From 4660b84c2dbb2f00858baecb598d1d45ed1401c8 Mon Sep 17 00:00:00 2001
From: Daniel Cousens <github@dcousens.com>
Date: Tue, 10 Mar 2015 20:34:13 +1100
Subject: [PATCH 1/2] txbuilder: refactor for clarity

---
 src/transaction_builder.js | 22 ++++++++++------------
 1 file changed, 10 insertions(+), 12 deletions(-)

diff --git a/src/transaction_builder.js b/src/transaction_builder.js
index a960d73..52de58d 100644
--- a/src/transaction_builder.js
+++ b/src/transaction_builder.js
@@ -371,22 +371,20 @@ TransactionBuilder.prototype.sign = function (index, privKey, redeemScript, hash
   var signatureScript = input.redeemScript || input.prevOutScript
   var signatureHash = this.tx.hashForSignature(index, signatureScript, hashType)
 
+  // enforce signature order matches public keys
   if (input.scriptType === 'multisig' && input.redeemScript && input.signatures.length !== input.pubKeys.length) {
-    // store signatures locally
-    var _signatures = input.signatures.slice()
-
-    // loop over pubKeys to set their respective signature or set it to OP_0
     input.signatures = input.pubKeys.map(function (pubKey) {
-      var signature = null
-      _signatures.forEach(function (_signature, _sigIdx) {
-        // check if the signature is not null / false / OP_0 and verify if it belongs to the pubKey
-        if (!signature && _signature && pubKey.verify(signatureHash, _signature)) {
-          // use .splice to remove the signature from the list, so we won't verify it again
-          signature = _signatures.splice(_sigIdx, 1)[0]
-        }
+      var match
+
+      // check for any matching signatures
+      input.signatures.some(function (signature) {
+        if (!pubKey.verify(signatureHash, signature)) return false
+        match = signature
+
+        return true
       })
 
-      return signature || ops.OP_0
+      return match || undefined
     })
   }
 

From 6c02e1692ac42cbc8432f51d0a56ef4a389edcc3 Mon Sep 17 00:00:00 2001
From: Daniel Cousens <github@dcousens.com>
Date: Fri, 13 Mar 2015 15:42:13 +1100
Subject: [PATCH 2/2] txbuilder: re-add verification optimizations

---
 src/transaction_builder.js | 8 +++++++-
 1 file changed, 7 insertions(+), 1 deletion(-)

diff --git a/src/transaction_builder.js b/src/transaction_builder.js
index 52de58d..f860f95 100644
--- a/src/transaction_builder.js
+++ b/src/transaction_builder.js
@@ -373,14 +373,20 @@ TransactionBuilder.prototype.sign = function (index, privKey, redeemScript, hash
 
   // enforce signature order matches public keys
   if (input.scriptType === 'multisig' && input.redeemScript && input.signatures.length !== input.pubKeys.length) {
+    // maintain a local copy of unmatched signatures
+    var unmatched = input.signatures.slice()
+
     input.signatures = input.pubKeys.map(function (pubKey) {
       var match
 
       // check for any matching signatures
-      input.signatures.some(function (signature) {
+      unmatched.some(function (signature, i) {
         if (!pubKey.verify(signatureHash, signature)) return false
         match = signature
 
+        // remove matched signature from unmatched
+        unmatched.splice(i, 1)
+
         return true
       })