From 09192275acbaf8bed98738db107297434a3bba0a Mon Sep 17 00:00:00 2001
From: Johnson Lau <jl2012@users.noreply.github.com>
Date: Thu, 24 Dec 2015 21:45:11 +0800
Subject: [PATCH 1/4] Create bip-segwitaddress.mediawiki

---
 bip-segwitaddress.mediawiki | 97 +++++++++++++++++++++++++++++++++++++
 1 file changed, 97 insertions(+)
 create mode 100644 bip-segwitaddress.mediawiki

diff --git a/bip-segwitaddress.mediawiki b/bip-segwitaddress.mediawiki
new file mode 100644
index 00000000..eed5b313
--- /dev/null
+++ b/bip-segwitaddress.mediawiki
@@ -0,0 +1,97 @@
+<pre>
+  BIP: x
+  Title: Address Format for Witness Program
+  Author: Johnson Lau <jl2012@xbt.hk>
+  Status: Draft
+  Type: Standards Track
+  Created: 2015-12-24
+</pre>
+
+==Abstract==
+
+This BIP describes a new type of Bitcoin address to support native Segregated Witness (segwit) transactions. An address encoded under this proposal represents the base-58 encoding of a witness program. It supports arbitrarily complex transactions, and is forward compatible to new version witness programs in the future.
+
+==Motivation==
+
+To define a standard payment address for native segwit transactions, with minimal changes from existing address types, for the promotion of early adoption of the more efficient transaction method.
+
+==Specification==
+
+The new bitcoin address type is constructed in a similar manner of the original pay-to-public-key-hash addresses and pay-to-script-hash addresses (see BIP13):
+
+  base58-encode:
+    [one-byte version]
+    [one-byte program length]
+    [2 to 41-byte witness program]
+    [padding by 0x00 to 43 bytes]
+    [4-byte checksum]
+    (47 bytes in total)
+
+Version byte is 0x15 for a main-network address, 0x37 for a testnet address.
+
+Program length byte indicates the length of witness program (L), from 0x02 to 0x29.
+
+The following 2 to 41 bytes is the actual witness program.
+
+The following (41 minus L) bytes is padded by 0x00.
+
+The 4-byte checksum is the first four bytes of the double SHA256 hash of the version, program length, program, and padding.
+
+All addresses generated with this scheme will have 64 characters, with a "B" prefix for main-network and "T" prefix for testnet.
+
+==Rationale==
+
+The segregated witness soft fork (BIP x) defines 2 ways of encoding "witness program", a data push of 2 to 41 bytes:
+
+* A native witness program output is a scriptPubKey with a single push of a witness program, and nothing else;
+* A witness program in P2SH is a P2SH redeemScript with a single push of a witness program, while the scriptPubKey looks like a normal P2SH output.
+
+As the P2SH address has been defined in 2012, using witness program in P2SH allows most existing wallets to pay a segwit-compatible wallet without any upgrade. However, this method requires more block space and is less collision-resistance than a native witness program, and is only a short-term solution to make the transition smoother. Eventually, all users are expected to use the more efficient native witness program as the primary payment method.
+
+Currently there are 2 payment addresses format in Bitcoin, the original pay-to-public-key-hash addresses and the pay-to-script-hash addresses defined in 2012. All address formats, including the one defined in this BIP, are mutually incompatible. However, due to the excellent upgradability of witness programme, this proposal is likely to be the last address format encoding a scriptPubKey template.
+
+The drawbacks of Bitcoin addresses have been extensively discussed in BIP13. Since then, better payment methods have been proposed or deployed, for example:
+*BIP47 Reusable Payment Codes for Hierarchical Deterministic Wallets
+*BIP63 Stealth Addresses
+*BIP70 Payment protocol
+However, none of these are as widely adopted as the suboptimal base-58 scriptPubKey template addresses, which is still a standard for the whole eco-system, from wallets, block explorers, merchants, exchanges, to end users. The author believes this proposal as the most efficient way to promote early adoption of native witness program, which is particularly important in the context of scaling the capacity of the blockchain.
+
+Following the same rationale of BIP13, and to minimize the changes needed in wallet upgrade, this proposal resembles the original address format, including the checksum algorithm.
+
+==Compatibility==
+
+This proposal is not backward compatible, but it fails gracefully -- if an older implementation is given one of these new Bitcoin addresses, it will report the address as invalid and will refuse to create a transaction.
+
+This proposal is forward compatible to any new version witness program in the future.
+
+==Example==
+
+The following public key,
+    0450863AD64A87AE8A2FE83C1AF1A8403CB53F53E486D8511DAD8A04887E5B23522CD470243453A299FA9E77237716103ABC11A1DF38855ED6F2EE187E9C582BA6
+when encoded as a P2PKH template, would become:
+    DUP HASH160 <010966776006953D5567439E5E39F86A0D273BEE> EQUALVERIFY CHECKSIG
+And the corresponding version 1 Bitcoin address is
+    16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM
+In the case of using the same P2PKH template as a version 0 witness program, the scriptPubKey becomes a 26-byte single push of:
+    0076A914010966776006953D5567439E5E39F86A0D273BEE88AC
+Prefixing with the address version byte 0x15 and program length 0x1A:
+    151A0076A914010966776006953D5567439E5E39F86A0D273BEE88AC
+Padding with 41 - 26 = 15 0x00:
+    151A0076A914010966776006953D5567439E5E39F86A0D273BEE88AC000000000000000000000000000000
+Perform double SHA-256 hash:
+    1B4A8136E38479EF5F08626D524534E6C94C92B1E77690B727CE8BD30BB3DAA0
+Take the first 4 bytes. This is the address checksum:
+    1B4A8136
+Add the 4 checksum bytes at the end of extended witness program. This is the 47-byte binary witness program address:
+    151A0076A914010966776006953D5567439E5E39F86A0D273BEE88AC0000000000000000000000000000001B4A8136
+Convert the result from a byte string into a base58 string with 64 characters. 
+    BAxHaPmrSLbCt4QjJkW1W7MMXZmMdJkoxFHTEQXKmL9LpMUvDMcLAGgeeuLnkvNR
+
+==Reference Implementation==
+
+==See Also==
+
+* [[bip-0013.mediawiki|BIP 13: Address Format for pay-to-script-hash]]
+* [[bip-0016.mediawiki|BIP 16: Pay to Script Hash (aka "/P2SH/")]]
+* [[bip-xxxx.mediawiki|BIP x: Segregated Witness]]
+

