bitcoin/bips
1
0
Fork 0
mirror of https://github.com/bitcoin/bips.git synced 2026-02-23 15:38:22 +00:00
Code Issues Releases Wiki Activity

Title change and links update

Browse Source
This commit is contained in:
Johnson Lau
2016-01-14 13:15:10 +08:00
committed by Johnson Lau
parent ea49ecb4fb
commit 8e22af1d0a
3 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
bip-0143.mediawiki
View File

@@ -1,6 +1,6 @@
<pre>
BIP: 143
Title: Transaction signature verification for version 0 and version 1 witness program
Title: Transaction Signature Verification for Version 0 Witness Program
Author: Johnson Lau <jl2012@xbt.hk>
Pieter Wuille <pieter.wuille@gmail.com>
Status: Draft
@@ -9,7 +9,7 @@
</pre>
== Abstract ==
This proposal defines a new transaction digest algorithm for signature verification in version 0 and version 1 witness program, in order to minimize redundant data hashing in verification, and to cover the input value by the signature.
This proposal defines a new transaction digest algorithm for signature verification in version 0 witness program, in order to minimize redundant data hashing in verification, and to cover the input value by the signature.
== Motivation ==
There are 4 ECDSA signature verification codes in the original Bitcoin script system: CHECKSIG, CHECKSIGVERIFY, CHECKMULTISIG, CHECKMULTISIGVERIFY (“sigops”). According to the sighash type (ALL, NONE, SINGLE, ANYONECANPAY), a transaction digest is generated with a double SHA256 of a serialized subset of the transaction, and the signature is verified against this digest with a given public key. The detailed procedure is described in a Bitcoin Wiki article. <ref name=wiki>[https://en.bitcoin.it/wiki/OP_CHECKSIG]</ref>
@@ -22,7 +22,7 @@ Unfortunately, there are at least 2 weaknesses in the original transaction diges
Deploying the aforementioned fixes in the original script system is not a simple task. That would be either a hardfork, or a softfork for new sigops without the ability to remove or insert stack items. However, the introduction of segregated witness softfork offers an opportunity to define a different set of script semantics without disrupting the original system, as the unupgraded nodes would always consider such a transaction output is spendable by arbitrary signature or no signature at all. <ref>[https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki BIP141: Segregated Witness (Consensus layer)]</ref>
== Specification ==
A new transaction digest algorithm is defined, but only applicable to sigops in version 0 and version 1 witness program:
A new transaction digest algorithm is defined, but only applicable to sigops in version 0 witness program:
Double SHA256 of the serialization of:
1. nVersion of the transaction
2. hashPrevouts
@@ -122,7 +122,7 @@ As a soft fork, older software will continue to operate without modification. No
== Reference Implementation ==
https://github.com/sipa/bitcoin/commits/segwit2
https://github.com/sipa/bitcoin/commits/segwit3
== References ==