1
I am creating a 2-of-3 multisig wallet, where the 2 hot keys are external HSM devices. I am using Bcoin to create my transactions. After the transactions are created, I will send the raw transaction to an external application to do the signing.
My question is, which part exactly needs to be signed by the private key?
For example, this is my transaction:
{
"hash": "e82c7bdfc864ab4d0592045dd86b81a438eeee77f8415c0a84e1aa0ea8e17786",
"witnessHash": "e82c7bdfc864ab4d0592045dd86b81a438eeee77f8415c0a84e1aa0ea8e17786",
"fee": 1000000,
"rate": 4424778,
"mtime": 1568880046,
"version": 1,
"inputs": [
{
"prevout": {
"hash": "3b1dd17cc82e2ac43ba62bf8f1c6a0fe805df43911653d22c902571eb3a212ce",
"index": 0
},
"script": "000000004c6952210209ad6cf408e41362fa175d5869e4561f1890c0d8d74353c86095fdecde34459721024a92aa3f883cc4438b75205555e517a4f7cc10ffd42517297a17821ae6f0bb8821037d2a259a52f62fee96fea072844139224fbd9027116ac7582025dd446fc73e3e53ae",
"witness": "00",
"sequence": 4294967295,
"coin": {
"version": 1,
"height": -1,
"value": 10000000000,
"script": "a9144de6d3580732a7c7c2b1eb043cb1b89350c265fa87",
"address": "38nvUMbXFdXDp4PTWvbohCbnPJuLUVwzXr",
"coinbase": false
}
}
],
"outputs": [
{
"value": 5000000000,
"script": "a91481be67198d33319415d09b03f2dc2cfa4cdb42aa87",
"address": "3DX3BhmdRGf5vYbtzHKzazGmZ7WgUkhFRk"
},
{
"value": 4999000000,
"script": "a9144de6d3580732a7c7c2b1eb043cb1b89350c265fa87",
"address": "38nvUMbXFdXDp4PTWvbohCbnPJuLUVwzXr"
}
],
"locktime": 0,
"hex": "0100000001ce12a2b31e5702c9223d651139f45d80fea0c6f1f82ba63bc42a2ec87cd11d3b000000006f000000004c6952210209ad6cf408e41362fa175d5869e4561f1890c0d8d74353c86095fdecde34459721024a92aa3f883cc4438b75205555e517a4f7cc10ffd42517297a17821ae6f0bb8821037d2a259a52f62fee96fea072844139224fbd9027116ac7582025dd446fc73e3e53aeffffffff0200f2052a0100000017a91481be67198d33319415d09b03f2dc2cfa4cdb42aa87c0aff6290100000017a9144de6d3580732a7c7c2b1eb043cb1b89350c265fa8700000000"
}
If you decode the script in the inputs it is:
OP_0 OP_0 OP_0 OP_0 52210209ad6cf408e41362fa175d5869e4561f1890c0d8d74353c86095fdecde34459721024a92aa3f883cc4438b75205555e517a4f7cc10ffd42517297a17821ae6f0bb8821037d2a259a52f62fee96fea072844139224fbd9027116ac7582025dd446fc73e3e53ae
As you can see there are 4 OP_0 placeholders to input the signatures.
Now my question is, which part of the transaction the external signing application should sign. Is it just the 000000004c6952210209ad6cf408e41362fa175d5869e4561f1890c0d8d74353c86095fdecde34459721024a92aa3f883cc4438b75205555e517a4f7cc10ffd42517297a17821ae6f0bb8821037d2a259a52f62fee96fea072844139224fbd9027116ac7582025dd446fc73e3e53ae
part?
Any reference is highly appreciated. I have read https://en.bitcoin.it/wiki/Transaction and https://en.bitcoin.it/wiki/OP_CHECKSIG but I can't figure out for sure. Thank you.
thank you very much. Can you please elaborate what will be signed in the case there are multiple inputs with different multisig scripts for each of them. Each time the transaction is signed, are all the inputs replaced by
0x00for all the inputs? Thank you. – madu – 2019-09-19T13:12:00.0901Yes, in SIGHASH_ALL, each input signs the same scheme:
0x00for every input script except the input being signed, where the script is replaced with the previous txs' output script. – pinhead – 2019-09-19T14:54:31.713Thank you pinhead. Makes it clear now. – madu – 2019-09-20T04:53:22.287