From 93cedfbf2d50eb1f0ba750d364304f7adf7bcf79 Mon Sep 17 00:00:00 2001
From: Johnson Lau <jl2012@users.noreply.github.com>
Date: Sun, 27 Dec 2015 16:21:19 +0800
Subject: [PATCH 2/4] New proposal with 2 address types

---
 bip-segwitaddress.mediawiki | 115 +++++++++++++++++++++++-------------
 1 file changed, 75 insertions(+), 40 deletions(-)

diff --git a/bip-segwitaddress.mediawiki b/bip-segwitaddress.mediawiki
index eed5b313..34ff5f3e 100644
--- a/bip-segwitaddress.mediawiki
+++ b/bip-segwitaddress.mediawiki
@@ -1,6 +1,6 @@
 <pre>
   BIP: x
-  Title: Address Format for Witness Program
+  Title: Address Formats for Witness Program
   Author: Johnson Lau <jl2012@xbt.hk>
   Status: Draft
   Type: Standards Track
@@ -9,35 +9,65 @@
 
 ==Abstract==
 
-This BIP describes a new type of Bitcoin address to support native Segregated Witness (segwit) transactions. An address encoded under this proposal represents the base-58 encoding of a witness program. It supports arbitrarily complex transactions, and is forward compatible to new version witness programs in the future.
+This BIP describes 2 new types of Bitcoin address to support native Segregated Witness (segwit) transactions. The first type resembles the original P2PKH base-58 address. The second type is a z-base-32 representation of a witness program with Damm algorithm checksum, which supports arbitrarily complex transactions, and is forward compatible to new version witness programs in the future.
 
