summaryrefslogtreecommitdiff
path: root/bip-0322.mediawiki
diff options
context:
space:
mode:
authorKarl-Johan Alm <karljohan-alm@garage.co.jp>2018-09-12 16:21:59 +0900
committerKarl-Johan Alm <karljohan-alm@garage.co.jp>2018-09-12 16:21:59 +0900
commit2f152773e651e53e21db56dfbf4fb6b90cce715d (patch)
tree88c3db3d1010447a986602189e3e2deec6af3a4e /bip-0322.mediawiki
parentb925137d5f302863f4f1002c191858ef350ba1fc (diff)
fix witness program -> witness
Diffstat (limited to 'bip-0322.mediawiki')
-rw-r--r--bip-0322.mediawiki18
1 files changed, 9 insertions, 9 deletions
diff --git a/bip-0322.mediawiki b/bip-0322.mediawiki
index f6ac18b..5191143 100644
--- a/bip-0322.mediawiki
+++ b/bip-0322.mediawiki
@@ -21,7 +21,7 @@ The current message signing standard only works for P2PKH (1...) addresses. By e
== Specification ==
-A new structure <code>SignatureProof</code> is added, which is a simple serializable scriptSig & witnessProgram container.
+A new structure <code>SignatureProof</code> is added, which is a simple serializable scriptSig & witness container.
Two actions "Sign" and "Verify" are defined along with two *purposes* "SignMessage" and "ProveFunds".
@@ -56,9 +56,9 @@ The above is followed by [entries] number of signature entries:
|-
|Uint8*||[scriptsiglen]||scriptsig||ScriptSig data
|-
-|VarInt||1-8||witlen||Number of bytes in witness program data
+|VarInt||1-8||witlen||Number of bytes in witness data
|-
-|Uint8*||[witlen]||wit||Witness program
+|Uint8*||[witlen]||wit||Witness
|}
In some cases, the scriptsig or wit may be empty. If both are empty, the proof is incomplete.
@@ -74,7 +74,7 @@ A verification call will return a result code according to the table below.
|-
|INCOMPLETE||One or several of the given challenges had an empty proof. The prover may need some other entity to complete the proof.
|-
-|INCONCLUSIVE||One or several of the given proofs used unknown opcodes or witness versions, perhaps due to the verifying node being outdated.
+|INCONCLUSIVE||One or several of the given proofs used unknown opcodes or the scriptPubKey had an unknown witness version, perhaps due to the verifying node being outdated.
|-
|VALID||All proofs were deemed valid.
|-
@@ -87,13 +87,13 @@ A verification call will return a result code according to the table below.
== Signing and Verifying ==
-Let there be an empty set inputs which is populated and tested at each call to one of the actions below.
+Let there be an empty set `inputs` which is populated and tested at each call to one of the actions below.
=== Purpose: SignMessage ===
The "SignMessage" purpose generates a sighash based on a scriptPubKey and a message. It emits a VALID verification result code unless otherwise stated.
-# Return INVALID if scriptPubKey already exists in inputs set, otherwise insert it<ref><strong>Why track duplicates?</strong> Because a 3-entry proof is not proving 3 inputs unless they are all distinct</ref>
+# Return INVALID if scriptPubKey already exists in `inputs` set, otherwise insert it<ref><strong>Why track duplicates?</strong> Because a 3-entry proof is not proving 3 inputs unless they are all distinct</ref>
# Define the message pre-image as the sequence "Bitcoin Message:" concatenated with the message, encoded in UTF-8 using Normalization Form Compatibility Decomposition (NFKD)
# Let sighash = sha256(sha256(scriptPubKey || pre-image))
@@ -102,7 +102,7 @@ The "SignMessage" purpose generates a sighash based on a scriptPubKey and a mess
The "ProveFunds" purpose generates a sighash and a scriptPubKey from a transaction, an output index, and a message. For multiple simultaneous proofs, it also requires access to the ordered list of proofs. It emits a VALID verification result code unless otherwise stated.
# Let txid be the transaction ID of the transaction, and vout be the output index corresponding to the index of the output being spent
-# Return INVALID if the txid:vout pair already exists in inputs set, otherwise insert it
+# Return INVALID if the txid:vout pair already exists in `inputs` set, otherwise insert it
# Return SPENT if the txid/vout is not a valid UTXO according to a Bitcoin node<ref><strong>Synced up or not?</strong> A normal verifier would use a synced up node. An auditor checking records from a client that were submitted in the past want to use a node that is synced up to the block corresponding to the proof, or the proof will fail, even if it may have been valid at the time of creation.</ref>
# Extract scriptPubKey from transaction output
# Define the message pre-image as the concatenation of the following components:<ref><strong>Why not just the UTXO data?</strong> We want the verifier to be able to challenge the prover with a custom message to sign, or anyone can reuse the POF proof for a set of UTXO:s once they have seen it, and the funds have not yet been spent</ref>
@@ -121,12 +121,12 @@ The "Sign" action takes as input a purpose. It returns a signature or fails.
=== Action: Verify ===
-The "Verify" action takes as input a standard flags value, a script sig, an optional witness program, and a purpose.
+The "Verify" action takes as input a standard flags value, a script sig, an optional witness, and a purpose.
It emits one of INCONCLUSIVE, VALID, INVALID, or ERROR.
# Obtain the sighash and scriptPubKey from the purpose; pass on result code if not VALID
# If one or more of the standard flags are unknown, return INCONCLUSIVE
-# Verify Script with flags=standard flags, scriptSig=script sig, scriptPubKey=scriptPubKey, witness=witness program, and sighash=sighash
+# Verify Script with flags=standard flags, scriptSig=script sig, scriptPubKey=scriptPubKey, witness=witness, and sighash=sighash
# Return VALID if verify succeeds, otherwise return INVALID
=== Multiple Proofs ===