Bitcoinjs-lib: BIP143 rejects uncompressed public keys in P2WPKH or P2WSH

Created on 10 Jan 2018  路  6Comments  路  Source: bitcoinjs/bitcoinjs-lib

Not sure if I am misunderstanding something here but does this not only check if the output is p2wpkh and not p2wsh as well?

i.e. is correct?

if (kpPubKey.length !== 33 &&
      (input.signType === scriptTypes.P2WPKH || input.signType === scriptTypes.P2WSH)) throw new Error('BIP143 rejects uncompressed public keys in P2WPKH or P2WSH')

https://github.com/bitcoinjs/bitcoinjs-lib/blob/86cd4a44a1524686d993f35b02a1ed331aaa551f/src/transaction_builder.js#L709

bug testing
Source
picture mandelmonkey

Most helpful comment

I think what he means is:

Segwit enforces compressed public keys for ALL instances of pubkeys in the witness stack. Multisig and single sig.

His question is: It looks like this one line is only checking for single sig. allowing multisig segwit with uncompressed pubkeys to pass and make an invalid transaction. Is he right in his assessment that this is a bug, or are we checking somewhere else and he doesn鈥檛 notice it?

picture dabura667 on 16 Jan 2018
👍2

All 6 comments

This covers all templates handled by TransactionBuilder, so multisig is also checked. That鈥檚 why input.pubkeys and input.signatures are arrays

dabura667 picture dabura667 on 10 Jan 2018

@mandelmonkey could you elaborate on your question?

dcousens picture dcousens on 16 Jan 2018

I think what he means is:

Segwit enforces compressed public keys for ALL instances of pubkeys in the witness stack. Multisig and single sig.

His question is: It looks like this one line is only checking for single sig. allowing multisig segwit with uncompressed pubkeys to pass and make an invalid transaction. Is he right in his assessment that this is a bug, or are we checking somewhere else and he doesn鈥檛 notice it?

dabura667 picture dabura667 on 16 Jan 2018
👍2

Hi guys
its probably my misunderstanding! but the following line in my mind checks if the pubkey is uncompressed and if it is it checks if the script type is p2wpkh, if so it throws an error because uncompressed public keys keys are not supported with segwot.

if (kpPubKey.length !== 33 && input.signType === scriptTypes.P2WPKH) throw new Error('BIP143 rejects uncompressed public keys in P2WPKH or P2WSH')

however the comment says "in P2WPKH or P2WSH" but the if statement is only checking if the script type is p2wpkh and not p2wsh as well.

thats where I got confused

mandelmonkey picture mandelmonkey on 16 Jan 2018

Will add a test case

dcousens picture dcousens on 16 Jan 2018

Closing in favour of https://github.com/bitcoinjs/bitcoinjs-lib/pull/987

dcousens picture dcousens on 17 Jan 2018
Was this page helpful?
0 / 5 - 0 ratings

Related issues

thrastarson picture thrastarson  路  3Comments
yakitorifoodie picture yakitorifoodie  路  3Comments
Mr-Mondragon picture Mr-Mondragon  路  3Comments
itsMikeLowrey picture itsMikeLowrey  路  3Comments
dcousens picture dcousens  路  3Comments