 ==Motivation==
 
-To define a standard payment address for native segwit transactions, with minimal changes from existing address types, for the promotion of early adoption of the more efficient transaction method.
+To define standard payment addresses for native segwit transactions to promote early adoption of the more efficient transaction method.
 
-==Specification==
+== Specification ==
+=== P2PKH segwit address ===
+The first new Bitcoin address format defined is specific to pay-to-public-key-hash segwit transaction. The scriptPubKey is a single push of version-0 witness program in this form,
+  <0x0076A914{20-byte-hash-value}88AC>
+The new address is encoded exactly in the same way as the original pay-to-public-key-hash address:
+  base58-encode: [1-byte version][20-byte-hash-value][4-byte checksum]
+Version byte is 0x19 for a main-network address, 0x41 for a testnet address. The following 20-byte is the public key hash. And the 4-byte checksum is the first four bytes of the double SHA256 hash of the version and public key hash.
 
-The new bitcoin address type is constructed in a similar manner of the original pay-to-public-key-hash addresses and pay-to-script-hash addresses (see BIP13):
+All addresses generated with this scheme will a constant length of 34 characters, with a "B" prefix for main-network and "T" prefix for testnet.
 
-  base58-encode:
-    [one-byte version]
-    [one-byte program length]
-    [2 to 41-byte witness program]
-    [padding by 0x00 to 43 bytes]
-    [4-byte checksum]
-    (47 bytes in total)
+=== General segwit address ===
+The second new bitcoin address format defined is applicable to any version of witness program with a length of 2 to 33 bytes.
 
-Version byte is 0x15 for a main-network address, 0x37 for a testnet address.
+The z-base-32 character set is used:
+{|class="wikitable" style="width:40ex; text-align: center; margin: 0 auto 0 auto;"
+!width="12%"|Value
+!width="12%"|Symbol
+!width="12%"|Value
+!width="12%"|Symbol
+!width="12%"|Value
+!width="12%"|Symbol
+!width="12%"|Value
+!width="12%"|Symbol
+|-
+| 0 || y ||  8 || e || 16 || o || 24 || a
+|-
+| 1 || b ||  9 || j || 17 || t || 25 || 2
+|-
+| 2 || n || 10 || k || 18 || 1 || 26 || 4
+|-
+| 3 || d || 11 || m || 19 || u || 27 || 5
+|-
+| 4 || r || 12 || c || 20 || w || 28 || h
+|-
+| 5 || f || 13 || p || 21 || i || 29 || 7
+|-
+| 6 || g || 14 || q || 22 || s || 30 || 6
+|-
+| 7 || 8 || 15 || x || 23 || z || 31 || 9
+|}
 
-Program length byte indicates the length of witness program (L), from 0x02 to 0x29.
+It is case-insensitive and includes all alphanumeric characters excluding 0, 2, l, v. The order of alphabet is chosen so that less ambiguous alphabet characters will appear more frequently than others.
 
-The following 2 to 41 bytes is the actual witness program.
+An address starts with a version digit, which is b<sub>32</sub> for the main-network and t<sub>32</sub> for the testnet.
 
-The following (41 minus L) bytes is padded by 0x00.
+The next digit is a length digit, which the value is length of the witness program in byte (L) minus 2.
 
-The 4-byte checksum is the first four bytes of the double SHA256 hash of the version, program length, program, and padding.
+The length digit is followed by the witness program. The witness program is padded with leading 0<sub>b</sub> to become 265-bit, and transformed to z-base-32 with 53 digits.
+
+The 55-digit raw address is then divided into 11 equal segments. For each segment, a checksum is calculated with Damm algorithm and appended to the end of the segment. This makes the length increases to 66 digits.
+
+A second round of checksum is calculated by taking the digits in the same position of the 11 segments, and appended to the end of the address. This is the final address with 71 digits.
 
-All addresses generated with this scheme will have 64 characters, with a "B" prefix for main-network and "T" prefix for testnet.
 
