diff options
| author | James O'Beirne <james.obeirne@pm.me> | 2023-10-09 14:07:19 -0400 |
|---|---|---|
| committer | James O'Beirne <james.obeirne@pm.me> | 2023-10-09 14:09:01 -0400 |
| commit | eb3fb727c31dd348a63992d22a35558e031174f9 (patch) | |
| tree | c3cd0df1bcadad983586accfdd28060ceed80792 /bip-0345.mediawiki | |
| parent | 014b832e07d3be3c6aff1230d560fcf7032f0495 (diff) | |
| download | bips-eb3fb727c31dd348a63992d22a35558e031174f9.tar.xz | |
BIP-0345: restrict trigger output to v1 witness
Co-authored-by: Antoine Poinsot <darosior@protonmail.com>
Diffstat (limited to 'bip-0345.mediawiki')
| -rw-r--r-- | bip-0345.mediawiki | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/bip-0345.mediawiki b/bip-0345.mediawiki index e63e0a2..73b265e 100644 --- a/bip-0345.mediawiki +++ b/bip-0345.mediawiki @@ -46,7 +46,7 @@ usable for custodians of any size with minimal complication. A common configuration for an individual custodying Bitcoin is "single signature and passphrase" using a hardware wallet. A user with such a -configuration might concerned about the risk associated with relying on a +configuration might be concerned about the risk associated with relying on a single manufacturer for key management, as well as physical access to the hardware. @@ -268,7 +268,7 @@ After the stack is parsed, the following validation checks are performed: * Decrement the per-script sigops budget (see [https://github.com/bitcoin/bips/blob/master/bip-0342.mediawiki#user-content-Resource_limits BIP-0342]) by 60<ref>'''Why is the sigops cost for OP_VAULT set to 60?''' To determine the validity of a trigger output, OP_VAULT must perform an EC multiplication and hashing proportional to the length of the control block in order to generate the output's expected TapTweak. This has been measured to have a cost in the worst case (max length control block) of roughly twice a Schnorr verification. Because the hashing cost could be mitigated by caching midstate, the cost is 60 and not 100.</ref>; if the budget is brought below zero, script execution MUST fail and terminate immediately. * Let the output designated by <code><trigger-vout-idx></code> be called ''triggerOut''. -* If the scriptPubKey of ''triggerOut'' is not a witness program of the same version and same tapleaf version as the currently executing script, script execution MUST fail and terminate immediately. +* If the scriptPubKey of ''triggerOut'' is not a version 1 witness program, script execution MUST fail and terminate immediately. * Let the script constructed by taking the <code><leaf-update-script-body></code> and prefixing it with minimally-encoded data pushes of the <code><n-pushes></code> leaf-update script data items be called the ''leaf-update-script''. ** Note: the leaf-update data items will be in the same order in the ''leaf-update-script'' as they appeared on the stack. * If the scriptPubKey of ''triggerOut'' does not match that of a taptree that is identical to that of the currently evaluated input, but with the leaf script substituted for ''leaf-update-script'', script execution when spending this output MUST fail and terminate immediately. |