bitcoin/bips
1
0
Fork 0
mirror of https://github.com/bitcoin/bips.git synced 2025-10-27 14:09:10 +00:00
Code Issues Releases Wiki Activity
2,541 Commits 6 Branches 0 Tags
Commit Graph

2541 Commits

This Branch
This Branch
All Branches
Author SHA1 Message Date
Pieter Wuille
e1914b8173 fixes 2020-01-19 14:48:58 -08:00
Pieter Wuille
eb641cbdb5 Address jonas' comments 2020-01-19 14:47:33 -08:00
Pieter Wuille
1faa4b19bc Rename BIPs 2020-01-19 14:47:33 -08:00
Pieter Wuille
57ed6cb342 Abstract out common signature message calculation 2020-01-19 14:47:33 -08:00
Pieter Wuille
d9ec5f43da Update acknowledgements, remove authors 2020-01-19 14:47:33 -08:00
Pieter Wuille
cd8ea88987 Delete precompiled file 2020-01-19 14:47:33 -08:00
Anthony Towns
1e99e205a8 go back to leaf_version but different rationale 2020-01-19 14:47:33 -08:00
Pieter Wuille
ff8a36200b Redefine leaf versions to be incrementally increasing from 0 2020-01-19 14:47:33 -08:00
Tim Ruffing
41f8993a4b Clarify nonce generation 
- Separate nonce generation into getting a random byte string and converting it to a suitable scalar ...
 - ... to make clear that the byte string can be generated differently.
 - Make the warning a little bit more prominent and improve writing
 2020-01-19 14:47:33 -08:00
Pieter Wuille
92e3d6ca87 Update Post-History field for taproot/tapscript 2020-01-19 14:47:33 -08:00
Pieter Wuille
f429750036 Update authors 2020-01-19 14:47:33 -08:00
stefanwouldgo
32c0f50d7b more precise wording on limits 
there are no tx or block size limits (post-Segwit), just block weight limit

