mirrors/bitcoin-bips
1
0
Fork 0
mirror of https://github.com/bitcoin/bips.git synced 2025-03-13 19:16:49 +01:00
Code Issues Projects Releases Wiki Activity

Title change and links update

Browse source
This commit is contained in:
Johnson Lau 2016-01-14 13:15:10 +08:00 committed by Johnson Lau
parent ea49ecb4fb
commit 8e22af1d0a
3 changed files with 6 additions and 6 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

2
README.mediawiki
View file

@ -417,7 +417,7 @@ Those proposing changes should consider that ultimately consent may rest with th
| Draft | Draft
|- |-
| [[bip-0143.mediawiki|143]] | [[bip-0143.mediawiki|143]]
| Transaction signature verification for version 0 and version 1 witness program | Transaction Signature Verification for Version 0 Witness Program
| Johnson Lau, Pieter Wuille | Johnson Lau, Pieter Wuille
| Standard | Standard
| Draft | Draft

8
bip-0143.mediawiki
View file

@ -1,6 +1,6 @@
<pre> <pre>
BIP: 143 BIP: 143
Title: Transaction signature verification for version 0 and version 1 witness program Title: Transaction Signature Verification for Version 0 Witness Program
Author: Johnson Lau <jl2012@xbt.hk> Author: Johnson Lau <jl2012@xbt.hk>
Pieter Wuille <pieter.wuille@gmail.com> Pieter Wuille <pieter.wuille@gmail.com>
Status: Draft Status: Draft
@ -9,7 +9,7 @@
</pre> </pre>
== Abstract == == Abstract ==
This proposal defines a new transaction digest algorithm for signature verification in version 0 and version 1 witness program, in order to minimize redundant data hashing in verification, and to cover the input value by the signature. This proposal defines a new transaction digest algorithm for signature verification in version 0 witness program, in order to minimize redundant data hashing in verification, and to cover the input value by the signature.
== Motivation == == Motivation ==
There are 4 ECDSA signature verification codes in the original Bitcoin script system: CHECKSIG, CHECKSIGVERIFY, CHECKMULTISIG, CHECKMULTISIGVERIFY (“sigops”). According to the sighash type (ALL, NONE, SINGLE, ANYONECANPAY), a transaction digest is generated with a double SHA256 of a serialized subset of the transaction, and the signature is verified against this digest with a given public key. The detailed procedure is described in a Bitcoin Wiki article. <ref name=wiki>[https://en.bitcoin.it/wiki/OP_CHECKSIG]</ref> There are 4 ECDSA signature verification codes in the original Bitcoin script system: CHECKSIG, CHECKSIGVERIFY, CHECKMULTISIG, CHECKMULTISIGVERIFY (“sigops”). According to the sighash type (ALL, NONE, SINGLE, ANYONECANPAY), a transaction digest is generated with a double SHA256 of a serialized subset of the transaction, and the signature is verified against this digest with a given public key. The detailed procedure is described in a Bitcoin Wiki article. <ref name=wiki>[https://en.bitcoin.it/wiki/OP_CHECKSIG]</ref>
@ -22,7 +22,7 @@ Unfortunately, there are at least 2 weaknesses in the original transaction diges
Deploying the aforementioned fixes in the original script system is not a simple task. That would be either a hardfork, or a softfork for new sigops without the ability to remove or insert stack items. However, the introduction of segregated witness softfork offers an opportunity to define a different set of script semantics without disrupting the original system, as the unupgraded nodes would always consider such a transaction output is spendable by arbitrary signature or no signature at all. <ref>[https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki BIP141: Segregated Witness (Consensus layer)]</ref> Deploying the aforementioned fixes in the original script system is not a simple task. That would be either a hardfork, or a softfork for new sigops without the ability to remove or insert stack items. However, the introduction of segregated witness softfork offers an opportunity to define a different set of script semantics without disrupting the original system, as the unupgraded nodes would always consider such a transaction output is spendable by arbitrary signature or no signature at all. <ref>[https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki BIP141: Segregated Witness (Consensus layer)]</ref>
== Specification == == Specification ==
A new transaction digest algorithm is defined, but only applicable to sigops in version 0 and version 1 witness program: A new transaction digest algorithm is defined, but only applicable to sigops in version 0 witness program:
Double SHA256 of the serialization of: Double SHA256 of the serialization of:
1. nVersion of the transaction 1. nVersion of the transaction
2. hashPrevouts 2. hashPrevouts
@ -122,7 +122,7 @@ As a soft fork, older software will continue to operate without modification. No
== Reference Implementation == == Reference Implementation ==
https://github.com/sipa/bitcoin/commits/segwit2 https://github.com/sipa/bitcoin/commits/segwit3
== References == == References ==

2
bip-0144.mediawiki
View file

@ -116,7 +116,7 @@ MSG_WITNESS_BLOCK requests will return a block message with transactions that ha
Special thanks to Gregory Maxwell for originating many of the ideas in this BIP and Luke-Jr for figuring out how to deploy this as a soft fork. Special thanks to Gregory Maxwell for originating many of the ideas in this BIP and Luke-Jr for figuring out how to deploy this as a soft fork.
== Reference Implementation == == Reference Implementation ==
https://github.com/sipa/bitcoin/commits/segwit https://github.com/sipa/bitcoin/commits/segwit3
== Copyright == == Copyright ==
This document is placed in the public domain. This document is placed in the public domain.