1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
|
Return-Path: <fiatjaf@alhur.es>
Received: from silver.osuosl.org (smtp3.osuosl.org [140.211.166.136])
by lists.linuxfoundation.org (Postfix) with ESMTP id 90384C0893
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 23 Dec 2020 03:45:33 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
by silver.osuosl.org (Postfix) with ESMTP id 8666A2270C
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 23 Dec 2020 03:45:33 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from silver.osuosl.org ([127.0.0.1])
by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id VFCYQgljDTxn
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 23 Dec 2020 03:45:30 +0000 (UTC)
X-Greylist: delayed 00:15:04 by SQLgrey-1.7.6
Received: from sender4-op-o16.zoho.com (sender4-op-o16.zoho.com
[136.143.188.16])
by silver.osuosl.org (Postfix) with ESMTPS id B8548203CE
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 23 Dec 2020 03:45:30 +0000 (UTC)
ARC-Seal: i=1; a=rsa-sha256; t=1608694223; cv=none;
d=zohomail.com; s=zohoarc;
b=ISzjwmjcfV4/lQHFX/M+cP6s+9Q8gc+7epawJUgu4ykQbSZGQLuGrvhwFS7h8WxrnYZQA4cnKhDSRUUmeY0KTStCn9gIae9NXyeCquneripEKCZSlx22h51XtxBi9kwI+n7WtzWaPPEBX3zZkW9/fVfbHCvRpuQuUx8NImj60A0=
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=zohomail.com;
s=zohoarc; t=1608694223;
h=Content-Type:Content-Transfer-Encoding:Date:From:In-Reply-To:MIME-Version:Message-ID:References:Subject:To;
bh=FIjQNRUL+ugHJUf2fr4FD7WgBBAQca86KEj/kkJ+r/A=;
b=iPozNl1gUtx47mPGcAXazgtrGIm1Pb3FnNA+8jxR/rIFME61YWXIYnRcPEJTgEgub8YEMc1iXMGahZXhZd+cIG9M6bDfpFBBIxP/zs6fbTvXayTeWeic9t6vsogrqhnltY/1yyLc2YPuwHqDaXbY1p8e/ywCRHUmX3937RIfP4k=
ARC-Authentication-Results: i=1; mx.zohomail.com; dkim=pass header.i=alhur.es;
spf=pass smtp.mailfrom=fiatjaf@alhur.es;
dmarc=pass header.from=<fiatjaf@alhur.es> header.from=<fiatjaf@alhur.es>
DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; t=1608694223;
s=k1; d=alhur.es; i=fiatjaf@alhur.es;
h=Date:From:To:Message-ID:In-Reply-To:References:Subject:MIME-Version:Content-Type:Content-Transfer-Encoding;
bh=FIjQNRUL+ugHJUf2fr4FD7WgBBAQca86KEj/kkJ+r/A=;
b=n/z7KEBvHUPpDlAmUMROm/gQIVPbAJJH506EC0YlpXQW8bpRTzH/c8jZxOMjy0jm
XrWqAPcIoQMupcjSdEdgZC4qAQumq/3tx9tdERUY6u7c+RjzLzb1H/MCab0H9NLuLk0
6l/3AXNqk5CB4bB8RXjxlPdwadJr7gGEgvX+/NbQ=
Received: from mail.zoho.com by mx.zohomail.com
with SMTP id 1608694220552752.0222613952285;
Tue, 22 Dec 2020 19:30:20 -0800 (PST)
Date: Wed, 23 Dec 2020 00:30:20 -0300
From: fiatjaf <fiatjaf@alhur.es>
To: "Andrew Chow" <achow101-lists@achow101.com>,
"Bitcoin Protocol Discussion" <bitcoin-dev@lists.linuxfoundation.org>
Message-ID: <1768da5c6f0.f63a34dc413157.2741477427673569054@alhur.es>
In-Reply-To: <5a4697cb-b9cb-b925-e78f-d5b53f025704@achow101.com>
References: <1dd8c285-e3f4-4f03-d608-103a5026146d@achow101.com>
<5a4697cb-b9cb-b925-e78f-d5b53f025704@achow101.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit
Importance: Medium
User-Agent: Zoho Mail
X-Mailer: Zoho Mail
X-Mailman-Approved-At: Wed, 23 Dec 2020 04:17:16 +0000
Subject: Re: [bitcoin-dev] New PSBT version proposal
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Wed, 23 Dec 2020 03:45:33 -0000
Hi Andrew.
I'm just a lurker here and I have not much experience with PSBTs, but still let me pose this very obvious question and concern: isn't this change going to create a compatibility nightmare, with some software supporting version 1, others supporting version 2, and the ones that care enough about UX and are still maintained being forced to support both versions -- and for no very important reason except some improvements in the way data is structured?
Ultimately I don't think it should matter if some data is structured in not-the-best-possible way, as long as it is clear enough for the computer and for the libraries already written to deal with it. Backwards-compatibility and general interoperability is worth much more than anything else in these cases.