better wording
 2020-01-19 14:47:33 -08:00
Pieter Wuille
460163ee0b Add rationale on security assumptions 2020-01-19 14:47:33 -08:00
Pieter Wuille
94e9c0925a Add an informal summary of the design 2020-01-19 14:47:33 -08:00
Pieter Wuille
84161e187d Improve and restructure motivation and design 2020-01-19 14:47:33 -08:00
Matthew Zipkin
734a859b27 bip-taproot: example from diagram 2020-01-19 14:47:33 -08:00
Pieter Wuille
2c8feb1cbb Update bip-schnorr.mediawiki 
Co-Authored-By: Tim Ruffing <crypto@timruffing.de>
 2020-01-19 14:47:33 -08:00
Pieter Wuille
9c76bb457f Linearity makes sign-for-sum-of-keys easier, not possible entirely. 
I'm sure it's possible to construct a complex MPC that can sign for the
sum of keys under ECDSA as well.
 2020-01-19 14:47:33 -08:00
Tim Ruffing
0dd7489dfd Update bip-schnorr.mediawiki 2020-01-19 14:47:33 -08:00
Tim Ruffing
3cc2d8ed6d Mention that we don't change the hash function 2020-01-19 14:47:33 -08:00
Pieter Wuille
3c1f466372 Completely specified 2020-01-19 14:47:33 -08:00
Pieter Wuille
687ec4ba8e Low-S ECDSA is non-malleable under nonstandard assumptions 2020-01-19 14:47:33 -08:00
Jonas Nick
d199b6dff6 Replace private key with secret key 2020-01-19 14:47:33 -08:00
Tim Ruffing
ad6bb6c1ff Clarify why we don't want short hashes 
This is supposed to supersede https://github.com/sipa/bips/pull/158.
I tried to say this carefully. I don't think that multiparty signing is in general broken with short hashes. For example the attack in #158 could be avoided by letting everybody not only commit to the nonce but also to the message. It's just that using a collision-resistant hash just eliminates the problem entirely...
 2020-01-19 14:47:33 -08:00
Hennadii Stepanov
966eadca3a Fix reference formatting 2020-01-19 14:47:33 -08:00
Orfeas Stefanos Thyfronitis Litos
773133fb4a Typo: script signature max bytes unhashed are 247 2020-01-19 14:47:33 -08:00
Orfeas Stefanos Thyfronitis Litos
da3837639f Typo: max bytes hashed for sig is 210 2020-01-19 14:47:33 -08:00
Orfeas Stefanos Thyfronitis Litos
37bf225ea4 Replace BIP66 link with BIP146 
BIP66 does not mention the inherent ECDSA malleability, but BIP146 does
 2020-01-19 14:47:33 -08:00
stefanwouldgo
8baf6f5952 fix singular/plural ambiguity 2020-01-19 14:47:33 -08:00
Orfeas Stefanos Thyfronitis Litos
a65101ff6d Replace signing with signature before validation 2020-01-19 14:47:33 -08:00
Orfeas Stefanos Thyfronitis Litos
79738f2410 Link to proof sketch of security of implicit Y 
Thanks to @ajtowns for providing the link
 2020-01-19 14:47:33 -08:00
Orfeas Stefanos Thyfronitis Litos
ca472ed663 Mention that miners could malleate signatures 2020-01-19 14:47:33 -08:00
Orfeas Litos
5918b4666c Mention hash_type malleability would change wtxid 2020-01-19 14:47:33 -08:00
Jonas Nick
66e2931de2 Clarify bip-taproot digest difference to bip143 regarding sub-hashes 2020-01-19 14:47:33 -08:00
Jonas Nick
1f5bdb304e Improve clarity of footnotes for lift_x 2020-01-19 14:47:33 -08:00
Jonas Nick
708aeadf85 Replace references to Euler's criterion with Legendre symbol in bip-schnorr 2020-01-19 14:47:33 -08:00
Jonas Nick
5a25adc490 Fix bip-schnorr footnote 7 by specifying that we're referring to P's y coordinate and not some undefined 'x' 2020-01-19 14:47:33 -08:00
Kalle Rosenbaum
98983e177f Fix @jonasnick's comment 2020-01-19 14:47:33 -08:00
Kalle Rosenbaum
18d1774d81 Nits 2020-01-19 14:47:33 -08:00
Orfeas Litos
2aa865c33e Replace "both are not" with "neither is" 2020-01-19 14:47:33 -08:00
andrewtoth
c7175e8005 Update bip-tapscript.mediawiki 2020-01-19 14:47:33 -08:00
andrewtoth
5235781ea5 Add missing closing parenthesis and comma 2020-01-19 14:47:33 -08:00
Hennadii Stepanov
fe03882a72 Fix paragraph naming and typo 2020-01-19 14:47:33 -08:00
Orfeas Stefanos Thyfronitis Litos
55a31518b9 Rephrase "previous design choice" to "list above" 2020-01-19 14:47:33 -08:00
stefanwouldgo
79c515eb9e grammar typo fix: inserted "be" 2020-01-19 14:47:33 -08:00
Jonas Nick
3e5a79af88 Rename is_y_square to is_negated in taproot signing 2020-01-19 14:47:33 -08:00
Dmitry Petukhov
7a434d4d76 Add missing dots that denote multiplication 
Throughout the document, elliptic curve multiplication is denoted with dots,
as in `d'⋅G` as opposed to `d'G`.
This is not the case in one place in the 'Default Signing' section,
and one place in 'Adaptor Signatures' section

Missing dots are added for consistency.
 2020-01-19 14:47:33 -08:00
Orfeas Stefanos Thyfronitis Litos
1661efc999 Add missing quote 2020-01-19 14:47:33 -08:00
Orfeas Stefanos Thyfronitis Litos
e72fffa028 Fix typo in schnorr, footnote 2 2020-01-19 14:47:33 -08:00
Max Hillebrand
54384a5710 make clear it's script branch 
In this context we are talking about the script branch, not the Merkle tree branch, right? If so, then this should clear things up a little.
 2020-01-19 14:47:33 -08:00