From 9c0d407b104009815bdfe2392731468d30cb0aa7 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=E0=B8=BFtcDrak?= Date: Thu, 31 Mar 2016 15:39:33 +0100 Subject: Clarify what remains "to be decided" --- bip-0141.mediawiki | 6 +++++- 1 file changed, 5 insertions(+), 1 deletion(-) (limited to 'bip-0141.mediawiki') diff --git a/bip-0141.mediawiki b/bip-0141.mediawiki index 12b0eba..dd17eaa 100644 --- a/bip-0141.mediawiki +++ b/bip-0141.mediawiki @@ -249,7 +249,11 @@ As a soft fork, older software will continue to operate without modification. N == Deployment == -This BIP is to be deployed by version-bits BIP9. Exact details TDB. +This BIP will be deployed by "version bits" BIP9 using bit TBD. + +For Bitcoin mainnet, the BIP9 starttime will be midnight TBD UTC (Epoch timestamp TBD) and BIP9 timeout will be midnight TBD UTC (Epoch timestamp TBD). + +For Bitcoin testnet, the BIP9 starttime will be midnight TBD UTC (Epoch timestamp TBD) and BIP9 timeout will be midnight TBD UTC (Epoch timestamp TBD). == Credits == -- cgit v1.2.3 From ee744caca9dce9717b221a60c92f0d0e414db625 Mon Sep 17 00:00:00 2001 From: jl2012 Date: Fri, 8 Apr 2016 23:45:54 +0800 Subject: BIP141: commitment clarification. BIP144: new diagram --- bip-0141.mediawiki | 2 ++ 1 file changed, 2 insertions(+) (limited to 'bip-0141.mediawiki') diff --git a/bip-0141.mediawiki b/bip-0141.mediawiki index dd17eaa..f9881be 100644 --- a/bip-0141.mediawiki +++ b/bip-0141.mediawiki @@ -75,6 +75,8 @@ and the coinbase's input's witness must consist of a single 32-byte array for th If there are more than one scriptPubKey matching the pattern, the one with highest output index is assumed to be the commitment. +If all transactions in a block do not have witness data, the commitment is optional. + === Witness program === A scriptPubKey (or redeemScript as defined in BIP16/P2SH) that consists of a 1-byte push opcode (for 0 to 16) followed by a data push between 2 and 32 bytes gets a new special meaning. The value of the first push is called the "version byte". The following byte vector pushed is called the "witness program". -- cgit v1.2.3 From d72c1bfc71993b85e9d6f2aa3ac6e405a371bb39 Mon Sep 17 00:00:00 2001 From: Aaron Voisine Date: Fri, 22 Apr 2016 08:44:29 -0700 Subject: Update bip-0141.mediawiki The byte representation of "<0 <32-byte-hash>>" is "0x220020{32-byte-hash}" What was listed here would be the byte representation of "0 <32-byte-hash>". The text explains that there is only one item in scriptSig, so I'm guessing the byte representation is wrong. Also the corrected byte representation would produce the same sig/pubkey described in P2WSH after following the bip16 rules. --- bip-0141.mediawiki | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) (limited to 'bip-0141.mediawiki') diff --git a/bip-0141.mediawiki b/bip-0141.mediawiki index f9881be..afb5a2a 100644 --- a/bip-0141.mediawiki +++ b/bip-0141.mediawiki @@ -166,7 +166,7 @@ The following example is the same 1-of-2 multi-signature P2WSH witness program, witness: 0 <1 2 CHECKMULTISIG> scriptSig: <0 <32-byte-hash>> - (0x0020{32-byte-hash}) + (0x220020{32-byte-hash}) scriptPubKey: HASH160 <20-byte-hash> EQUAL (0xA914{20-byte-hash}87) -- cgit v1.2.3 From 43c34e846be227780a954905de7543654a1e840c Mon Sep 17 00:00:00 2001 From: jl2012 Date: Sat, 23 Apr 2016 08:26:48 +0200 Subject: Add P2SH-P2WPKH example --- bip-0141.mediawiki | 26 ++++++++++++++++++++++---- 1 file changed, 22 insertions(+), 4 deletions(-) (limited to 'bip-0141.mediawiki') diff --git a/bip-0141.mediawiki b/bip-0141.mediawiki index afb5a2a..a760d7d 100644 --- a/bip-0141.mediawiki +++ b/bip-0141.mediawiki @@ -128,8 +128,8 @@ The following example is a version 0 pay-to-witness-public-key-hash (P2WPKH) wit witness: scriptSig: (empty) - scriptPubKey: 0 <20-byte-hash> - (0x0014{20-byte-hash}) + scriptPubKey: 0 <20-byte-key-hash> + (0x0014{20-byte-key-hash}) The '0' in scriptPubKey indicates the following push is a version 0 witness program. The length of the witness program indicates that it is a P2WPKH type. The witness must