[Bitcoin-development] [softfork proposal] Strict DER signatures

Pieter Wuille pieter.wuille at gmail.com
Wed Jan 21 00:35:49 UTC 2015


Hello everyone,

We've been aware of the risk of depending on OpenSSL for consensus
rules for a while, and were trying to get rid of this as part of BIP
62 (malleability protection), which was however postponed due to
unforeseen complexities. The recent evens (see the thread titled
"OpenSSL 1.0.0p / 1.0.1k incompatible, causes blockchain rejection."
on this mailing list) have made it clear that the problem is very
real, however, and I would prefer to have a fundamental solution for
it sooner rather than later.

I therefore propose a softfork to make non-DER signatures illegal
(they've been non-standard since v0.8.0). A draft BIP text can be
found on:

    https://gist.github.com/sipa/5d12c343746dad376c80

The document includes motivation and specification. In addition, an
implementation (including unit tests derived from the BIP text) can be
found on:

    https://github.com/sipa/bitcoin/commit/bipstrictder

Comments/criticisms are very welcome, but I'd prefer keeping the
discussion here on the mailinglist (which is more accessible than on
the gist).

-- 
Pieter




More information about the bitcoin-dev mailing list