BIPs bitcoin improvement proposals

147 - Dealing with dummy stack element malleability

BIP: 147 source Layer: Consensus (soft fork) Title: Dealing with dummy stack element malleability Authors: Johnson Lau Status: Deployed Type: Specification Assigned: 2016-09-02 License: PD Table of ContentsAbstractMotivationSpecificationDeploymentCompatibilityImplementationAcknowledgementsCopyright Abstract This document specifies proposed changes to the Bitcoin transaction validity rules to fix a malleability vector in the extra stack element consumed by OP_CHECKMULTISIG and OP_CHECKMULTISIGVERIFY. Motivation Signature malleability refers to the ability of any relay node on the network to transform the signature in transactions, with no access to the relevant private keys required. For non-segregated witness transactions, signature malleability will change the txid and invalidate any unconfirmed child transactions. Although the txid of segregated witness (BIP141) transactions is not third party malleable, this malleability vector will change the wtxid and may reduce ...

142 - Address Format for Segregated Witness

BIP: 142 source Layer: Applications Title: Address Format for Segregated Witness Authors: Johnson Lau Status: Closed Type: Specification Assigned: 2015-12-24 License: PD Table of ContentsAbstractMotivationSpecificationRationaleCompatibilityExampleReference implementationReferencesCopyright Abstract This BIP describes new types of Bitcoin address to support native segregated witness transactions with 20-byte and 32-byte program. Motivation To define standard payment address for native segregated witness (segwit) transactions to promote early adoption of the more efficient transaction method. Specification The new Bitcoin address format defined is for the Pay-to-Witness-Public-Key-Hash (P2WPKH) and Pay-to-Witness-Script-Hash (P2WSH) transaction described in segregated witness soft fork (BIP141). The scriptPubKey is an OP_0 followed by a push of 20-byte-hash (P2WPKH) or 32-byte hash (P2WSH). The new address is encoded in a way similar to existing address formats: base58...

146 - Dealing with signature encoding malleability

BIP: 146 source Layer: Consensus (soft fork) Title: Dealing with signature encoding malleability Authors: Johnson Lau Pieter Wuille Status: Closed Type: Specification Assigned: 2016-08-16 License: PD Table of ContentsAbstractMotivationSpecificationLOW_SNULLFAILExamplesDeploymentCompatibilityImplementationFootnotesAcknowledgementsCopyright Abstract This document specifies proposed changes to the Bitcoin transaction validity rules to fix signature malleability related to ECDSA signature encoding. Motivation Signature malleability refers to the ability of any relay node on the network to transform the signature in transactions, with no access to the relevant private keys required. For non-segregated witness transactions, signature malleability will change the txid and invalidate any unconfirmed child transactions. Although the txid of segregated witness (BIP141) transactions is not third party malleable, this malleability vector will change the wtxid and may ...

114 - Merkelized Abstract Syntax Tree

BIP: 114 source Layer: Consensus (soft fork) Title: Merkelized Abstract Syntax Tree Authors: Johnson Lau Status: Closed Type: Specification Assigned: 2016-04-02 License: PD Table of ContentsAbstractMotivationEvolution of Bitcoin script systemMerkelized Abstract Syntax TreeSpecificationRationaleMAST StructureMAST VersionnOpCount limitScript evaluationExamplesCalculation of MAST RootImbalance MASTEscrow with TimeoutHashed Time-Lock ContractLarge multi-signature constructsCommitment of non-consensus enforced dataBackward compatibilityDeploymentCreditsReference ImplementationReferencesCopyright Abstract This BIP defines a new witness program type that uses a Merkle tree to encode mutually exclusive branches in a script. This enables complicated redemption conditions that are currently not possible, improves privacy by hiding unexecuted scripts, and allows inclusion of non-consensus enforced data with very low or no additional cost. Motivation Evolution of Bitcoin script sys...

143 - Transaction Signature Verification for Version 0 Witness Program

BIP: 143 source Layer: Consensus (soft fork) Title: Transaction Signature Verification for Version 0 Witness Program Authors: Johnson Lau Pieter Wuille Status: Deployed Type: Specification Assigned: 2016-01-03 License: PD Table of ContentsAbstractMotivationSpecificationRestrictions on public key typeExampleNative P2WPKHP2SH-P2WPKHNative P2WSHP2SH-P2WSHNo FindAndDeleteDeploymentBackward compatibilityReference ImplementationReferencesCopyright Abstract This proposal defines a new transaction digest algorithm for signature verification in version 0 witness program, in order to minimize redundant data hashing in verification, and to cover the input value by the signature. Motivation There are 4 ECDSA signature verification codes in the original Bitcoin script system: CHECKSIG, CHECKSIGVERIFY, CHECKMULTISIG, CHECKMULTISIGVERIFY (“sigops”). According to the sighash type (ALL, NONE, SINGLE, ANYONECANPAY), a transaction digest is generated with a double SHA256 of a s...

141 - Segregated Witness (Consensus layer)

BIP: 141 source Layer: Consensus (soft fork) Title: Segregated Witness (Consensus layer) Authors: Eric Lombrozo Johnson Lau Pieter Wuille Status: Deployed Type: Specification Assigned: 2015-12-21 License: PD Table of ContentsAbstractMotivationSpecificationTransaction IDCommitment structureWitness programOther consensus critical limitsBlock sizeSigopsAdditional definitionsTransaction size calculationsNew script semanticsExamplesP2WPKHP2WPKH nested in BIP16 P2SHP2WSHP2WSH nested in BIP16 P2SHExtensible commitment structureTrust-free unconfirmed transaction dependency chainFuture extensionsCompact fraud proof for SPV nodesNew script systemPer-input lock-time and relative-lock-timeBackward compatibilityDeploymentCreditsFootnotesReference ImplementationReferencesCopyright Abstract This BIP defines a new structure called a "witness" that is committed to blocks separately from the transaction merkle tree. This structure contains data required to check t...

123 - BIP Classification

BIP: 123 source Title: BIP Classification Authors: Eric Lombrozo Status: Deployed Type: Process Assigned: 2015-08-26 License: CC0-1.0 OR FSFAP Table of ContentsAbstractCopyrightMotivationSpecification1. Consensus LayerSoft ForksHard Forks2. Peer Services Layer3. API/RPC Layer4. Applications LayerClassification of existing BIPs Abstract This document describes a classification scheme for BIPs. BIPs are classified by system layers with lower numbered layers involving more intricate interoperability requirements. The specification defines the layers and sets forth specific criteria for deciding to which layer a particular standards BIP belongs. Copyright This BIP is dual-licensed under the Creative Commons CC0 1.0 Universal and FSF All Permissive licenses. Motivation Bitcoin is a system involving a number of different standards. Some standards are absolute requirements for interoperability while others can be considered optional, giving implementers a choice of whether to su...