Also let me leave this article here, which I find very important (even if for some reason it ends up not being relevant to this specific case): http://scripting.com/2017/05/09/rulesForStandardsmakers.html
---- On Tue, 22 Dec 2020 17:12:22 -0300 Andrew Chow via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> wrote ----
> Hi All,
>
> I have some updates on this after speaking with some people off-list.
>
> Firstly, the version number will be set to 2. In most discussions, this
> proposal was being referred to as PSBT version 2, so it'll be easier and
> clearer to set the version number to 2.
>
> For lock times, instead of a single PSBT_IN_REQUIRED_LOCKTIME field,
> there will be 2 of them, one for a time based lock time, and the other
> for height based. These will be:
> * PSBT_IN_REQUIRED_TIME_LOCKTIME = 0x10
> * Key: empty
> * Value: 32 bit unsigned little endian integer greater than or equal
> to 500000000 representing the minimum Unix timestamp that this input
> requires to be set as the transaction's lock time. Must be omitted in
> PSBTv0, and may be omitted in PSBTv2
> * PSBT_IN_REQUIRED_HEIGHT_LOCKTIME = 0x11
> * Key: empty
> * Value: 32 bit unsigned little endian integer less than 500000000
> representing the minimum block height that this input requires to be set
> as the transaction's lock time. Must be omitted in PSBTv0, and may be
> omitted in PSBTv2.
>
> Having two lock time fields is necessary due to the behavior where all
> inputs must use the same type of lock time (height or time). Thus if an
> input requires a particular type of lock time, it must set the requisite
> field. Any new inputs being added must be able to accommodate all
> existing inputs' lock time type. This means they either must not have a
> lock time specified (i.e. no OP_CLTV involved), or have branches that
> allow the acceptance of either type. If an input has a lock time type
> that is incompatible with the rest of the transaction, it must not be added.
>
> PSBT_GLOBAL_PREFERRED_LOCKTIME is changed to purely be the fallback
> option if no input lock time fields are present. If there are input lock
> times, all lock time calculations must ignore it.
>
> Any role which does lock time calculation will first check if there are
> input lock time fields. If there are not, it must then check for a
> PSBT_GLOBAL_PREFERRED_LOCKTIME. If this field exists, its value is the
> transaction's lock time. If it does not, the lock time is 0. If there
> are input lock time fields, it must choose the type which does not
> invalidate any inputs. The lock time is then determined to be the
> maximum value of all of the lock time fields for the chosen type.
>
>
> Additionally, I would like to add a new global field:
> * PSBT_GLOBAL_UNDER_CONSTRUCTION = 0x05
> * Key: empty
> * Value: A single byte as a boolean. 0 for False, 1 for True. All
> other values ore prohibited. Must be omitted for PSBTv0, may be omitted
> in PSBTv2.
>
> PSBT_GLOBAL_UNDER_CONSTRUCTION is used to signal whether inputs and
> outputs can be added to the PSBT. This flag may be set to True when
> inputs and outputs are being updated, signed, and finalized. However
> care must be taken when there are existing signatures. If this field is
> omitted or set to False, no further inputs and outputs may be added to
> the PSBT.
>
> Several rules must be followed to ensure that adding additional inputs
> and outputs will not invalidate existing signatures. First, an input or
> output adder must check for any existing signatures in all of the other
> inputs. If there are none, the input or output may be added in any
> position. If there are one or more signatures, each signature's sighash
> type must be examined. Inputs may only be added if all existing
> signatures use SIGHASH_ANYONECANPAY. Outputs may only be added if all
> existing signatures use SIGHASH_NONE. If an input has a signature using
> SIGHASH_SINGLE, the same number of inputs and outputs must be added
> before that input and it's corresponding output. For all other sighash
> types (i.e. SIGHASH_ALL and any future sighash types), no inputs or
> outputs may be added to the PSBT. Specific exceptions can be made in the
> future for additional sighash types.
>
> Furthermore, these newly added inputs must follow additional lock time
> rules. Because all signatures, regardless of sighash type, sign the
> transaction lock time, newly added inputs when there are existing
> signatures must have the same type of lock time used in the transaction,
> and must be less than or equal to the transaction lock time. It must not
> cause the transaction lock time to change, otherwise the signatures will
> be invalidated.
>
>
> Lastly, to uniquely identify transactions for combiners, a txid can be
> computed from the information present in the PSBT. Internally, combiners
> can create an unsigned transaction given the transaction version, the
> input prevouts, the outputs, and the computed locktime. This can then be
> used to calculate a txid and thus used as a way to identify PSBTs.
> Combiners will need to do this for all version 2 PSBTs in order to avoid
> combining distinct transactions.
