1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
|
Return-Path: <jl2012@xbt.hk>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id BE6AB919
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 8 Jun 2016 06:46:03 +0000 (UTC)
X-Greylist: delayed 00:47:55 by SQLgrey-1.7.6
Received: from s37.web-hosting.com (s37.web-hosting.com [198.54.114.154])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 2F92CFC
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 8 Jun 2016 06:46:03 +0000 (UTC)
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=xbt.hk;
s=default; h=Mime-Version:To:Message-Id:Date:Subject:Content-Type:From;
bh=/BsI1pA5yfz9pKrge1FOoss6fXMfWxBZ20fIQyVrn+w=;
b=TR4x3eIgCbOpUH3FAx7IThXmcP
S0dDwBqkN8Ct19RDZWuckVzZFZzXu6igoPDN6Yte9DiJdgWm82wNAkig/bl79ySWB0yufX4fORLIp
3kc2s3sIQl9hknqNWmSUeQR46UT7teICKXFRifx1Vzvt5hE7oq2WLz+/bv6UzE8ViEWrTPTLhsOXC
qKZBwp1YY/acdWJ//ep1STeazUukX7gEfMNVX+zHippTXIDELDLXjX48VwwmMe0IAQH7eZGmCwYWo
gFFFKx4sIyx8aoxg+glkjlsX7DRDeysPseT450pm3LNX8Mgb/iK8Cu7TZ9Qv9cH1O2b+xRKQ4SSz+
BzSRvBfw==;
Received: from [137.189.134.42] (port=55825 helo=[192.168.0.102])
by server37.web-hosting.com with esmtpsa (TLSv1:DHE-RSA-AES256-SHA:256)
(Exim 4.86_1) (envelope-from <jl2012@xbt.hk>) id 1bAWVA-002kr8-6y
for bitcoin-dev@lists.linuxfoundation.org;
Wed, 08 Jun 2016 01:58:04 -0400
From: Johnson Lau <jl2012@xbt.hk>
X-Pgp-Agent: GPGMail 2.6b2
Content-Type: multipart/signed;
boundary="Apple-Mail=_7D4E5349-F6FC-4123-BEAC-E2B9DC1E367A";
protocol="application/pgp-signature"; micalg=pgp-sha512
Date: Wed, 8 Jun 2016 13:57:36 +0800
Message-Id: <A7E9BC23-6860-4B31-9D4E-11F771A5E581@xbt.hk>
To: bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org>
Mime-Version: 1.0 (Mac OS X Mail 9.3 \(3124\))
X-Mailer: Apple Mail (2.3124)
X-AntiAbuse: This header was added to track abuse,
please include it with any abuse report
X-AntiAbuse: Primary Hostname - server37.web-hosting.com
X-AntiAbuse: Original Domain - lists.linuxfoundation.org
X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12]
X-AntiAbuse: Sender Address Domain - xbt.hk
X-Get-Message-Sender-Via: server37.web-hosting.com: authenticated_id:
jl2012@xbt.hk
X-Authenticated-Sender: server37.web-hosting.com: jl2012@xbt.hk
X-Source:
X-Source-Args:
X-Source-Dir:
X-From-Rewrite: unmodified, already matched
X-Spam-Status: No, score=-1.8 required=5.0 tests=BAYES_00,DKIM_SIGNED,
T_DKIM_INVALID autolearn=no version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
Subject: [bitcoin-dev] BIP141 segwit consensus rule update: extension of
witness program definition
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Jun 2016 06:46:03 -0000
--Apple-Mail=_7D4E5349-F6FC-4123-BEAC-E2B9DC1E367A
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=utf-8
Please note that the segregated witness (BIP141) consensus rule is =
updated. Originally, a witness program is a scriptPubKey or redeemScript =
that consists of a 1-byte push opcode (OP_0 to OP_16) followed by a data =
push between 2 and 32 bytes. The definition is now extended to 2 to 40 =
bytes:
=
https://github.com/bitcoin/bips/commit/d1b52cb198066d4e515e8a50fc3928c5397=
c3d9b =
https://github.com/bitcoin/bitcoin/pull/7910/commits/14d4d1d23a3cbaa8a3051=
d0da10ff7a536517ed0
Why?
