A little note about the "make a privkey" section of the signature example; it can sometimes* make invalid privkeys that are off the end of the EC curve. Only integers between 0x1 and 0xFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141 are valid in our particular case. Super unlikely to ever get a sha256 hash that matches the invalid portion, but it's worthwhile to point out.<p>* probably never, but worth mentioning
Possible bug:<p>The instructions BOOLAND and BOOLOR don't interpret the stack values the same way IF, VERIFY etc do. They decode the top stack values as integers and compare against zero, thus they have to fail when the top stack item size is greater than 4 bytes.<p>Edit: littleEndian.decode also doesn't seem to respect the size limits<p>Edit2: .. or signed integers for that matter. So while this is a very cool basic concept, it's not a complete implementation.<p>The reference client provides test suites<p><a href="https://github.com/bitcoin/bitcoin/blob/master/src/test/data/script_valid.json" rel="nofollow">https://github.com/bitcoin/bitcoin/blob/master/src/test/data...</a><p><a href="https://github.com/bitcoin/bitcoin/blob/master/src/test/data/script_invalid.json" rel="nofollow">https://github.com/bitcoin/bitcoin/blob/master/src/test/data...</a>