diff options
| -rw-r--r-- | bip-0142.mediawiki | 6 | ||||
| -rw-r--r-- | bip-0143.mediawiki | 6 | ||||
| -rw-r--r-- | bip-0144.mediawiki | 2 |
3 files changed, 7 insertions, 7 deletions
diff --git a/bip-0142.mediawiki b/bip-0142.mediawiki index 7efeca7..fdf5202 100644 --- a/bip-0142.mediawiki +++ b/bip-0142.mediawiki @@ -19,8 +19,8 @@ To define standard payment addresses for native segwit transactions to promote e === P2PKH segwit address === -The first new Bitcoin address format defined is specific to pay-to-public-key-hash segwit transaction. The scriptPubKey is a single push of version-0 witness program in this form, - <0x0076A914{20-byte-hash-value}88AC> +The first new Bitcoin address format defined is specific to pay-to-public-key-hash segwit transaction. The scriptPubKey is an OP_0 followed by a push of version 0 witness program: + OP_0 <DUP HASH160 <20-byte-hash> EQUALVERIFY CHECKSIG> The new address is encoded exactly in the same way as the original pay-to-public-key-hash address: base58-encode: [1-byte version][20-byte-hash-value][4-byte checksum] Version byte is 0x19 for a main-network address, 0x41 for a testnet address. The following 20-byte is the public key hash. And the 4-byte checksum is the first four bytes of the double SHA256 hash of the version and public key hash. @@ -151,7 +151,7 @@ From arbitrary witness program to general segwit address: https://gist.github.co * [[bip-0013.mediawiki|BIP 13: Address Format for pay-to-script-hash]] * [[bip-0016.mediawiki|BIP 16: Pay to Script Hash (aka "/P2SH/")]] -* [[bip-xxxx.mediawiki|BIP x: Segregated Witness]] https://github.com/bitcoin/bips/pull/265 +* [[bip-0141.mediawiki|BIP 141: Segregated Witness]] == Copyright == This work is placed in the public domain. diff --git a/bip-0143.mediawiki b/bip-0143.mediawiki index 276e2cb..4aca2db 100644 --- a/bip-0143.mediawiki +++ b/bip-0143.mediawiki @@ -19,7 +19,7 @@ Unfortunately, there are at least 2 weaknesses in the original transaction diges * For the verification of each signature, the amount of data hashing is proportional to the size of the transaction. Therefore, data hashing grows in O(n<sup>2</sup>) as the number of sigops in a transaction increases. While a 1 MB block would normally take 2 seconds to verify with an average computer in 2015, a 1MB transaction with 5569 sigops may take 25 seconds to verify. This could be fixed by optimizing the digest algorithm by introducing some reusable “midstate”, so the time complexity becomes O(n). <ref>[https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2013-2292 CVE-2013-2292]</ref><ref>[https://bitcointalk.org/?topic=140078 New Bitcoin vulnerability: A transaction that takes at least 3 minutes to verify]</ref><ref>[http://rusty.ozlabs.org/?p=522 The Megatransaction: Why Does It Take 25 Seconds?]</ref> * The algorithm does not involve the amount of Bitcoin being spent by the input. This is usually not a problem for online network nodes as they could request for the specified transaction to acquire the output value. For an offline transaction signing device ("cold wallet"), however, the unknowing of input amount makes it impossible to calculate the exact amount being spent and the transaction fee. To cope with this problem a cold wallet must also acquire the full transaction being spent, which could be a big obstacle in the implementation of lightweight, air-gapped wallet. By including the input value of part of the transaction digest, a cold wallet may safely sign a transaction by learning the value from an untrusted source. In the case that a wrong value is provided and signed, the signature would be invalid and no funding might be lost. <ref>[https://bitcointalk.org/index.php?topic=181734.0 SIGHASH_WITHINPUTVALUE: Super-lightweight HW wallets and offline data]</ref> -Deploying the aforementioned fixes in the original script system is not a simple task. That would be either a hardfork, or a softfork for new sigops without the ability to remove or insert stack items. However, the introduction of segregated witness softfork offers an opportunity to define a different set of script semantics without disrupting the original system, as the unupgraded nodes would always consider such a transaction output is spendable by arbitrary signature or no signature at all. <ref>[https://github.com/CodeShark/bips/blob/segwit/bip-codeshark-jl2012-segwit.mediawiki BIPx: Segregated Witness (Consensus layer)]</ref> +Deploying the aforementioned fixes in the original script system is not a simple task. That would be either a hardfork, or a softfork for new sigops without the ability to remove or insert stack items. However, the introduction of segregated witness softfork offers an opportunity to define a different set of script semantics without disrupting the original system, as the unupgraded nodes would always consider such a transaction output is spendable by arbitrary signature or no signature at all. <ref>[https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki BIP141: Segregated Witness (Consensus layer)]</ref> == Specification == A new transaction digest algorithm is defined, but only applicable to sigops in version 0 and version 1 witness program: @@ -114,7 +114,7 @@ Refer to the reference implementation, reproduced below, for the precise algorit == Deployment == -This proposal is deployed with Segregated Witness softfork (BIP x) +This proposal is deployed with Segregated Witness softfork (BIP 141) == Backward compatibility == @@ -122,7 +122,7 @@ As a soft fork, older software will continue to operate without modification. No == Reference Implementation == -https://github.com/sipa/bitcoin/commits/segwit +https://github.com/sipa/bitcoin/commits/segwit2 == References == diff --git a/bip-0144.mediawiki b/bip-0144.mediawiki index ed8cf2b..e3843a8 100644 --- a/bip-0144.mediawiki +++ b/bip-0144.mediawiki @@ -12,7 +12,7 @@ This BIP defines new messages and serialization formats for propagation of transactions and blocks committing to segregated witness structures. ==Motivation== -In addition to defining witness structures and requiring commitments in future blocks (BIPxxxx - Consensus segwit BIP), new mechanisms must be defined to allow peers to advertise support for segregated witness and to relay the witness structures and request them from other peers without breaking compatibility with older nodes. +In addition to defining witness structures and requiring commitments in future blocks ([https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki BIP141] - Consensus segwit BIP), new mechanisms must be defined to allow peers to advertise support for segregated witness and to relay the witness structures and request them from other peers without breaking compatibility with older nodes. ==Specification== |