I wrote a program that verifies signatures for Taproot transactions the usage of the secp256k1 library. My program works completely for SIGHASH_ALL, SIGHASH_NONE and SIGHASH_SINGLE. However in February, we noticed the start of an enormous wave of Taproot transactions the usage of 0x83 because the SIGHASH byte. I additionally know of 1 Taproot transaction that makes use of SIGHASH byte 0x81. My program fails on transactions that come with the SIGHASH_ANYONECANPAY bit and I will be able to’t work out why. Those are all keypath spent transactions, which will have to be reasonably easy to make sure.
The issue will have to be that It’s not that i am generating the similar message that used to be signed for those SIGHASH varieties, however I will be able to’t to find the place the mistake is. I’m the usage of the Signature validation regulations phase of BIP341 to resolve which portions of the transaction to incorporate.
The transaction that makes use of SIGHASH byte 0x81 is c0b767665e68916510126d704c1e96903275ed9e8c97e6782568cd23a4e8ef09, enter 0. My program produces a message of 126 bytes as follows:
0 byte: 00
Sighash: 81
Tx Model: 02000000
Tx Locktime: 00000000
Outputs Hash: d32241d6cf9637a786922b700fc5c34385dc2a738d84734cae914b39ef595cfe
Spend Sort: 00
Outpoint: 7eac3298e596858e44bdf23a06409133bf5eb5b886dda2891de452b991a7489400000000
Quantity: 3954000000000000
Output Script: 225120fd784aba5e91d18306ba722f3af50ecdaf056caf19a3632a39b1b64a2109ecf6
Collection: ffffffff
The outputs hash is a unmarried SHA256 of the next bytes:
Output 0 Quantity: e803000000000000
Output 0 Script: 225120fd784aba5e91d18306ba722f3af50ecdaf056caf19a3632a39b1b64a2109ecf6
Output 1 Quantity: 3d46000000000000
Output 1 Script: 225120fd784aba5e91d18306ba722f3af50ecdaf056caf19a3632a39b1b64a2109ecf6
A transaction that makes use of SIGHASH byte 0x83 is 2e46f5b63deb421dee85cfea240a74b99d14b3286c195189f223f6260ea13943, enter 1. My program produces a message of 126 bytes as follows:
0 byte: 00
Sighash: 83
Tx Model: 02000000
Tx Locktime: 00000000
Spend Sort: 00
Outpoint: 19ad63e54efbd351f94496789035483cd4c6962c9d63fe83dc9babcead677f4b00000000
Quantity: 1027000000000000
Output Script: 2251208102001190c6aad9a015dff1540dc9a7bda31613b8ab05a58268c4bff53fae82
Collection: ffffffff
Output Hash: a29ce7981f103591964c176f85cb171e098c4d86d31ec711b2a91c0d59134adf
The output hash is a unmarried SHA256 of the next bytes:
Output 1 Quantity: 1027000000000000
Output 1 Script: 2251208102001190c6aad9a015dff1540dc9a7bda31613b8ab05a58268c4bff53fae82
The whole lot else is operating superb. I am the usage of the TapSighash tag and the whole thing else appropriately, differently not one of the different transactions would examine both. The issue is simplest taking place for SIGHASH_ANYONECANPAY varieties. What am I lacking?
