From ee75df2381017d81c7333c4f8042131b06dbd933 Mon Sep 17 00:00:00 2001 From: Lyndon Date: Fri, 12 Dec 2025 16:09:07 +0800 Subject: [PATCH 1/4] docs: invalid signature description --- docs/advanced.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/docs/advanced.md b/docs/advanced.md index 6be1866..6e54b9c 100644 --- a/docs/advanced.md +++ b/docs/advanced.md @@ -25,6 +25,9 @@ Each field here serves a different purpose: * `M`: `M` represents the threshold, meaning how many signatures must be provided to unlock the cell. For instance, in a 3-of-5 setup, `M` must be 3. * `N`: `N` represents the avialble public keys, in a 3-of-5 setup, `N` must be 5. +If any signature fails verification, the entire process fails, even when the remaining signatures (more than `M`) are valid. In the UTXO model, transactions can be validated off-chain by SDKs or tools, allowing invalid signatures to be removed before broadcasting to the P2P network. + + `N` also denotes how many pairs of `param flag` and `public key` will follow. Each `param id` will be 1 byte, the higher 7 bit represents `param ID`, denoting the parameter set to use, the lowest bit is a signature flag, for multisig configuration, this bit is always 0. A public key can range from 48 to 64 depending on the parameter set. The exact of value in `param id` indicates the length of public key followed. ## Multisig ID, Param ID From 65c8ddeb4b49f3b5e908a96dbd30f45347a2eade Mon Sep 17 00:00:00 2001 From: Lyndon Date: Fri, 12 Dec 2025 16:54:38 +0800 Subject: [PATCH 2/4] docs: clarify signature requirements --- docs/advanced.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/docs/advanced.md b/docs/advanced.md index 6e54b9c..de0adfb 100644 --- a/docs/advanced.md +++ b/docs/advanced.md @@ -25,7 +25,9 @@ Each field here serves a different purpose: * `M`: `M` represents the threshold, meaning how many signatures must be provided to unlock the cell. For instance, in a 3-of-5 setup, `M` must be 3. * `N`: `N` represents the avialble public keys, in a 3-of-5 setup, `N` must be 5. -If any signature fails verification, the entire process fails, even when the remaining signatures (more than `M`) are valid. In the UTXO model, transactions can be validated off-chain by SDKs or tools, allowing invalid signatures to be removed before broadcasting to the P2P network. +If any signature fails verification, the entire process fails, even when the remaining signatures (more than `M`) are valid. +In the UTXO model, transactions can be validated off-chain by SDKs or tools, allowing invalid signatures to be removed before broadcasting to the P2P network. +Therefore, the design only allows exactly `M` signatures to be provided—do not provide more than `M` signatures. `N` also denotes how many pairs of `param flag` and `public key` will follow. Each `param id` will be 1 byte, the higher 7 bit represents `param ID`, denoting the parameter set to use, the lowest bit is a signature flag, for multisig configuration, this bit is always 0. A public key can range from 48 to 64 depending on the parameter set. The exact of value in `param id` indicates the length of public key followed. From dfabf8fab094eff7cf1851cb6750d3aac5a0f107 Mon Sep 17 00:00:00 2001 From: xjd Date: Mon, 15 Dec 2025 15:12:53 +0800 Subject: [PATCH 3/4] Update docs/advanced.md Co-authored-by: Yukang --- docs/advanced.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/docs/advanced.md b/docs/advanced.md index de0adfb..ac7ba09 100644 --- a/docs/advanced.md +++ b/docs/advanced.md @@ -26,7 +26,7 @@ Each field here serves a different purpose: * `N`: `N` represents the avialble public keys, in a 3-of-5 setup, `N` must be 5. If any signature fails verification, the entire process fails, even when the remaining signatures (more than `M`) are valid. -In the UTXO model, transactions can be validated off-chain by SDKs or tools, allowing invalid signatures to be removed before broadcasting to the P2P network. +In the UTXO model, transactions can be validated off-chain by SDKs or tools, allowing invalid signatures to be removed before broadcasting to the P2P network. Therefore, the design enforces a strict limit: provide exactly $M$ signatures (no more, no less). Therefore, the design only allows exactly `M` signatures to be provided—do not provide more than `M` signatures. From 174df9efcd13e4196ccae5721749cefaef5627a5 Mon Sep 17 00:00:00 2001 From: Lyndon Date: Mon, 15 Dec 2025 15:16:08 +0800 Subject: [PATCH 4/4] docs: update from comments --- docs/advanced.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/docs/advanced.md b/docs/advanced.md index ac7ba09..6af430e 100644 --- a/docs/advanced.md +++ b/docs/advanced.md @@ -21,14 +21,12 @@ A multisig configuration uses the following structure: Each field here serves a different purpose: * `S`: `S` represents a reserved field. It must be of value `0x80`, the value is intentially chosen to be different from the secp256k1 multisig lock deployed in CKB's genesis block. -* `R`: `R` represents how many starting public keys are required. For example, in a 3-of-5 setup, one might want to say that signatures for public key A and B must always be present so as to unlock the cell. In this case one can put ublic key A and B at the start of the public key list, and then set `R` to 2. +* `R`: `R` represents how many starting public keys are required. For example, in a 3-of-5 setup, one might want to say that signatures for public key A and B must always be present so as to unlock the cell. In this case one can put public key A and B at the start of the public key list, and then set `R` to 2. * `M`: `M` represents the threshold, meaning how many signatures must be provided to unlock the cell. For instance, in a 3-of-5 setup, `M` must be 3. * `N`: `N` represents the avialble public keys, in a 3-of-5 setup, `N` must be 5. If any signature fails verification, the entire process fails, even when the remaining signatures (more than `M`) are valid. In the UTXO model, transactions can be validated off-chain by SDKs or tools, allowing invalid signatures to be removed before broadcasting to the P2P network. Therefore, the design enforces a strict limit: provide exactly $M$ signatures (no more, no less). -Therefore, the design only allows exactly `M` signatures to be provided—do not provide more than `M` signatures. - `N` also denotes how many pairs of `param flag` and `public key` will follow. Each `param id` will be 1 byte, the higher 7 bit represents `param ID`, denoting the parameter set to use, the lowest bit is a signature flag, for multisig configuration, this bit is always 0. A public key can range from 48 to 64 depending on the parameter set. The exact of value in `param id` indicates the length of public key followed.