412/19213/962/30664/62597/11873/59874/56779/24089/54550/19585/28087/36422/18666/17562 5. Compute public extended key. - xpub6gujKWRhegHXKZBkrprW55oSL6UxYhStxF5FtoUNa4KShLxLPDLQTS39XAwRhdCSvuAv2wogwukmfk3fS7CM6pT6QWwJHiCTw7RkwXMgThy + xpub6h9k2KqsMpwghxt7naj1puhGV1ZDC88sxvpYN1HibCf8yQZdPsuhYmmvdK32Kf2Lb3rS1sV8UcZ1f84DJEiXuVfLCAj4bC85aEUCxh38m8i 7. Compute address of the public extended key (P2PKH). - 162KDdRXa3KPgYkH3d1DDKfddacH1gn1n8 + 1QGe5LaDMAmHeibJbZBmZqhQDZSp7QCqSs -8. As expected the address doesn't match the Bitcoin address from the last example <code>1LeYXs63uVSDu2XSb82xdEc7RumohCpB7Q</code>. +8. As expected the address doesn't match the Bitcoin address from the last example <code>1C7f322izqMqLzZzfzkPAjxBzprxDi47Yf</code>. Verification operation will succeed only if we use identical documents to ones that have been used in the contract address generation. |