----------
BIP141 defines only version 0 witness program: 20 bytes program for =
P2WPKH and 32 bytes program for P2WSH. Versions 1 to 16 are not defined, =
and are considered as anyone-can-spend scripts, reserved for future =
extension (e.g. the proposed BIP114). BIP141 also requires that only a =
witness program input may have witness data. Therefore, before this =
update, an 1-byte push opcode followed by a 33 bytes data push was not =
considered to be a witness program, and no witness data is allowed for =
that.
This may be over-restrictive for a future witness program softfork. When =
32-byte program is used, this leaves only 16 versions for upgrade, and =
any =E2=80=9Csub-version=E2=80=9D metadata must be recorded in the =
witness field. This may not be compatible with some novel hashing =
functions we are exploring.
By extending the maximum length by 8 bytes, it allows up to 16 * 2 ^ 64 =
versions for future upgrades, which is enough for any foreseeable use.
Why not make it even bigger, e.g. 75 bytes?
----------
A 40 bytes witness program allows a 32-byte hash with 8-byte metadata. =
For any scripts that are larger than 32 bytes, they should be recorded =
in the witness field, like P2WSH in BIP141, to reduce the transaction =
cost and impact on UTXO set. Since SHA256 is already used everywhere, it =
is very unlikely that we would require a larger witness program (e.g. =
SHA512) without also a major revamp of the bitcoin protocol.
In any case, since scripts with a 1-byte push followed by a push of >40 =
bytes remain anyone-can-spend, we always have the option to redefine =
them with a softfork.
What are affected?
----------
As defined in BIP141, a version 0 witness program is valid only with 20 =
bytes (P2WPKH) or 32 bytes (P2WSH). Before this update, an OP_0 followed =
by a data push of 33-40 bytes was not a witness program and considered =
as anyone-can-spend. Now, such a script will fail due to incorrect =
witness program length.
Before this update, no witness data was allowed for a script with a =
1-byte push followed by a data push of 33-40 bytes. This is now allowed.
Actions to take:
----------
If you are running a segnet node, or a testnet node with segwit code, =
please upgrade to the latest version at =
https://github.com/bitcoin/bitcoin/pull/7910
If you have an alternative implementation, please make sure your =
consensus code is updated accordingly, or your node may fork off the =
network.
--Apple-Mail=_7D4E5349-F6FC-4123-BEAC-E2B9DC1E367A
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename=signature.asc
Content-Type: application/pgp-signature;
name=signature.asc
Content-Description: Message signed with OpenPGP using GPGMail
-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - https://gpgtools.org
iQGcBAEBCgAGBQJXV7PoAAoJEO6eVSA0viTSk7cMALvB8iyirVL9YKCUDhvUzEqA
6fJQf6QcB8wKNB8lL97FDfCp8ojVQKN3ITq7G6JwuUSKM8RiP0LGZZBH1CU2yHn6
L8xWoo99eoixvIuNl9waUYZFnF/3Ng4V8c+7ezpDLKVflPulHYiggoZsFs6p0ZnT
c2aJBTWhKKYUDZ4Xg+lerPfGIftRJGHCOUf6ZXStwweXpdNlC+TtDV8j0kDaa4Bl
bC+EIUnCrC+Xb61G2nzTjiRFZ6kAAGM5c0p2Ig0GjiUQ/hpZjtEfqZHfiyjhIknI
SG1r55WuBpRElqRsp9mJl3Y5QAAVlfIWTLJ8eHwzpsCNyyeXZlfflPv6G4B89MPO
7u7oB1udd5YoUMPePTqmz7H7esvtJB+TE8XMa1O3yAEd4IUxfaQtMBDfIBNTR4YX
y0OA7cI+7L84mb9PWtSqCIyk6DGpp6xo/bSEtGfXmzN/ywPcP8xFNf3UrlZuVwZg
c+aqMhcjAn4yPtSSr+LxCCztq8p78DHoiBsBgYyC3g==
=v8dA
-----END PGP SIGNATURE-----
--Apple-Mail=_7D4E5349-F6FC-4123-BEAC-E2B9DC1E367A--
|