< bitcoin-git> [bitcoin] droark opened pull request #9433: Update the Windows build notes (master...docs) https://github.com/bitcoin/bitcoin/pull/9433
< luke-jr> gmaxwell: so you custom made a private key based on the required signature?
< jl2012> luke-jr: I think it's key recovery
< luke-jr> jl2012: ?
< jl2012> gmaxwell's tx
< luke-jr> looks like the script is checking the hash of the signature rather than the pubkey
< jl2012> public key recovery
< luke-jr> but the signature needs to commit to the input txid
< luke-jr> since the pubkey is not restricted, however, I assume the spender can just calculate a privkey from the signature + data, and provide the pubkey for that
< jl2012> no you can't
< jl2012> but with signature + data, you could have the pubkey
< jl2012> but you don't know the private key
< jl2012> if you could know private key this way, ECDSA is broken
< luke-jr> hmm
< gmaxwell> I didn't create that txn, someone on bct linked it asking for what was happening there, it's amusing though.
< jl2012> luke-jr: I did this with the same way: https://github.com/bitcoin/bitcoin/pull/8927
< gmaxwell> and yes, luke-jr you're right those coins can be stolen by anyone who has seen the preimage of the hash.
< luke-jr> oh, is it because of FindAndDelete?
< jl2012> you could do it without involving FindAndDelete. See the segwit tests in the same PR
< jl2012> to disallow this, we need to cover the pubkey in SignatureHash
< jl2012> luke-jr: you could find the python code here to do this: https://github.com/bitcoin/bitcoin/pull/8654
< arubi> it's my tx actually, indeed pubkey recovery :)
< arubi> basically a response to "signatures can't sign themselves" :)
< gmaxwell> the fact that it's the same as an orderinary pay to pubkey hash script, but with the swap makes it especitally cute.
< arubi> yea I was counting on it looking similar to that heh, another fun one is https://test.webbtc.com/script/795fd9db2300ea16bcd49ea85f2a0ecbe475c62b75fea317d1fa981aae34caca:0 , where R is not a valid X coordinate
< gmaxwell> uhh
< arubi> was trying to see if anyone who was implementing their own verifier would be forked off testnet. nobody came forward so I guess we're ok :)
< arubi> well R+N is the valid X coordinate, but since we do % N, this non X coordinate R is what's left
< arubi> R+N < P
< gmaxwell> oh it's a wrap case, okay. whew.
< gmaxwell> I thought you were saying that R (the point) wasn't on the curve, rather than r (the scalar, R.x mod P).
< arubi> oh yes, capitalization is important
< gmaxwell> The former shouldn't verify.
< gmaxwell> reminds me that we need to add a case where R.x -> r overflows in signing to the libsecp256k1 tests.
< gmaxwell> arubi: sadly a lot of places don't run testnet nodes...
< gmaxwell> arubi: looks like webbtc is stuck as of the 4th in fact.
< gmaxwell> the first block it's missing is 00000000021d4ec041244b516e55d35f733ba8a1f538d26764b67e881b2e030f
< arubi> gmaxwell, yea, too bad.. not many stake holders like to keep an eye on testnet.. maybe when it's reset sometime it'll give people a chance to start a node
< gmaxwell> would be nice to know why it's rejecting that block.
< gmaxwell> it's seen it but considers it orphaned.
< gmaxwell> (so I wonder if it thinks its invalid)
< arubi> interesting. looks like a simple block to validate. will check when I'm back from work, cheers
< gmaxwell> yea, I don't see any obvious stunts in it.
< gmaxwell> it may just be that the site didn't survive a long reorg.
< bitcoin-git> [bitcoin] ryanofsky opened pull request #9435: Removed unused variable in test, fixing warning. (master...pr/coins-unused) https://github.com/bitcoin/bitcoin/pull/9435
< gmaxwell> warren: do you know anything about https://www.ringingliberty.com/bitcoin/ ? doesn't appear to have a determinstic build process, anyone looked to see if these binaries are backdoored? someone wandering into #bitcoin is using them.
< robert__> its the first result when you google fedora bitcoin
< luke-jr> is it intentional that CCoinsViewMemPool::Cursor doesn't work? :x
< sipa> luke-jr: CCoinsViewMemPool is generally broken
< sipa> it only works for a few use cases
< luke-jr> sipa: should I go ahead and document this? "* Its Cursor also doesn't work. In general, it is broken as a CCoinsView implementation outside of a few use cases." or something
< sipa> there is a comment about it somewhere
< sipa> i'm at a conference now, remind me later
< luke-jr> k, enjoy
< bitcoin-git> [bitcoin] MarcoFalke pushed 2 new commits to master: https://github.com/bitcoin/bitcoin/compare/0f921e6a0492...dbc8a8c86ae5
< bitcoin-git> bitcoin/master 35356b4 Russell Yanofsky: Remove unused variable in test, fixing warning....
< bitcoin-git> bitcoin/master dbc8a8c MarcoFalke: Merge #9435: Removed unused variable in test, fixing warning....
< bitcoin-git> [bitcoin] MarcoFalke closed pull request #9435: Removed unused variable in test, fixing warning. (master...pr/coins-unused) https://github.com/bitcoin/bitcoin/pull/9435
< bitcoin-git> [bitcoin] sipa pushed 8 new commits to master: https://github.com/bitcoin/bitcoin/compare/dbc8a8c86ae5...7aa700424cbd
< bitcoin-git> bitcoin/master c8042a4 Matt Corallo: Remove arguments to ParseConfigFile
< bitcoin-git> bitcoin/master 2b5f085 Matt Corallo: Fix non-const mapMultiArgs[] access after init....
< bitcoin-git> bitcoin/master 0cf86a6 Matt Corallo: Introduce (and use) an IsArgSet accessor method
< bitcoin-git> [bitcoin] sipa closed pull request #9243: Clean up mapArgs and mapMultiArgs Usage (master...2016-11-mapmultiargs) https://github.com/bitcoin/bitcoin/pull/9243
< bitcoin-git> [bitcoin] MarcoFalke opened pull request #9436: test: Include tx data in EXTRA_DIST (master...Mf1612-inclTest) https://github.com/bitcoin/bitcoin/pull/9436
< bitcoin-git> [bitcoin] sipa pushed 2 new commits to master: https://github.com/bitcoin/bitcoin/compare/7aa700424cbd...2db4cbcc437f
< bitcoin-git> bitcoin/master 2ddfcfd Pieter Wuille: Make CScript (and prevector) c++11 movable....
< bitcoin-git> bitcoin/master 2db4cbc Pieter Wuille: Merge #9349: Make CScript (and prevector) c++11 movable....
< bitcoin-git> [bitcoin] sipa closed pull request #9349: Make CScript (and prevector) c++11 movable. (master...movescript) https://github.com/bitcoin/bitcoin/pull/9349