 ==Rationale==
 
@@ -48,50 +78,55 @@ The segregated witness soft fork (BIP x) defines 2 ways of encoding "witness pro
 
 As the P2SH address has been defined in 2012, using witness program in P2SH allows most existing wallets to pay a segwit-compatible wallet without any upgrade. However, this method requires more block space and is less collision-resistance than a native witness program, and is only a short-term solution to make the transition smoother. Eventually, all users are expected to use the more efficient native witness program as the primary payment method.
 
-Currently there are 2 payment addresses format in Bitcoin, the original pay-to-public-key-hash addresses and the pay-to-script-hash addresses defined in 2012. All address formats, including the one defined in this BIP, are mutually incompatible. However, due to the excellent upgradability of witness programme, this proposal is likely to be the last address format encoding a scriptPubKey template.
-
 The drawbacks of Bitcoin addresses have been extensively discussed in BIP13. Since then, better payment methods have been proposed or deployed, for example:
 *BIP47 Reusable Payment Codes for Hierarchical Deterministic Wallets
 *BIP63 Stealth Addresses
 *BIP70 Payment protocol
-However, none of these are as widely adopted as the suboptimal base-58 scriptPubKey template addresses, which is still a standard for the whole eco-system, from wallets, block explorers, merchants, exchanges, to end users. The author believes this proposal as the most efficient way to promote early adoption of native witness program, which is particularly important in the context of scaling the capacity of the blockchain.
 
-Following the same rationale of BIP13, and to minimize the changes needed in wallet upgrade, this proposal resembles the original address format, including the checksum algorithm.
+However, none of these are as widely adopted as the suboptimal base-58 scriptPubKey template addresses, which is still a standard for the whole eco-system, from wallets, block explorers, merchants, exchanges, to end users. As P2PKH transactions are still dominating the blockchain, the author believes that the proposed P2PKH segwit addresses is the easiest way for wallets and services to adopt native witness program, which is particularly important in the context of scaling the capacity of the blockchain.
+
+The P2PKH segwit addresses only allow simple payment to a single public key. For arbitrarily complex segwit transactions, the general segwit address is used. The use of z-base-32 eliminates case-sensitiveness and simplifies transformation to and from hexadecimals. The Damm algorithm checksum allows detection of all single-digit errors and all adjacent transposition errors. With the excellent upgradability of witness program, this proposal is also forward compatible to new version witness programs that is not longer than 33 bytes.
 
 ==Compatibility==
 
 This proposal is not backward compatible, but it fails gracefully -- if an older implementation is given one of these new Bitcoin addresses, it will report the address as invalid and will refuse to create a transaction.
 
-This proposal is forward compatible to any new version witness program in the future.
+This proposal is forward compatible to any new version witness program with 2 to 33 bytes.
 
