forked from bitcoin/bips
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
3 changed files
with
6 additions
and
6 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,6 @@ | ||
<pre> | ||
BIP: 143 | ||
Title: Transaction signature verification for version 0 and version 1 witness program | ||
Title: Transaction Signature Verification for Version 0 Witness Program | ||
Author: Johnson Lau <[email protected]> | ||
Pieter Wuille <[email protected]> | ||
Status: Draft | ||
|
@@ -9,7 +9,7 @@ | |
</pre> | ||
|
||
== Abstract == | ||
This proposal defines a new transaction digest algorithm for signature verification in version 0 and version 1 witness program, in order to minimize redundant data hashing in verification, and to cover the input value by the signature. | ||
This proposal defines a new transaction digest algorithm for signature verification in version 0 witness program, in order to minimize redundant data hashing in verification, and to cover the input value by the signature. | ||
|
||
== Motivation == | ||
There are 4 ECDSA signature verification codes in the original Bitcoin script system: CHECKSIG, CHECKSIGVERIFY, CHECKMULTISIG, CHECKMULTISIGVERIFY (“sigops”). According to the sighash type (ALL, NONE, SINGLE, ANYONECANPAY), a transaction digest is generated with a double SHA256 of a serialized subset of the transaction, and the signature is verified against this digest with a given public key. The detailed procedure is described in a Bitcoin Wiki article. <ref name=wiki>[https://en.bitcoin.it/wiki/OP_CHECKSIG]</ref> | ||
|
@@ -22,7 +22,7 @@ Unfortunately, there are at least 2 weaknesses in the original transaction diges | |
Deploying the aforementioned fixes in the original script system is not a simple task. That would be either a hardfork, or a softfork for new sigops without the ability to remove or insert stack items. However, the introduction of segregated witness softfork offers an opportunity to define a different set of script semantics without disrupting the original system, as the unupgraded nodes would always consider such a transaction output is spendable by arbitrary signature or no signature at all. <ref>[https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki BIP141: Segregated Witness (Consensus layer)]</ref> | ||
|
||
== Specification == | ||
A new transaction digest algorithm is defined, but only applicable to sigops in version 0 and version 1 witness program: | ||
A new transaction digest algorithm is defined, but only applicable to sigops in version 0 witness program: | ||
Double SHA256 of the serialization of: | ||
1. nVersion of the transaction | ||
2. hashPrevouts | ||
|
@@ -122,7 +122,7 @@ As a soft fork, older software will continue to operate without modification. No | |
|
||
== Reference Implementation == | ||
|
||
https://github.com/sipa/bitcoin/commits/segwit2 | ||
https://github.com/sipa/bitcoin/commits/segwit3 | ||
|
||
== References == | ||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters