diff options
| author | Andrew Poelstra <apoelstra@wpsoftware.net> | 2020-12-23 15:35:47 +0000 |
|---|---|---|
| committer | Andrew Poelstra <apoelstra@wpsoftware.net> | 2020-12-23 15:48:08 +0000 |
| commit | c624414119573e41466dcf407b3c53507624678f (patch) | |
| tree | 9c7953cf74bdf892af1664dcf8f32d8406e6dca9 /bip-0322.mediawiki | |
| parent | 9e1beef6acabffd4a53ff1396b4cb453615de19f (diff) | |
| download | bips-c624414119573e41466dcf407b3c53507624678f.tar.xz | |
bip-0322: remove the 'to_spend' transaction from serialization
Diffstat (limited to 'bip-0322.mediawiki')
| -rw-r--r-- | bip-0322.mediawiki | 13 |
1 files changed, 6 insertions, 7 deletions
diff --git a/bip-0322.mediawiki b/bip-0322.mediawiki index 4eda7b0..5f4704d 100644 --- a/bip-0322.mediawiki +++ b/bip-0322.mediawiki @@ -74,7 +74,7 @@ The <code>to_sign</code> transaction is: vout[0].nValue = 0 vout[0].scriptPubKey = OP_RETURN -A full signature consists of the base64-encoding of the <code>to_spend</code> and <code>to_sign</code> transactions concatenated in standard network serialisation. +A full signature consists of the base64-encoding of the <code>to_sign</code> transaction in standard network serialisation. === Full (Proof of Funds) === @@ -102,11 +102,9 @@ A validator is given as input an address ''A'' (which may be omitted in a proof- Validation consists of the following steps: # Basic validation -## Decode ''s'' as the transactions <code>to_sign</code> and <code>to_spend</code> -## Confirm that <code>message_hash</code> is the correct hash of ''m'' -## Confirm that <code>message_challenge</code> is the scriptPubKey corresponding to ''A'' if ''A'' is present, and otherwise must be <code>OP_TRUE</code> -## Confirm that all other fields are set as specified above; in particular that -##* <code>to_spend</code> has exactly one input and one output +## Compute the transaction <code>to_spend</code> from ''m'' and ''A'' +## Decode ''s'' as the transaction <code>to_sign</code> +## If ''s'' was a full transaction, confirm all fields are set as specified above; in particular that ##* <code>to_sign</code> has at least one input and its first input spends the output of </code>to_spend</code> ##* <code>to_sign</code> has exactly one output, as specified above ## Confirm that the two transactions together satisfy all consensus rules, except for <code>to_spend</code>'s missing input, and except that ''nSequence'' of <code>to_sign</code>'s first input and ''nLockTime'' of <code>to_sign</code> are not checked. @@ -120,6 +118,7 @@ Validation consists of the following steps: ## <code>MINIMALIF</code>: the argument of <code>IF</code>/<code>NOTIF</code> must be exactly 0x01 or empty push ## If any of the above steps failed, the validator should stop and output the ''invalid'' state. # Check the **upgradeable rules** +## The version of <code>to_sign</code> must be 0 or 2. ## The use of NOPs reserved for upgrades is forbidden. ## The use of segwit versions greater than 0 are forbidden. ## If any of the above steps failed, the validator should stop and output the ''inconclusive'' state. @@ -137,7 +136,7 @@ Signers who control an address ''A'' who wish to sign a message ''m'' act as fol They then encode their signature, choosing either ''simple'' or ''full'' as follows: * If they added no inputs to <code>to_sign</code>, left nSequence and nLockTime at 0, and ''A'' is a Segwit address (either pure or P2SH-wrapped), then they may base64-encode <code>message_signature</code> -* Otherwise they must base64-encode the concatenation of <code>to_spend</code> followed by <code>to_sign</code>. +* Otherwise they must base64-encode <code>to_sign</code>. == Compatibility == |