 ==Example==
-
+=== Address for Pay-to-Public-Key-Hash Version 0 Witness Program ===
 The following public key,
     0450863AD64A87AE8A2FE83C1AF1A8403CB53F53E486D8511DAD8A04887E5B23522CD470243453A299FA9E77237716103ABC11A1DF38855ED6F2EE187E9C582BA6
 when encoded as a P2PKH template, would become:
     DUP HASH160 <010966776006953D5567439E5E39F86A0D273BEE> EQUALVERIFY CHECKSIG
 And the corresponding version 1 Bitcoin address is
     16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM
-In the case of using the same P2PKH template as a version 0 witness program, the scriptPubKey becomes a 26-byte single push of:
-    0076A914010966776006953D5567439E5E39F86A0D273BEE88AC
-Prefixing with the address version byte 0x15 and program length 0x1A:
-    151A0076A914010966776006953D5567439E5E39F86A0D273BEE88AC
-Padding with 41 - 26 = 15 0x00:
-    151A0076A914010966776006953D5567439E5E39F86A0D273BEE88AC000000000000000000000000000000
-Perform double SHA-256 hash:
-    1B4A8136E38479EF5F08626D524534E6C94C92B1E77690B727CE8BD30BB3DAA0
-Take the first 4 bytes. This is the address checksum:
-    1B4A8136
-Add the 4 checksum bytes at the end of extended witness program. This is the 47-byte binary witness program address:
-    151A0076A914010966776006953D5567439E5E39F86A0D273BEE88AC0000000000000000000000000000001B4A8136
-Convert the result from a byte string into a base58 string with 64 characters. 
-    BAxHaPmrSLbCt4QjJkW1W7MMXZmMdJkoxFHTEQXKmL9LpMUvDMcLAGgeeuLnkvNR
+When the same script is encoded as a version 0 witness program, the scriptPubKey becomes a single push of 
+    <0x0076A914010966776006953D5567439E5E39F86A0D273BEE88AC>
+Using 0x19 as the address version, the equivalent witness program address is:
+    B4YZZ3nMBETWVF9ZSfotSwTxVnqhdkTi7r
+
+=== General witness program address ===
+With the same 26 bytes witness program in the last example:
+    0x0076A914010966776006953D5567439E5E39F86A0D273BEE88AC
+The witness program is transformed to z-base-32 with 53 digits:
+    yyyyyyyyyyyyyq4wteyejc35sybwi8iksqoh6mah9o4oprh767nfc
+Prepending with version digit b<sub>32</sub> and length digit a<sub>32</sub> (24 = 26 - 2)
+    bayyyyyyyyyyyyyq4wteyejc35sybwi8iksqoh6mah9o4oprh767nfc
+Split into 11 equal segments:
+    bayyy -yyyyy -yyyyy -q4wte -yejc3 -5sybw -i8iks -qoh6m -ah9o4 -oprh7 -67nfc
+Calculate the Damm checksum for each segment:
+    For example: Damm(bayyy) = h
+    bayyyh-yyyyyy-yyyyyy-q4wtey-yejc3w-5sybwu-i8iksj-qoh6mr-ah9o4h-oprh7t-67nfcs
+Calculate the Damm checksum for digits in the same position of different segments:
+    For example: Damm(byyqy5iqao6) = d
+    bayyyh-yyyyyy-yyyyyy-q4wtey-yejc3w-5sybwu-i8iksj-qoh6mr-ah9o4h-oprh7t-67nfcs-dmi1t
 
 ==Reference Implementation==
+From arbitrary witness program to general segwit address: https://gist.github.com/jl2012/760b0f952715b8b6c608
 
 ==See Also==
 
 * [[bip-0013.mediawiki|BIP 13: Address Format for pay-to-script-hash]]
 * [[bip-0016.mediawiki|BIP 16: Pay to Script Hash (aka "/P2SH/")]]
-* [[bip-xxxx.mediawiki|BIP x: Segregated Witness]]
-
+* [[bip-xxxx.mediawiki|BIP x: Segregated Witness]] https://github.com/bitcoin/bips/pull/265

From c2d3488c026f074fbdc2ac989de484bc5fc33456 Mon Sep 17 00:00:00 2001
From: Johnson Lau <jl2012@users.noreply.github.com>
Date: Tue, 29 Dec 2015 15:19:25 +0800
Subject: [PATCH 3/4] Update for new witness prog design & formatting

---
 bip-segwitaddress.mediawiki | 97 +++++++++++++++++++++++--------------
 1 file changed, 61 insertions(+), 36 deletions(-)

diff --git a/bip-segwitaddress.mediawiki b/bip-segwitaddress.mediawiki
index 34ff5f3e..f92e3680 100644
--- a/bip-segwitaddress.mediawiki
+++ b/bip-segwitaddress.mediawiki
@@ -7,16 +7,18 @@
   Created: 2015-12-24
 </pre>
 
-==Abstract==
+== Abstract ==
 
 This BIP describes 2 new types of Bitcoin address to support native Segregated Witness (segwit) transactions. The first type resembles the original P2PKH base-58 address. The second type is a z-base-32 representation of a witness program with Damm algorithm checksum, which supports arbitrarily complex transactions, and is forward compatible to new version witness programs in the future.
 
-==Motivation==
+== Motivation ==
 
 To define standard payment addresses for native segwit transactions to promote early adoption of the more efficient transaction method.
 
