Author: Johnson Lau 2018-08-30 20:38:06
Published on: 2018-08-30T20:38:06+00:00
In 2016, Johnson Lau proposed several ideas for the next generation of script for Bitcoin transactions. After receiving feedback, he revised his proposal to focus on improving security and reducing the number of optional features. The revised version is available on GitHub and contains eight new major features compared to BIP143.Lau's proposal, called SIGHASH2, is a superset of the existing SIGHASH and BIP118 SIGHASH_NOINPUT, with further flexibility but not being too complicated. It fixes some minor problems found in the late stage of BIP143 review, such as the possibility of having the same SignatureHash() results for a legacy and a witness transaction.The SIGHASH2 proposal outlines a new format for signatures in Bitcoin transactions. It includes various changes to the hashtype definitions, with the default and most commonly used case being SIGHASH2_ALL, which saves space by making it zero size. The bit flags are defined in a negative way (e.g. NOLOCKTIME).There are several reasons for the proposed changes, such as saving block space, decoupling INPUT and SEQUENCE, allowing for optional signing of FEE, and putting NOVERSION and NOSCRIPTCODE in the second byte to make most signatures below 66 bytes. In addition, Lau poses several questions for consideration, such as whether NOINPUT should commit to scriptCode and/or scriptPubKey, whether LASTOUTPUT and DUALOUTPUT should be added, and whether a fully flexible way to sign a subset of outputs is desired. The proposal also includes examples of equivalent SIGHASH2 values for other SIGHASH schemes. The motivation behind this is to use compact signatures to save space and provide more SIGHASH options for increased flexibility. The specification includes rules for public key format and signature format, along with new hashtype definitions.Lau's proposal falls under BIP YYY, which defines signature checking operations in version 1 witness program. The proposal is a soft-fork and exact deployment details are still to be determined. The reference implementation can be found on GitHub.
Updated on: 2023-05-20T16:37:04.218603+00:00