Author: Jeremy 2019-10-04 05:02:14
Published on: 2019-10-04T05:02:14+00:00
Recently, Ethan Heilman proposed a method to tag nodes in Bitcoin using SHA256 to tag nodes with a different tag for leaves. Tagged hashes are just prepend-this-32-byte-constant-twice-before-you-SHA256. However, it seemed that to check merkle tree proofs, an `OP_CAT` with only 64 bytes max output size would not be sufficient. Alternatively, tagged SHA256 could be implemented as a new opcode.In another discussion on OP_CAT, it was suggested to remove SIGHASH flags from signatures and put SIGHASH on public keys. Public keys would be encoded as either 33-bytes (implicit `SIGHASH_ALL`) or 34-bytes (`SIGHASH` byte, followed by pubkey type, followed by pubkey coordinate). The `OP_CHECKSIG` and other related functions would then look at the public key to determine the sighash algorithm rather than the signature. This is done by using the script: `OP_SETPUBKEYSIGHASH OP_CHECKSIG`.In this email thread, ZmnSCPxj suggests that there may be a superior solution to a problem that has been discussed on the bitcoin-dev mailing list. The email ends with links to the Lightning-dev mailing list and its subscription page.
Updated on: 2023-06-02T20:47:43.127598+00:00