 == Specification ==
+
 === P2PKH segwit address ===
+
 The first new Bitcoin address format defined is specific to pay-to-public-key-hash segwit transaction. The scriptPubKey is a single push of version-0 witness program in this form,
   <0x0076A914{20-byte-hash-value}88AC>
 The new address is encoded exactly in the same way as the original pay-to-public-key-hash address:
@@ -26,7 +28,8 @@ Version byte is 0x19 for a main-network address, 0x41 for a testnet address. The
 All addresses generated with this scheme will a constant length of 34 characters, with a "B" prefix for main-network and "T" prefix for testnet.
 
 === General segwit address ===
-The second new bitcoin address format defined is applicable to any version of witness program with a length of 2 to 33 bytes.
+
+The second new bitcoin address format defined is applicable to witness program of version 0 to 15 with a length of 2 to 32 bytes.
 
 The z-base-32 character set is used:
 {|class="wikitable" style="width:40ex; text-align: center; margin: 0 auto 0 auto;"
@@ -58,23 +61,34 @@ The z-base-32 character set is used:
 
 It is case-insensitive and includes all alphanumeric characters excluding 0, 2, l, v. The order of alphabet is chosen so that less ambiguous alphabet characters will appear more frequently than others.
 
-An address starts with a version digit, which is b<sub>32</sub> for the main-network and t<sub>32</sub> for the testnet.
+An address is a 270-bit string in z-base-32 with the following components:
 
-The next digit is a length digit, which the value is length of the witness program in byte (L) minus 2.
+  5 address version bits
+  5 length bits
+  4 witness program version bits
+  256 witness program bits
 
-The length digit is followed by the witness program. The witness program is padded with leading 0<sub>b</sub> to become 265-bit, and transformed to z-base-32 with 53 digits.
+The address version bits is 00001<sub>b</sub> for the main-network and 11001<sub>b</sub> for the testnet.
 
-The 55-digit raw address is then divided into 11 equal segments. For each segment, a checksum is calculated with Damm algorithm and appended to the end of the segment. This makes the length increases to 66 digits.
+Value of the length bits is the length of the witness program in byte minus 1.
 
-A second round of checksum is calculated by taking the digits in the same position of the 11 segments, and appended to the end of the address. This is the final address with 71 digits.
+Witness program version bits indicates version of the witness program (v0 to v15).
+
+The witness program is padded with leading 0<sub>b</sub> to 256 bits.
+
+The 270-bit string is transformed to z-base-32 with 54 digits.
+
+The 54-digit raw address is then divided into 9 equal segments. For each segment, a checksum is calculated with Damm algorithm and appended to the end of the segment. This makes the length increases to 63 digits.
+
+A second round of checksum is calculated by taking the digits in the same position of the 9 segments, and appended to the end of the address. This is the final address with 69 digits.
 
 
-==Rationale==
+== Rationale ==
 
-The segregated witness soft fork (BIP x) defines 2 ways of encoding "witness program", a data push of 2 to 41 bytes:
+The segregated witness soft fork (BIP x) defines 2 ways of encoding "witness program", a data push of 2 to 32 bytes:
 
-* A native witness program output is a scriptPubKey with a single push of a witness program, and nothing else;
-* A witness program in P2SH is a P2SH redeemScript with a single push of a witness program, while the scriptPubKey looks like a normal P2SH output.
+* A native witness program output is a scriptPubKey with a push of version byte followed by a push of witness program, and nothing else;
+* A witness program in P2SH is a P2SH redeemScript with a push of version byte followed by a push of witness program, while the scriptPubKey looks like a normal P2SH output.
 
 As the P2SH address has been defined in 2012, using witness program in P2SH allows most existing wallets to pay a segwit-compatible wallet without any upgrade. However, this method requires more block space and is less collision-resistance than a native witness program, and is only a short-term solution to make the transition smoother. Eventually, all users are expected to use the more efficient native witness program as the primary payment method.
 
