-
Notifications
You must be signed in to change notification settings - Fork 664
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
op_checkmultisig: Last signature is not verified #270
Comments
Here is the way I went about it, I saw that about the signatures being in the same order of the pubkeys.
I solved it using list .remove(). I don't think things necessarily have to be in order. It seems to cover all the test cases I've tried. Am I missing something or would this work just as well?
|
@mattacus From my understanding, the actual implementation of |
Right, I saw that, in the docs:
After thinking about it some more it makes more sense to do it that way since signature verification time could add up if you have, say, 100s of signature that each node must verify, and you don't pop each pubkey each time it is visited. (In my case I am removing them, but only if the signature is verified, so there could be more iterations). So it seems like they chose that approach for efficiency reasons. |
The given answer for
op_checkmultisig
in Chapter 8 has a bug where the last signature is never verified:The fail condition is in the following check:
but it is only executed at the beginning of each iteration and crucially NOT after we have iterated over all
sigs
. So if we have a 1-of-1op_checkmultisig
, it will pass with any signature and any pubkey, and if we have a 2-of-2op_checkmultisig
, it will pass as long as the first checked signature matches the first checked pubkey (and so on).Example test code to reproduce
Relates to #214 as that issue also talks about problems with
op_checkmultisig
.From my understanding, the signatures passed to
op_checkmultisig
need to be in the same order as the pubkeys. If that's the case, we can fix the implementation using thewhile ... else
construct:The text was updated successfully, but these errors were encountered: