Published on: 2018-01-06T10:05:11+00:00
In a discussion thread on the Bitcoin development mailing list, a user raised a question about why the BIP39 mnemonic format is not used for addresses. They pointed out that it is more difficult to copy random letters and numbers compared to simple words, which can lead to mistakes when copying addresses and private keys by hand. The user suggested that using the BIP39 seeds, which have a lower chance of errors, would be a better option. Another user responded by explaining that while the Bech32 proposal involved a lot of math, there was not as much user experience testing. Another user in the thread introduced the idea of P2SH², which involves including the single SHA256 hash of the public key or script in the address instead of RIPEMD160(SHA256(pubkey)) or SHA256(SHA256(script)). This would allow for relaying the "middle-hash" as a way to prove that the final hash is indeed a hash itself and not embedded data spam. However, another user mentioned that the Bech32 proposal had already been rushed to market without much public review, so adding more address diversity at this time may not be beneficial for the ecosystem. Instead, they suggested considering an address-next proposal with features like coded expiration times and the ability to have amounts under checksum.Bitcoin Core developer Luke Dashjr recently sent an email to the bitcoin-dev mailing list, bringing up the previously discussed P2SH² improvements and questioning why they were not included in Bech32. P2SH² involves including the single SHA256 hash of the public key or script in the address. Luke Dashjr clarified that P2SH² was not a serious proposal but rather a thought experiment. He believed that it did not offer much value for Bitcoin today, especially considering the cost of output space and non-negligible fees. Additionally, Bech32 was rushed to market without substantial public review.Luke Dashjr suggested that instead of adding more address diversity at this time, it would be better to work on an address-next proposal with a specific timeframe in the future. He emphasized the importance of not deploying this proposal loudly. While layered hashing is considered a minor feature, other features like coded expiration times and the ability to have amounts under checksum might be more worthy of consideration.In light of these discussions, Luke Dashjr proposed adding "P2SH² improvements" to the Bech32 format. He shared an initial draft of the proposal on Github. The idea is to include the single SHA256 hash of the public key or script in the address instead of RIPEMD160(SHA256(pubkey)) or SHA256(SHA256(script)). This would enable relaying the middle-hash as a way to prove that the final hash is indeed a hash itself and not embedded data spam. Since the deployment of Bech32 is not yet widespread, Luke Dashjr believes it may be worth revising it to incorporate this improvement. Bech32 is seen as a missed opportunity to include these improvements, considering that most users will likely upgrade to it in the future.
Updated on: 2023-08-01T22:24:11.257718+00:00