@@ -85,48 +99,59 @@ The drawbacks of Bitcoin addresses have been extensively discussed in BIP13. Sin
 
 However, none of these are as widely adopted as the suboptimal base-58 scriptPubKey template addresses, which is still a standard for the whole eco-system, from wallets, block explorers, merchants, exchanges, to end users. As P2PKH transactions are still dominating the blockchain, the author believes that the proposed P2PKH segwit addresses is the easiest way for wallets and services to adopt native witness program, which is particularly important in the context of scaling the capacity of the blockchain.
 
-The P2PKH segwit addresses only allow simple payment to a single public key. For arbitrarily complex segwit transactions, the general segwit address is used. The use of z-base-32 eliminates case-sensitiveness and simplifies transformation to and from hexadecimals. The Damm algorithm checksum allows detection of all single-digit errors and all adjacent transposition errors. With the excellent upgradability of witness program, this proposal is also forward compatible to new version witness programs that is not longer than 33 bytes.
+The P2PKH segwit addresses only allow simple payment to a single public key. For arbitrarily complex segwit transactions, the general segwit address is used. The use of z-base-32 eliminates case-sensitiveness and simplifies transformation to and from hexadecimals. The Damm algorithm checksum allows detection of all single-digit errors and all adjacent transposition errors. With the excellent upgradability of witness program, this proposal is also forward compatible to new version witness programs that is not longer than 32 bytes.
 
-==Compatibility==
+== Compatibility ==
 
 This proposal is not backward compatible, but it fails gracefully -- if an older implementation is given one of these new Bitcoin addresses, it will report the address as invalid and will refuse to create a transaction.
 
-This proposal is forward compatible to any new version witness program with 2 to 33 bytes.
+This proposal is forward compatible to any new witness program format with version 2 to 15 and length of 2 to 32 bytes.
+
+== Example ==
+
+=== P2PKH segwit address ===
 
-==Example==
-=== Address for Pay-to-Public-Key-Hash Version 0 Witness Program ===
 The following public key,
     0450863AD64A87AE8A2FE83C1AF1A8403CB53F53E486D8511DAD8A04887E5B23522CD470243453A299FA9E77237716103ABC11A1DF38855ED6F2EE187E9C582BA6
 when encoded as a P2PKH template, would become:
     DUP HASH160 <010966776006953D5567439E5E39F86A0D273BEE> EQUALVERIFY CHECKSIG
 And the corresponding version 1 Bitcoin address is
     16UwLL9Risc3QfPqBUvKofHmBQ7wMtjvM
-When the same script is encoded as a version 0 witness program, the scriptPubKey becomes a single push of 
-    <0x0076A914010966776006953D5567439E5E39F86A0D273BEE88AC>
+When the same script is encoded as a version 0 witness program, the scriptPubKey becomes: 
+    OP_0 <0x76A914010966776006953D5567439E5E39F86A0D273BEE88AC>
 Using 0x19 as the address version, the equivalent witness program address is:
     B4YZZ3nMBETWVF9ZSfotSwTxVnqhdkTi7r
 