>
>
> Andrew Chow
>
> On 12/9/20 5:25 PM, Andrew Chow wrote:
> > Hi All,
> >
> > I would like to propose a new PSBT version that addresses a few
> > deficiencies in the current PSBT v0. As this will be backwards
> > incompatible, a new PSBT version will be used, v1.
> >
> > The primary change is to truly have all input and output data for each
> > in their respective maps. Instead of having to parse an unsigned
> > transaction and lookup some data from there, and other data from the
> > correct map, all of the data for an input will be contained in its map.
> > Doing so also disallows PSBT_GLOBAL_UNSIGNED_TX in this new version.
> > Thus I propose that the following fields be added:
> >
> > Global:
> > * PSBT_GLOBAL_TX_VERSION = 0x02
> > * Key: empty
> > * Value: 32-bit little endian unsigned integer for the transaction
> > version number. Must be provided in PSBT v1 and omitted in v0.
> > * PSBT_GLOBAL_PREFERRED_LOCKTIME = 0x03
> > * Key: empty
> > * Value: 32 bit little endian unsigned integer for the preferred
> > transaction lock time. Must be omitted in PSBT v0. May be provided in
> > PSBT v1, assumed to be 0 if not provided.
> > * PSBT_GLOBAL_INPUT_COUNT = 0x04
> > * Key: empty
> > * Value: Compact size unsigned integer. Number of inputs in this
> > PSBT. Must be provided in PSBT v1 and omitted in v0.
> > * PSBT_GLOBAL_OUTPUT_COUNT = 0x05
> > * Key: empty
> > * Value: Compact size unsigned integer. Number of outputs in this
> > PSBT. Must be provided in PSBT v1 and omitted in v0.
> >
> > Input:
> > * PSBT_IN_PREVIOUS_TXID = 0x0e
> > * Key: empty
> > * Value: 32 byte txid of the previous transaction whose output at
> > PSBT_IN_OUTPUT_INDEX is being spent. Must be provided in PSBT v1 and
> > omitted in v0.
> > * PSBT_IN_OUTPUT_INDEX = 0x0f
> > * Key: empty
> > * Value: 32 bit little endian integer for the index of the output
> > being spent. Must be provided in PSBT v1 and omitted in v0.
> > * PSBT_IN_SEQUENCE = 0x0f
> > * Key: empty
> > * Value: 32 bit unsigned little endian integer for the sequence
> > number. Must be omitted in PSBT v0. May be provided in PSBT v1 assumed
> > to be max sequence (0xffffffff) if not provided.
> > * PSBT_IN_REQUIRED_LOCKTIME = 0x10
> > * Key: empty
> > * Value: 32 bit unsigned little endian integer for the lock time that
> > this input requires. Must be omitted in PSBT v0. May be provided in PSBT
> > v1, assumed to be 0 if not provided.
> >
> > Output:
> > * PSBT_OUT_VALUE = 0x03
> > * Key: empty
> > * Value: 64-bit unsigned little endian integer for the output's
> > amount in satoshis. Must be provided in PSBT v1 and omitted in v0.
> > * PSBT_OUT_OUTPUT_SCRIPT = 0x04
> > * Key: empty
> > * Value: The script for this output. Otherwise known as the
> > scriptPubKey. Must be provided in PSBT v1 and omitted in v0.
> >
> > This change allows for PSBT to be used in the construction of
> > transactions. With these new fields, inputs and outputs can be added as
> > needed. One caveat is that there is no longer a unique transaction
> > identifier so more care must be taken when combining PSBTs.
> > Additionally, adding new inputs and outputs must be done such that
> > signatures are not invalidated. This may be harder to specify.
> >
> > An important thing to note in this proposal are the fields
> > PSBT_GLOBAL_PREFERRED_LOCKTIME and PSBT_IN_REQUIRED_LOCKTIME. A Bitcoin
> > transaction only has a single locktime yet a PSBT may have multiple
> > locktimes. To choose the locktime for the transaction, finalizers must
> > choose the maximum of all of the *_LOCKTIME fields.
> > PSBT_IN_REQUIRED_LOCKTIME is added because some inputs, such as those
> > involving OP_CHECKLOCKTIMEVERIFY, require a specific minimum locktime to
> > be set. This field allows finalizers to choose a locktime that is high
> > enough for all inputs without needing to understand the scripts
> > involved. The PSBT_GLOBAL_PREFERRED_LOCKTIME is the locktime to use if
> > no inputs require a particular locktime.
> >
> > As these changes disallow the PSBT_GLOBAL_UNSIGNED_TX field, PSBT v1
> > needs the version number bump to enforce backwards incompatibility.
> > However once the inputs and outputs of a PSBT are decided, a PSBT could
> > be "downgraded" back to v0 by creating the unsigned transaction from the
> > above fields, and then dropping these new fields.
> >
> > If the list finds that these changes are reasonable, I will write a PR
> > to modify BIP 174 to incorporate them.
> >
> > Thanks,
> > Andrew Chow
>
>
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
|