consist of exactly 2 items. The HASH160 of the pubkey in witness must match the witness program. @@ -139,6 +139,24 @@ The signature is verified as Comparing with a traditional P2PKH output, the P2WPKH equivalent occupies 3 less bytes in the scriptPubKey, and moves the signature and public key from scriptSig to witness. +=== P2WPKH nested in BIP16 P2SH === + +The following example is the same P2WPKH witness program, but nested in a BIP16 P2SH output. + + witness: + scriptSig: <0 <20-byte-key-hash>> + (0x160014{20-byte-key-hash}) + scriptPubKey: HASH160 <20-byte-script-hash> EQUAL + (0xA914{20-byte-script-hash}87) + +The only item in scriptSig is hashed with HASH160, compared against the 20-byte-script-hash in scriptPubKey, and interpreted as: + + 0 <20-byte-key-hash> + +The P2WPKH witness program is then executed as described in the previous example. + +Comparing with the previous example, the scriptPubKey is 1 byte bigger and the scriptSig is 23 bytes bigger. Although a nested witness program is less efficient, its payment address is fully transparent and backward compatible for all Bitcoin reference client since version 0.6.0. + === P2WSH witness program === The following example is an 1-of-2 multi-signature version 0 pay-to-witness-script-hash (P2WSH) witness program. @@ -160,7 +178,7 @@ A P2WSH witness program allows arbitrarily large script as the 520-byte push lim The scriptPubKey occupies 34 bytes, as opposed to 23 bytes of BIP16 P2SH. The increased size improves security against possible collision attacks, as 280 work is not infeasible anymore (By the end of 2015, 284 hashes have been calculated in Bitcoin mining since the creation of Bitcoin). The spending script is same as the one for an equivalent BIP16 P2SH output but is moved to witness. -=== Witness program nested in BIP16 P2SH === +=== P2WSH nested in BIP16 P2SH === The following example is the same 1-of-2 multi-signature P2WSH witness program, but nested in a BIP16 P2SH output. @@ -176,7 +194,7 @@ The only item in scriptSig is hashed with HASH160, compared against the 20-byte- The P2WSH witness program is then executed as described in the previous example. -Comparing with the previous example, the scriptPubKey is 11 bytes smaller (with reduced security) while witness is the same. However, it also requires 35 bytes in scriptSig, which is not prunable in transmission. Although a nested witness program is less efficient in many ways, its payment address is fully transparent and backward compatible for all Bitcoin reference client since version 0.6.0. +Comparing with the previous example, the scriptPubKey is 11 bytes smaller (with reduced security) while witness is the same. However, it also requires 35 bytes in scriptSig. === Extensible commitment structure === -- cgit v1.2.3 From f245646f8b53ee9a82f8053c0ea06048e4fd0278 Mon Sep 17 00:00:00 2001 From: jl2012 Date: Sat, 23 Apr 2016 16:25:53 +0200 Subject: BIP141: Block cost clrification --- bip-0141.mediawiki | 8 ++++++-- 1 file changed, 6 insertions(+), 2 deletions(-) (limited to 'bip-0141.mediawiki') diff --git a/bip-0141.mediawiki b/bip-0141.mediawiki index a760d7d..09676f8 100644 --- a/bip-0141.mediawiki +++ b/bip-0141.mediawiki @@ -108,9 +108,13 @@ If the version byte is 1 to 16, no further interpretation of the witness program Blocks are currently limited to 1,000,000 bytes (1MB) total size. We change this restriction as follows: -''Block cost'' is defined. The cost of each byte in the existing header and transactions is 4, while the cost of each byte in witness data is 1. +''Block cost'' is defined as ''Base size'' * 3 + ''Total size''. -The new rule is total ''block cost'' ≤ 4,000,000. +''Base size'' is the block size in bytes with the original transaction serialization without any witness-related data, as seen by a non-upgraded node. + +''Total size'' is the block size in bytes with transactions serialized as described in [[bip-0144.mediawiki|BIP144]], including base data and witness data. + +The new rule is ''block cost'' ≤ 4,000,000. ==== Sigops ==== -- cgit v1.2.3