Re: [Bitcoin-development] Who is creating non-DER signatures?

2013-04-13 Thread Gregory Maxwell
On Sat, Apr 13, 2013 at 2:43 PM, Pieter Wuille pieter.wui...@gmail.com wrote: Actual network rules will need to come later. However, even just not accepting them into memory pools will it make very hard (if not impossible) for the buggy clients that create transactions to get any confirmations.

[Bitcoin-development] Who is creating non-DER signatures?

2013-04-07 Thread Pieter Wuille
(cross-post from bitcointalk.org) Hello all, as some may know, Bitcoin uses DER-encoded signatures in its transactions. However, OpenSSL (which is used to verify them) accepts more than just the strict DER specification (it allows negative numbers, extra zero padding, extra bytes at the end, and

Re: [Bitcoin-development] Who is creating non-DER signatures?

2013-04-07 Thread Mike Hearn
It'd help to know how the signatures are invalid. On Sun, Apr 7, 2013 at 5:34 PM, Pieter Wuille pieter.wui...@gmail.comwrote: (cross-post from bitcointalk.org) Hello all, as some may know, Bitcoin uses DER-encoded signatures in its transactions. However, OpenSSL (which is used to verify

Re: [Bitcoin-development] Who is creating non-DER signatures?

2013-04-07 Thread Pieter Wuille
On Sun, Apr 07, 2013 at 06:01:13PM +0200, Mike Hearn wrote: It'd help to know how the signatures are invalid. The majority (~90%) is negative R or S values (which are just interpreted as unsigned by OpenSSL, but if the top byte has its highest bit set, it must be preceeded by a 0x00 accordinging