Fix signmessage to be Electrum-compatible

[AdamISZ]

Verification of message signatures against segwit addresses
is not currently functional/possible in Core, and additionally
the signing function used for messages in jmbitcoin, derived
from coincurve, was not compatible with Electrum either.
This commit uses the functionality in python-bitcointx's
signmessage module, and now the wallet method signmessage
creates signatures on messages against segwit addresses that
are verifiable in Electrum.

[AdamISZ]

Some reference points: original commit that added signmessage, in Jun 2017, was working at that time: 28912ac#diff-326acdd19b880cb124ebd72bd49b94eb9b14167dfac0e1dad049059ec3c18e94R390-R393 - but note that that was shortly before segwit, so working with legacy addresses.

The functionality offered was specifically the ability to create signatures verifiable in Bitcoin Core; no verification method was added then (or since).
It seems that this was kind of "broken in at least two ways":

• broken by segwit and the fact that Core decided it was better not to down the route of "guess the key by recovery" for either the scripthash or keyhash variants of segwit, see e.g. discussion here. Core intends to address this with a new signature standard, see here, but I am not sure the current status.
• also the change to coincurve from secp256k1-py was "breaking" as far as my investigations indicate; specifically, see the change here - but at that time (Nov 2018), the difference was basically academic, since Joinmarket was already ~ segwit-only, anyway.

The later introduction of python-bitcointx replacing most (but not all unfortunately!) uses of coincurve didn't really change this, at the time, except in a trivial sense: an attempt to call the signmessage method of wallet-tool.py actually triggers a syntax error because of this line not having been updated to remove an argument in #536.

The fact that we haven't had complaints for years does rather suggest this is not an important feature today! But it could be useful, and as can be seen, the change needed to at least make it Electrum compatible, for now, is close to trivial.

A very important detail should be remembered: the Joinmarket communication protocol itself uses message signatures, and they are using the effectively now "legacy" coincurve-based jmbitcoin.ecdsa_sign function, which is as explained not compatible with this; but this cannot be changed until and unless we upgrade our protocol (current version 5).

Edit: just dropping a couple of additional related code links in case they're useful:

Core signing code
python-bitcointx examples using SignMessage/VerifyMessage

[AdamISZ]

Tested (meaning: create signatures with Joinmarket address and wallet-tool signmessage, then attempt to verify in Electrum desktop) as working with both p2sh-p2wpkh and p2wpkh addresses. Note that only mainnet is supported (just to minimize the workload, not for a fundamental reason).

[kristapsk]

Could we add some test(s) to test suite for this?

[AdamISZ]

Could we add some test(s) to test suite for this?

Yep, good call, I'll add a few test cases.

[AdamISZ]

Test suite passing, flake8 OK (we really need to re-set up CI ..), the signatures are from both wallet types and all verify against Electrum latest version. No real rush, but I'll squash and merge if I get a tACK.

[kristapsk]

ACK 53d41eb (tested against Electrum 4.0.9 with p2wpkh)

[AdamISZ]

OK squashing and merging, thanks.