summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorAndrew Chow <achow101-lists@achow101.com>2021-07-02 20:03:20 +0000
committerbitcoindev <bitcoindev@gnusha.org>2021-07-02 20:03:34 +0000
commit94743d00b86466cc42b12e4855f07d79a91a8630 (patch)
treeec356b564056050f5894fc36645632e9fe4e448c
parente7f51889e98dfbd77b80962353e991516c6a8c1f (diff)
downloadpi-bitcoindev-94743d00b86466cc42b12e4855f07d79a91a8630.tar.gz
pi-bitcoindev-94743d00b86466cc42b12e4855f07d79a91a8630.zip
Re: [bitcoin-dev] Derivation Paths for Single Key Taproot Scripts
-rw-r--r--f8/0492fbd67d83c54c9d2388fde620c39a98a644211
1 files changed, 211 insertions, 0 deletions
diff --git a/f8/0492fbd67d83c54c9d2388fde620c39a98a644 b/f8/0492fbd67d83c54c9d2388fde620c39a98a644
new file mode 100644
index 000000000..55dff3c43
--- /dev/null
+++ b/f8/0492fbd67d83c54c9d2388fde620c39a98a644
@@ -0,0 +1,211 @@
+Return-Path: <achow101-lists@achow101.com>
+Received: from smtp4.osuosl.org (smtp4.osuosl.org [IPv6:2605:bc80:3010::137])
+ by lists.linuxfoundation.org (Postfix) with ESMTP id B33FEC000E
+ for <bitcoin-dev@lists.linuxfoundation.org>;
+ Fri, 2 Jul 2021 20:03:34 +0000 (UTC)
+Received: from localhost (localhost [127.0.0.1])
+ by smtp4.osuosl.org (Postfix) with ESMTP id 94D52402AC
+ for <bitcoin-dev@lists.linuxfoundation.org>;
+ Fri, 2 Jul 2021 20:03:34 +0000 (UTC)
+X-Virus-Scanned: amavisd-new at osuosl.org
+X-Spam-Flag: NO
+X-Spam-Score: -2.101
+X-Spam-Level:
+X-Spam-Status: No, score=-2.101 tagged_above=-999 required=5
+ tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1,
+ DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_PASS=-0.001]
+ autolearn=ham autolearn_force=no
+Authentication-Results: smtp4.osuosl.org (amavisd-new);
+ dkim=pass (2048-bit key) header.d=achow101.com
+Received: from smtp4.osuosl.org ([127.0.0.1])
+ by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
+ with ESMTP id uXHPYDLedUB4
+ for <bitcoin-dev@lists.linuxfoundation.org>;
+ Fri, 2 Jul 2021 20:03:31 +0000 (UTC)
+X-Greylist: from auto-whitelisted by SQLgrey-1.8.0
+Received: from mail-0201.mail-europe.com (mail-0201.mail-europe.com
+ [51.77.79.158])
+ by smtp4.osuosl.org (Postfix) with ESMTPS id 9BB0140244
+ for <bitcoin-dev@lists.linuxfoundation.org>;
+ Fri, 2 Jul 2021 20:03:31 +0000 (UTC)
+Date: Fri, 02 Jul 2021 20:03:20 +0000
+DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=achow101.com;
+ s=protonmail3; t=1625256202;
+ bh=mnGrSHSAxABNljJh4fX4TV1yb+7jHMlnJv2nSSNhwy0=;
+ h=Date:To:From:Reply-To:Subject:In-Reply-To:References:From;
+ b=xKE75PmMP1PybQXzTPMyXgqoeswHPiFzxWoYyfAcKW2byF3l8rkOZadaDluNRvNHX
+ OznxeTHfEmKgwU+YsWkreL+4/hPZUk98IRGnCzkencxCrzqrsEsbiC4uknFlS6iNgC
+ Ze1PHc6hwFPqehsHCccxyaaL3A1Gxdo/px2GmUMcfvoEuGMBmTgXbued618wnF07y0
+ XRRRvrT6jgmJY9DpSv8/P93iWP6vKhWEewV54brTDkqzHEzOKNxClmVHbQ9SDPOIeb
+ BjuWx6SLKbf2jjLQof45mhzlDrUbHnafsAZJAGfj3+rqHDsJ9xABtF5NZ/VM6iooK9
+ HOyrC4ImBWUGg==
+To: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
+From: Andrew Chow <achow101-lists@achow101.com>
+Reply-To: Andrew Chow <achow101-lists@achow101.com>
+Message-ID: <ad7b84a7-7666-7cde-6ba9-84a5ffbc04be@achow101.com>
+In-Reply-To: <6bb9110e-b726-0470-96f0-2d68eadf23a3@achow101.com>
+References: <6bb9110e-b726-0470-96f0-2d68eadf23a3@achow101.com>
+MIME-Version: 1.0
+Content-Type: text/plain; charset=utf-8
+Content-Transfer-Encoding: quoted-printable
+Subject: Re: [bitcoin-dev] Derivation Paths for Single Key Taproot Scripts
+X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
+X-Mailman-Version: 2.1.15
+Precedence: list
+List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
+List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
+ <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
+List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
+List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
+List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
+List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
+ <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
+X-List-Received-Date: Fri, 02 Jul 2021 20:03:34 -0000
+
+This was assigned BIP number 86, so the purpose level path will be m/86'
+
+Andrew
+
+On 6/22/21 9:17 PM, Andrew Chow wrote:
+> Hi All,
+>
+> I would like to propose a simple derivation path scheme for keys to be
+> used in single key Taproot scripts. This is based on BIP 44 so it is
+> basically identical to BIPs 49 and 84. Like with those BIPs, the actual
+> value to be used in the purpose level will be set to the BIP number,
+> once assigned.
