[bisq-network/bisq] Message sign verify functionality compatible with Bitcoin core & electrum (#5375)

Mawu Eli notifications at github.com
Wed Mar 31 02:26:01 CEST 2021 

@wallclockbuilder approved this pull request.

ACK


### Sign

- Is Bisq compatible with Electrum?


![1 1electrum message - address - signature](https://user-images.githubusercontent.com/2033945/113071667-1805c100-917a-11eb-8181-fbb63bc6d3f3.png)
Message signed by address in Electrum

![1 2bisq compatible with electrum](https://user-images.githubusercontent.com/2033945/113071673-19cf8480-917a-11eb-908f-1a398fd2205d.png)
Same message signed by Bisq with the same address resulted in the same signature.



### Verify

- Can Bisq Verify A message signed by Electrum?


![2electrum signed](https://user-images.githubusercontent.com/2033945/113071679-1b994800-917a-11eb-8416-7886361a7c29.png)
Message signed by electrum. Will Bisq be able to verify it?

![2 1bisq verification setup](https://user-images.githubusercontent.com/2033945/113071675-1a681b00-917a-11eb-89b9-bdd5a791ceae.png)
Load signed message details from Electrum into Bisq. Will it verify?

![2 2bisq signature verified](https://user-images.githubusercontent.com/2033945/113071676-1b994800-917a-11eb-9e77-3577348a1432.png)
Bisq verifies signature from Electrum successfully


### Unhappy path
![3 1bisq - wrong message - setup](https://user-images.githubusercontent.com/2033945/113071680-1c31de80-917a-11eb-935b-d456111b4754.png)
Modify message. Will Bisq be fooled?

![3 2bisq wrong signature - message changed](https://user-images.githubusercontent.com/2033945/113071681-1cca7500-917a-11eb-99c2-01cb99ff525b.png)
Bisq successfully detects wrong signature due to modified message.

![4 1bisq wrong address setup](https://user-images.githubusercontent.com/2033945/113071684-1d630b80-917a-11eb-9ace-2964a19924dd.png)
Tamper with address. Will bisq be able to tell?

![4 2bisq wrong signature - addess changed](https://user-images.githubusercontent.com/2033945/113071685-1dfba200-917a-11eb-8323-a62b858eff5e.png)
Bisq successfully detects wrong signature due to wrong address.

![5 1bisq wrong signature setup](https://user-images.githubusercontent.com/2033945/113071686-1e943880-917a-11eb-939c-bb64aad3de34.png)
Tamper with signature. Will bisq be able to tell?

![5 2bisq wrong signature - signature changed](https://user-images.githubusercontent.com/2033945/113071687-1f2ccf00-917a-11eb-92ae-622a2e61d31f.png)
Bisq successfully rejects wrong signature.

> +        myGridPane.add(new Label(""), 0, ++rowIndexB);  // spacer
+        Button buttonSign = new AutoTooltipButton("Sign");
+        Button buttonVerify = new AutoTooltipButton("Verify");
+        HBox buttonBox = new HBox(12, buttonSign, buttonVerify);
+        buttonBox.setAlignment(Pos.BASELINE_CENTER);
+        buttonBox.setPrefWidth(800);
+        myGridPane.add(buttonBox, 0, ++rowIndexB);
+
+        buttonSign.setOnAction(e -> {
+            String walletInfo = walletsManager.getWalletsAsString(true);
+            String privKeyHex = findPrivForPubOrAddress(walletInfo, address.getText());
+            if (privKeyHex == null) {
+                messageSig.setText("");
+                new Popup().information("Key not found in wallet").show();
+            } else {
+                ECKey myPrivateKey = ECKey.fromPrivate(Utils.HEX.decode(privKeyHex));

[Tested](https://github.com/bitcoinj/bitcoinj/blob/68097e11f673ddaf16ec4e2f71f7e676d581f350/core/src/test/java/org/bitcoinj/core/ECKeyTest.java#L210) by BitcoinJ.

> +
+        buttonSign.setOnAction(e -> {
+            String walletInfo = walletsManager.getWalletsAsString(true);
+            String privKeyHex = findPrivForPubOrAddress(walletInfo, address.getText());
+            if (privKeyHex == null) {
+                messageSig.setText("");
+                new Popup().information("Key not found in wallet").show();
+            } else {
+                ECKey myPrivateKey = ECKey.fromPrivate(Utils.HEX.decode(privKeyHex));
+                String signatureBase64 = myPrivateKey.signMessage(messageText.getText());
+                messageSig.setText(signatureBase64);
+            }
+        });
+        buttonVerify.setOnAction(e -> {
+            try {
+                ECKey key = ECKey.signedMessageToKey(messageText.getText(), messageSig.getText());

[Tested](https://github.com/bitcoinj/bitcoinj/blob/68097e11f673ddaf16ec4e2f71f7e676d581f350/core/src/test/java/org/bitcoinj/core/ECKeyTest.java#L226) by Bitcoinj.

-- 
You are receiving this because you are subscribed to this thread.
Reply to this email directly or view it on GitHub:
https://github.com/bisq-network/bisq/pull/5375#pullrequestreview-624792402
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.bisq.network/pipermail/bisq-github/attachments/20210330/dd3e7f28/attachment.htm>

More information about the bisq-github mailing list