Author: Clark Moody 2019-11-13 02:56:54
Published on: 2019-11-13T02:56:54+00:00
The Bitcoin development team is discussing the possibility of using alternate checksums for Segwit outputs of different lengths. The current draft allows for witness v1 outputs of other lengths besides 32, which could result in outputs that can be spent by anyone. To prevent this, a consensus rule or standardness rule could be implemented to require anyone using a bech32 library supporting v1+ segwit to upgrade their library. However, this would require everyone to upgrade their libraries, causing significant ecosystem costs. Alternatively, the issue could be fixed in the bech32 algorithm rather than at the consensus/standardness layer. One suggestion is to amend BIP173 to restrict witness programs to lengths of 20 or 32 and develop a variant of bech32 with better insertion/erasure detecting properties for programs of different lengths. This approach would avoid creating a new address format and additional cognitive load on users. Improving bech32 itself is preferred over changing the way segwit addresses use bech32 as it does not make addresses longer.
Updated on: 2023-06-13T22:08:25.368641+00:00