diff options
| author | Peter Todd <pete@petertodd.org> | 2016-01-13 14:52:18 -0500 |
|---|---|---|
| committer | Peter Todd <pete@petertodd.org> | 2016-01-13 14:56:43 -0500 |
| commit | 5574301656f61142e45540e33dbe88b397a89a93 (patch) | |
| tree | 13207c6f5e4a8427ccfb543de64a2b31946bc42f /bip-0141.mediawiki | |
| parent | dc4071d0e658afde4d52402a91f86bec674cf8a0 (diff) | |
| download | bips-5574301656f61142e45540e33dbe88b397a89a93.tar.xz | |
Remove merge-mining suggest re: witness nonce
Diffstat (limited to 'bip-0141.mediawiki')
| -rw-r--r-- | bip-0141.mediawiki | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/bip-0141.mediawiki b/bip-0141.mediawiki index 7a5c28c..6474256 100644 --- a/bip-0141.mediawiki +++ b/bip-0141.mediawiki @@ -154,15 +154,14 @@ Comparing with the last example, the scriptPubKey is 11 bytes smaller (with redu === Extensible commitment structure === -The new commitment in coinbase transaction is a hash of the witness root hash and a witness nonce. The nonce which currently has no consensus meaning, serves two purposes: +The new commitment in coinbase transaction is a hash of the witness root hash and a witness nonce. The nonce currently has no consensus meaning, but in the future allows new commitment values for future softforks. For example, if a new consensus-critical commitment is required in the future, the commitment in +coinbase becomes: -* It allows new commitment values for future softforks. For example, if a new consensus-critical commitment is required in the future, the commitment in coinbase becomes: - Double-SHA256(Witness root hash|Hash(new commitment|witness nonce)) :: For backward compatibility, the Hash(new commitment|witness nonce) will go to the coinbase witness, and the witness nonce will be recorded in another location specified by the future softfork. Any number of new commitment could be added in this way. -* Any commitments that are not consensus-critical to Bitcoin, such as merge-mining, may utilize this witness nonce. However, they must not be committed directly as the nonce, or the external system may be forced to hardfork when Bitcoin introduces more consensus-critical commitments. Instead, they should use the nonce as the root of an extensible commitment tree, and should not make any assumption about the location and depth of their commitments in the tree. For example, in the external system, it may use a flag to indicate the actual location of the commitments with the Merkle paths provided. +Any commitments that are not consensus-critical to Bitcoin, such as merge-mining, MUST NOT use the witness nonce to preserve the ability to do upgrades of the Bitcoin consensus protocol. The optional data space following the commitment also leaves room for metadata of future softforks. |