+>
+> Note that the keys derived in this method should be for the Taproot
+> internal key, which should then be tweaked with the hash of itself as
+> recommended by BIP 341. The keys derived at this path should not be used
+> directly as the Taproot output pubkey. Additionally, this BIP does not
+> specify new version bytes for extended key serialization because, with
+> the advent of descriptors, I think that is unnecessary. In fact, this
+> BIP feels somewhat unnecessary to me, but it seems like it will be
+> needed for now in order to drive adoption and implementation of Taproot
+> into software and hardware wallets.
+>
+> The text can be viewed below, with the rendered text available at
+> https://github.com/achow101/bips/blob/taproot-bip44/bip-taproot-bip44.med=
+iawiki
+>
+> Andrew Chow
+>
+> ---
+>
+> <pre>
+> =C2=A0 BIP: bip-taproot-bip44
+> =C2=A0 Layer: Applications
+> =C2=A0 Title: Derivation scheme for P2TR based accounts
+> =C2=A0 Author: Andrew Chow <andrew@achow101.com>
+> =C2=A0 Comments-Summary: No comments yet.
+> =C2=A0 Comments-URI:
+> https://github.com/bitcoin/bips/wiki/Comments:BIP-taproot-bip44
+> =C2=A0 Status: Draft
+> =C2=A0 Type: Informational
+> =C2=A0 Created: 2021-06-22
+> =C2=A0 License: BSD-2-Clause
+> </pre>
+>
+> =3D=3DAbstract=3D=3D
+>
+> This document suggests a derivation scheme for HD wallets whose keys are
+> involved in single key
+> P2TR ([[bip-0341.mediawiki|BIP 341]]) outputs as the Taproot internal key=
+.
+>
+> =3D=3D=3DCopyright=3D=3D=3D
+>
+> This BIP is licensed under the 2-clause BSD license.
+>
+> =3D=3DMotivation=3D=3D
+>
+> With the usage of single key P2TR transactions, it is useful to have a
+> common derivation scheme so
+> that HD wallets that only have a backup of the HD seed can be likely to
+> recover single key Taproot
+> outputs. Although there are now solutions which obviate the need for
+> fixed derivation paths for
+> specific script types, many software wallets and hardware signers still
+> use seed backups which
+> lack derivation path and script information. Thus we largely use the
+> same approach used in BIPs
+> [[bip-0049.mediawiki|49]] and [[bip-0084.mediawiki|84]] for ease of
+> implementation.
+>
+> =3D=3DSpecifications=3D=3D
+>
+> This BIP defines the two needed steps to derive multiple deterministic
+> addresses based on a
+> [[bip-0032.mediawiki|BIP 32]] master private key.
+>
+> =3D=3D=3DPublic key derivation=3D=3D=3D
+>
+> To derive a public key from the root account, this BIP uses the same
+> account-structure as
+> defined in BIPs [[bip-0044.mediawiki|44]], [[bip-0049.mediawiki|49]],
+> and [[bip-0084.mediawiki|84]],
+> but with a different purpose value for the script type.
+>
+> <pre>
+> m / purpose' / coin_type' / account' / change / address_index
+> </pre>
+>
+> For the <tt>purpose</tt>-path level it uses <tt><BIPNUMBER>'</tt>.
+> The rest of the levels are used as defined in BIPs 44, 49, and 84.
+>
+> =3D=3D=3DAddress derivation=3D=3D=3D
+>
+> To derive the output key used in the P2TR script from the derived public
+> key, we use the method
+> recommended in
+> [[bip-0341.mediawiki#constructing-and-spending-taproot-outputs|BIP 341]]:
+>
+> <pre>
+> internal_key:=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 lift_x(derived_key)
+> 32_byte_output_key: internal_key + int(HashTapTweak(bytes(internal_key)))=
+G
+> </pre>
+>
+> In a transaction, the scripts and witnesses are as defined in
+> [[bip-0341.mediawiki#specification|BIP 341]]:
+>
+> <pre>
+> witness:=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0 <signature>
+> scriptSig:=C2=A0=C2=A0=C2=A0 (empty)
+> scriptPubKey: 1 <32_byte_output_key>
+> =C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=C2=A0=
+=C2=A0=C2=A0 (0x5120{32_byte_output_key})
+> </pre>
+>
+> =3D=3DBackwards Compatibility=3D=3D
+>
+> This BIP is not backwards compatible by design.
+> An incompatible wallet will not discover these accounts at all and the
+> user will notice that
+> something is wrong.
+>
+> However this BIP uses the same method used in BIPs 44, 49, and 84, so it
+> should not be difficult
+> to implement.
+>
+> =3D=3DTest vectors=3D=3D
+>
+> TBD
+>
+> =3D=3DReference=3D=3D
+>
+> * [[bip-0032.mediawiki|BIP32 - Hierarchical Deterministic Wallets]]
+> * [[bip-0043.mediawiki|BIP43 - Purpose Field for Deterministic Wallets]]
+> * [[bip-0044.mediawiki|BIP44 - Multi-Account Hierarchy for Deterministic
+> Wallets]]
+> * [[bip-0049.mediawiki|BIP49 - Derivation scheme for
+> P2WPKH-nested-in-P2SH based accounts]]
+> * [[bip-0084.mediawiki|BIP84 - Derivation scheme for P2WPKH based account=
+s]]
+> * [[bip-0341.mediawiki|BIP341 - Taproot: SegWit version 1 spending rules]=
+]
+>
+
+
+