signature – How to prove wallet ownership?

Context

I would like to verify being A has access to a wallet and hence would like to ask them to pay a minimum amount to a particular wallet address owned by someone other than me, e.g. 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa, with a signature ThisIsUnexpected that I gave to the being A.

The basic concept I believe is quite simple, if being A agrees, they share with me their bitcoin wallet address:being_A_bitcoin_wallet_address. Next, I would share the expected signature, and selected recipient address (e.g. 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa) with being A. Being A then pays a minimal amount of bitcoin to 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa. After the transaction is completed, I look at the transaction history of the received donations to 1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa and find the transaction made by being_A_bitcoin_wallet_address. Next, I look at the signature of that particular transaction and verify it reads: ThisIsUnexpected. If the transaction indeed has that signature I have a high certainty being A has access to being_A_bitcoin_wallet_address and I can verify their amount of funds.

Challenge

Though the idea may be relatively simple, I am experiencing some challenges in the execution.

To test the verification procedure, I thought I would look up the signatures of past transactions to that address. Hence I went to: https://www.blockchain.com/btc/address/1A1zP1eP5QGefi2DMPTfTL5SLmv7DivfNa and looked at the list of transactions. At the moment of writing, this is the most recent transaction, so I thought I could perhaps take the Sigscript of the transaction (with index 1) and put it into this signature verification tool to get a human-readable signature. However that tool does not seem to provide a human-readable signature, nor do I know whether the arbitrary transaction I selected contains a “Thank you Satoshi”-like signature.

Question

How could I practically verify the signature of a bitcoin transaction (if it has one)?

Subquestions

I think this question could be segmented in the following sub-questions:

  • How can I verify that an arbitrary transaction contains a human-readable signature?
  • Which information of the transaction data should I use to obtain a human readable form of the transaction signature?
  • Which online resources could be used to verify a signature?
  • Is there a python script that provides a function: being_has_access_to_wallet(claimed_wallet_access_address, recipient_wallet_address,human_readable_signature, amount=0.0001) that returns True or False using something like a block explorer?

digital signature – Why are LMS and XMSS no candidates in the Post-Quantum Cryptography Standardization process?

Why are Leighton-Micali Signature Scheme (LMS) and eXtended Merkle Signature Scheme (XMSS) no candidates in the NIST Post-Quantum Cryptography Standardization process?
Both are mentioned in the final draft of Recommendation for Stateful Hash-Based Signature Schemes.

I was expecting that both algorithms are candidates in the standardization process as well, but it seems that they weren’t even submitted. Can anyone explain why? If they are not considered as candidates for a new standard why does the Recommendation for Stateful Hash-Based Signature Schemes exist and mention exactly those two algorithms?

Is the recommendation just a temporary standard until the standardization process is finished?

linux – DKIM Validating Signature, Result = Fail Details: Body Has Been Altered

I have 2 mail server,
Main Mail Server = Microsoft Exchange Server
Secondary Mail Server = Ubuntu Postfix only as SMTP Relay.
The Exchange Server is using Ubuntu Postfix SMTP as Smarthost,
And the problem is Exchange Server need to use thirdparty software to integrate with DKIM.
I used DKIM Exchange(https://github.com/Pro/dkim-exchange) as the third party software,
By following this tutorial https://colinwilson.uk/2017/07/19/setting-up-dkim-for-exchange-server/
But got a problem, when checking DKIM Signature on https://dkimvalidator.com/
I got an Error like this:

DKIM Information:
DKIM Signature
Message contains this DKIM Signature:
DKIM-Signature: v=1; a=rsa-sha256; d=example.com; s=default;
c=relaxed/relaxed; t=1619877233; h=from:subject:to:date:message-id;
bh=iOObCKJdXN6HiMEEGHi3hTEvUHxZe5CdQrWy7paoGeo=;
b=KHjroY6llEGwgpFXQwvTggVvN8pWkRarZfbxPMWZ3J6axLy7fngoJ7VXA/AJB9sc/N+UasENrvy
nflG8WgnKgN12Bh6VHC0xt/2M7SjtOI9CknSg3Bi0EZsYRqD5JJZqBWobNLV51sYbfT0W7KjdOkQX
i5u1sWfV4qskQKyIl48L3M9ktKyYEpZqlkr/a2iEJfVr+eMVrR8VnCbse/ccpZwEMHA5VtdWGh200
F60MITxLG0lYwZQ//RcOOjX9qTEKDxRdbRnFbvagGO7Co39bSyPw9Co6S7K+BI0tVO8Df9uV2H5ee
NqKQJQDZ50VdZLi8wQwSWCiT7gfukJUUsA1g==

Signature Information:
v= Version: 1
a= Algorithm: rsa-sha256
c= Method: relaxed/relaxed
d= Domain: example.com s= Selector: default
q= Protocol:
bh= iOObCKJdXN6HiMEEGHi3hTEvUHxZe5CdQrWy7paoGeo=
h= Signed Headers: from:subject:to:date:message-id
b= Data: KHjroY6llEGwgpFXQwvTggVvN8pWkRarZfbxPMWZ3J6axLy7fngoJ7VXA/AJB9sc/N+UasENrvy
nflG8WgnKgN12Bh6VHC0xt/2M7SjtOI9CknSg3Bi0EZsYRqD5JJZqBWobNLV51sYbfT0W7KjdOkQX
i5u1sWfV4qskQKyIl48L3M9ktKyYEpZqlkr/a2iEJfVr+eMVrR8VnCbse/ccpZwEMHA5VtdWGh200
F60MITxLG0lYwZQ//RcOOjX9qTEKDxRdbRnFbvagGO7Co39bSyPw9Co6S7K+BI0tVO8Df9uV2H5ee
NqKQJQDZ50VdZLi8wQwSWCiT7gfukJUUsA1g==

