diff options
author | Luke Dashjr <luke-jr+git@utopios.org> | 2016-10-05 11:35:37 +0000 |
---|---|---|
committer | Luke Dashjr <luke-jr+git@utopios.org> | 2016-10-05 11:35:37 +0000 |
commit | 0f0dad6b89925d8cc5d8bd4ebf06da0fea9c8081 (patch) | |
tree | 28575613b2d07e5e11246ea6d2dd065b82530191 /bip-0049.mediawiki | |
parent | 544941d09600d14dc7daf0828d60b29248d337bc (diff) |
Assign BIP 49: Derivation scheme for P2WPKH-nested-in-P2SH based accounts
Diffstat (limited to 'bip-0049.mediawiki')
-rw-r--r-- | bip-0049.mediawiki | 104 |
1 files changed, 104 insertions, 0 deletions
diff --git a/bip-0049.mediawiki b/bip-0049.mediawiki new file mode 100644 index 0000000..5ec371f --- /dev/null +++ b/bip-0049.mediawiki @@ -0,0 +1,104 @@ +<pre> + BIP: 49 + Title: Derivation scheme for P2WPKH-nested-in-P2SH based accounts + Author: Daniel Weigl <Daniel.Weigl@mycelium.com> + Status: Draft + Type: Informational + Created: 2016-05-19 +</pre> + +==Abstract== + +This BIP defines the derivation scheme for HD wallets using the P2WPKH-nested-in-P2SH ([[bip-0141.mediawiki|BIP 141]]) serialization format for segregated witness transactions. + +==Motivation== + +With the usage of P2WPKH-nested-in-P2SH ([[bip-0141.mediawiki#p2wpkh-nested-in-bip16-p2sh|BIP 141]]) transactions it is necessary to have a common derivation scheme. +It allows the user to use different HD wallets with the same masterseed and/or a single account seamlessly. + +Thus the user needs to create a dedicated segregate witness accounts, which ensures that only wallets compatible with this BIP +will detect the account and handle them appropriately. + +===Considerations=== +Two generally different approaches are possible for current BIP44 capable wallets: + +1) Allow the user to use the same account(s) that they already uses, but add segregated witness encoded addresses to it + +1.1) Use the same public keys as defined in BIP44, but in addition to the normal P2PKH address also derive the P2SH address from it. + +1.2) Use the same account root, but branch off and derive different external and internal chain roots to derive dedicated public keys for the segregated witness addresses. + +2) Create dedicated accounts only used for segregated witness addresses. + +The solutions from point 1 have a common disadvantage: if a user imports/recovers a BIP49-compatible wallet masterseed into/in a non-BIP{ThisBipNumber}-compatible wallet, the account might show up but also it might miss some UTXOs. + +Therefore this BIP uses solution 2, which fails in a more visible way. Either the account shows up or not at all. The user does not have to check his balance after using the same seed in different wallets. + + +==Specifications== + +This BIP defines the two needed steps to derive multiple deterministic addresses based on a [[bip-0032.mediawiki|BIP 32]] root account. + +===Public key derivation=== + +To derive a public key from the root account, this BIP uses the same account-structure as defined in +[[bip-0044.mediawiki|BIP 44]], but only uses a different purpose value to indicate the different transaction +serialization method. + +<pre> +m / purpose' / coin_type' / account' / change / address_index +</pre> + +For the `purpose`-path level it uses {ThisBipNumber}'. The rest of the levels are used as defined in BIP44 + + +===Address derivation=== + +To derive the P2SH address from the above calculated public key, we use the encapsulation defined in [[bip-0141.mediawiki#p2wpkh-nested-in-bip16-p2sh|BIP 141]]: + + witness: <signature> <pubkey> + scriptSig: <0 <20-byte-key-hash>> + (0x160014{20-byte-key-hash}) + scriptPubKey: HASH160 <20-byte-script-hash> EQUAL + (0xA914{20-byte-script-hash}87) + +==Backwards Compatibility== + +This BIP is not backwards compatible by design as described under [#considerations]. A not compatible wallet will not discover accounts at all and the user will notice that something is wrong. + + +==Test vectors== + +(tbd. when we have the actual bip number) +<pre> + masterseedWords = abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon abandon about + masterseed = <hex...> + + // Account 0, root = m/49'/0'/0' + account0Xpriv = <hex> + + // Account 0, first receiving private key = m/49'/0'/0'/0/0 + account0recvPrivateKey = <hex> + account0recvPublickKey = <hex> + + // Address derivation + keyhash = HASH160(account0recvPublickKey) = <hex> + scriptSig = <0 <keyhash>> = <hex> + addressBytes = HASH160(scriptSig) = <hex> + + // addressBytes base58check encoded for testnet + address = base58check(prefix | addressBytes) = 1xyz.... +</pre> + + +==Reference== + +* [[bip-0016.mediawiki|BIP16 - Pay to Script Hash]] +* [[bip-0032.mediawiki|BIP32 - Hierarchical Deterministic Wallets]] +* [[bip-0043.mediawiki|BIP43 - Purpose Field for Deterministic Wallets]] +* [[bip-0044.mediawiki|BIP44 - Multi-Account Hierarchy for Deterministic Wallets]] +* [[bip-0141.mediawiki|BIP141 - Segregated Witness (Consensus layer)]] + +== Copyright == + +This document is placed in the public domain. |