Skip to content
This repository has been archived by the owner on Sep 25, 2024. It is now read-only.

[TESTNET] Pending transaction is rejected: Non-canonical signature: S value is unnecessarily high #10

Open
cuhte3 opened this issue Oct 24, 2018 · 3 comments
Open

[TESTNET] Pending transaction is rejected: Non-canonical signature: S value is unnecessarily high #10

cuhte3 opened this issue Oct 24, 2018 · 3 comments

Comments

@cuhte3
Copy link

cuhte3 commented Oct 24, 2018
edited
Loading

Am creating and signing new transaction just fine like this:

NSError *error;
WSAddress *address = WSAddressFromString(self.parameters, @"mu4CVtiGvVtE2wHosbHC58RE2hG4CnHnvj");
const uint64_t value = 5213;

WSTransactionBuilder *builder = [self.wallet buildTransactionToAddress:address forValue:value fee:0 error:&error];

WSSignedTransaction *tx = [self.wallet signedTransactionWithBuilder:builder error:&error];

DDLogInfo(@"Tx: %@", tx);

if (![self.peerGroup publishTransaction:tx]) {
    DDLogInfo(@"Publish failed, no connected peers");
    return;
}

Here is the signed tx info:

version = 1,
id = 880afa2349cc47ed3c510c433b744e2f8810327a82e7a3a83a71b4fb577742dc,
size = 227 bytes,
coinbase = NO,
lockTime = 0,
inputs =
{(
{address='mrnE6Yxhk2fgpv4XfGygFU1vRizse3eEju', outpoint=7ec02457c4a6079f852ba029552efbf0be527f5abc22355934b5d35917ede6a3:0, script='[304602210080aace26ee3cce97f219430d60c7638f66383384e3554525647d3adf4f8ceda9022100b47327cad11dda8a5db891535abcddf36dde7766338d1bf00190db9168dee1a101] [0342468eba0e276ae2d1242095690735846a216f0e6b037a9268779d854f622a00]', sequence=0xffffffff}
)},
outputs =
{(
{address='mu4CVtiGvVtE2wHosbHC58RE2hG4CnHnvj', value=5213, script='DUP HASH160 [94826312542abcdd7cf86494a55dc4ed1bd9aad0] EQUALVERIFY CHECKSIG'},
{address='moNtTSY3abxJQFyyKGDMZvBswifVg7dTJy', value=12345510, script='DUP HASH160 [563a7982692821c0d5f43b8c60410554703d8090] EQUALVERIFY CHECKSIG'}
)}

After being published I've got reject message from all the peers:

Received reject from (83.227.31.14:18333): <WSMessageReject: 0x60000046bc40> {message='tx', code=40, reason='non-mandatory-script-verify-flag (Non-canonical signature: S value is unnecessarily high)'}

Googling the issue doesn't help much. Am I missing something? @keeshux

Thanks
@keeshux
Copy link
Owner

keeshux commented Oct 24, 2018

Farid, unfortunately I haven't been able to keep this library up-to-date through the years. Bitcoin changed quite a lot so I can't guarantee that the code is still complying. I can look into this but certainly not soon.

@pmattos
Copy link

pmattos commented Oct 26, 2018

Hey @keeshux, looks like I’m facing the exact same issue here :( I did some digging and this really looks related to this specific signature bounding issue.

I understand you are not actively maintaining this library anymore, but could you please point me out where you do such computations in your codebase so I can try fixing this myself instead?

Thanks!

@keeshux
Copy link
Owner

keeshux commented Oct 26, 2018

The relevant code for signatures is signatureForHash256 in Core/WSKey.m. It's been a while but, given that verbatim comment, the enforcement of "low S" in signature must have been taken from somewhere in Bitcoin Core:

https://bitcointalk.org/index.php?topic=285142.40

I suggest unit testing (R, S) in signatures, they're just big numbers (BIGNUM). Poking in the dark against the network could be very time-consuming.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@keeshux @cuhte3 @pmattos