-=== General witness program address ===
-With the same 26 bytes witness program in the last example:
-    0x0076A914010966776006953D5567439E5E39F86A0D273BEE88AC
-The witness program is transformed to z-base-32 with 53 digits:
-    yyyyyyyyyyyyyq4wteyejc35sybwi8iksqoh6mah9o4oprh767nfc
-Prepending with version digit b<sub>32</sub> and length digit a<sub>32</sub> (24 = 26 - 2)
-    bayyyyyyyyyyyyyq4wteyejc35sybwi8iksqoh6mah9o4oprh767nfc
-Split into 11 equal segments:
-    bayyy -yyyyy -yyyyy -q4wte -yejc3 -5sybw -i8iks -qoh6m -ah9o4 -oprh7 -67nfc
-Calculate the Damm checksum for each segment:
-    For example: Damm(bayyy) = h
-    bayyyh-yyyyyy-yyyyyy-q4wtey-yejc3w-5sybwu-i8iksj-qoh6mr-ah9o4h-oprh7t-67nfcs
-Calculate the Damm checksum for digits in the same position of different segments:
-    For example: Damm(byyqy5iqao6) = d
-    bayyyh-yyyyyy-yyyyyy-q4wtey-yejc3w-5sybwu-i8iksj-qoh6mr-ah9o4h-oprh7t-67nfcs-dmi1t
+=== General segwit address ===
+
+With the same 25 bytes version 0 witness program in the last example:
+    OP_0 <0x76A914010966776006953D5567439E5E39F86A0D273BEE88AC>
+The address version bits is 00001<sub>b</sub>
+    00001<sub>b</sub>
+The lengths bits is 11000<sub>b</sub> (24 = 25 - 1)
+    00001-11000<sub>b</sub>
+The witness program version bits is 0000
+    00001-11000-0000<sub>b</sub>
+Appended by the zero-padded witness program
+    00001-11000-0000-0-00000-00000-00000-00000-00000-00000-00000-00000-00000-00000-00000-00000-11101...01100
+The 270-bit string is transformed to z-base-32 with 54 digits and split into 9 equal segments:
+    bayyyy -yyyyyy -yyq4wt -eyejc3 -5sybwi -8iksqo -h6mah9 -o4oprh -767nfc
+Calculate the Damm checksum for each segment:
+    For example: Damm(bayyyy) = 7
+    bayyyy7-yyyyyyy-yyq4wte-eyejc3q-5sybwic-8iksqoo-h6mah9w-o4oprhm-767nfc4
+Calculate the Damm checksum for digits in the same position of different segments:
+    For example: Damm(byye58ho7) = j
+    bayyyy7-yyyyyyy-yyq4wte-eyejc3q-5sybwic-8iksqoo-h6mah9w-o4oprhm-767nfc4-jwk86o
+
+== Implementation ==
 
-==Reference Implementation==
 From arbitrary witness program to general segwit address: https://gist.github.com/jl2012/760b0f952715b8b6c608
 
-==See Also==
+== References ==
 
 * [[bip-0013.mediawiki|BIP 13: Address Format for pay-to-script-hash]]
 * [[bip-0016.mediawiki|BIP 16: Pay to Script Hash (aka "/P2SH/")]]
 * [[bip-xxxx.mediawiki|BIP x: Segregated Witness]] https://github.com/bitcoin/bips/pull/265
+
+== Copyright ==
+This work is placed in the public domain.

From 1c879abccd4308006a565bc26d0ee58d13b6541a Mon Sep 17 00:00:00 2001
From: Luke Dashjr <luke-jr+git@utopios.org>
Date: Fri, 8 Jan 2016 17:56:02 +0000
Subject: [PATCH 4/4] Assign BIP 142

---
 README.mediawiki                                  | 6 ++++++
 bip-segwitaddress.mediawiki => bip-0142.mediawiki | 2 +-
 2 files changed, 7 insertions(+), 1 deletion(-)
 rename bip-segwitaddress.mediawiki => bip-0142.mediawiki (99%)

diff --git a/README.mediawiki b/README.mediawiki
index b45c17a0..a895342b 100644
--- a/README.mediawiki
+++ b/README.mediawiki
@@ -379,6 +379,12 @@ Those proposing changes should consider that ultimately consent may rest with th
 | Suhas Daftuar
 | Standard
 | Draft
+|-
+| [[bip-0142.mediawiki|142]]
+| Address Formats for Witness Program
+| Johnson Lau
+| Standard
+| Draft
 |}
 
 <!-- IMPORTANT!  See the instructions at the top of this page, do NOT JUST add BIPs here! -->
diff --git a/bip-segwitaddress.mediawiki b/bip-0142.mediawiki
similarity index 99%
rename from bip-segwitaddress.mediawiki
rename to bip-0142.mediawiki
index f92e3680..7efeca74 100644
--- a/bip-segwitaddress.mediawiki
+++ b/bip-0142.mediawiki
@@ -1,5 +1,5 @@
 <pre>
-  BIP: x
+  BIP: 142
   Title: Address Formats for Witness Program
   Author: Johnson Lau <jl2012@xbt.hk>
   Status: Draft