Public Key DNS Lookup
Building DNS Query for default._domainkey.example.com
Retrieved this publickey from DNS: v=DKIM1; k=rsa; p=MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq4UV1gOKAQ+Gr9BmFSrGZbo3ll16g8itrrEwBckyGRYD2g+DKINm5fUYNUxn2bILpeh3AT2gJnbGydQNc7p02Hia1H/jnKDbvTfvnmcUQGHLQGYsnSgIJM3f+B5qrpyjfNufyrSr4L4YCBUr1o0KoN4p2p97iOr+MQiHY4sYIDPAcsaQ4zpAcxDmmSbtXbbBdYileN7Anpkm9ODJtNNNZzxH68jFI7ioVjInX8G1mWLKP4sxPoTa86R5C/zu97a0agXPusrCd1bWGKPxFhCUvJpFzdICUdLsVo9mEwbB12kpGrplYPgOb6B1YKn3iu/XBezv/8EIjG/N7+hAEz9C1wIDAQAB

Validating Signature
Result = fail
Details: body has been altered

Anyone have the solution for this? The DKIM Record is Valid but DKIM Signature is failing…

Fortnite forum signature generator

TITRE:The NEW UPDATE in Fortnite is Crazy!

IIn today’s video I cover update info for 16.30 and more NEW EVENTS coming soon to Fortnite Battle Royale for PS4, Xbox One, PC, and Nintendo Switch in 2021. We also cover a creative glitch for SECRET SKINS and how the SPIRE CHALLENGES point towards the Foundation returning. There also some interesting stuff with NPC bosses around the map.

Source: https://shrinke.me/i99bxVc

 

multi signature – Is this scheme for multisig audit of Trezor + Coldcard ok?

My plan is to make a multisig between coldcard and trezor. I want to audit and verify that I indeed own the 2 keys of these wallets, using a raspberry pi zero (no wifi/bluetooth by definition) on a very old HDMI tv with no internet either, and using a virtual keyboard and simply a mouse on the pi zero.

These are the possible risks I want to mitigate:

To eliminate the risk of the trezor generating a private key I don’t own, I’m gonna put its key on the raspberry pi zero and see that it generates the same master pubkey and shown in trezor. This proves I own this key, but it might be a kew that someone already owns. No problem, that’s why I’m doing multisig.

On the coldcard, I’ll generate a seed using dices, and then verify on the raspberry pi that those dice rolls indeed generate the private key shown by coldcard. This proves that I own a private key that no one owns, because it was generated using dices.

Now that I have 2 private keys that I own, and at least one of them I’m the only owner, I can create a multisig wallet on Ethereum or maybe BlueWallet. I’ll annotate the first 10 addresses generated by the software wallet, and verify if they match on the coldcard and on the trezor. If the 3 show the same 10 set of addresses, I can consider these addresses safe for receiving Bitcoin.

I’ll then receive some Bitcoin on one address, erase both wallets, restore them with the private keys, and then try to spend this Bitcoin, just to make sure I really owned the coins.

What are the possible problems I can encounter? Am I forgetting something important?

PS: I know that if the trezor has a malicious random number generator and it creates a private key that not only myself own, this is a privacy leak, but not a problem. And it’s a privacy leak only when I spend from this address, revealing the public key on the blockchain.

I also plan to use just PBST air-gapped transactions on Coldcard, and a trusted computer to broadcast.

directx – Compile shader and root signature of a ray tracing shader into a single binary using DXC

I’m new to DXR, so please

If I got it right, when we want to compile a ray tracing shader using the DirectX Shader Compiler, we need to specify lib_6_* as the target profile.

Now assume I’ve got a HLSL file containing a single ray generation shader RayGen whose root signature is specified by a RootSignature attribute of the form

#define MyRS "RootFlags(LOCAL_ROOT_SIGNATURE),"  
        "DescriptorTable("                  
            "UAV(u0, numDescriptors = 1),"  
            "SRV(t0, numDescriptors = 1))"
(rootsignature(MyRS))
(shader("raygeneration")) 
void RayGen() {}

Using IDxcCompiler::Compile, I’m able to compile both the shader itself using the target profile lib_6_3 and the root signature using the target profile rootsig_1_1, but if I got it right it’s not possible to invoke IDxcCompiler::Compile such that the created IDxcBlob contains both the shader and the root signature. (I’ve tried to add the argument -rootsig-define MyRS to the call for the compilation of the shader, but it seems to me that the compiler expects the root signature specified in this way to be a global root signature.)

So, I end up with two IDxcBlob‘s. Is there any possibility to “merge” them into a single one which can later be used to specify the shader as well in a call of ID3D12Device5::CreateRootSignature?