1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
513
514
515
516
517
518
519
520
521
522
523
524
525
526
527
528
529
530
531
532
533
534
535
536
537
538
539
540
541
542
543
544
545
546
547
548
549
550
551
552
553
554
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
570
571
572
573
574
575
576
577
578
579
580
581
582
583
584
585
586
587
588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
632
633
634
635
636
637
638
639
640
641
642
643
644
645
646
647
648
649
650
651
652
653
654
655
656
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
706
707
708
709
710
711
712
713
714
715
716
717
718
719
720
721
722
723
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
765
766
767
768
769
770
771
772
773
774
775
776
777
778
779
780
781
782
783
784
785
786
787
788
789
790
791
792
793
794
795
796
797
798
799
800
801
802
803
804
805
806
807
808
809
810
811
812
813
814
815
816
817
818
819
820
821
822
823
824
825
|
Return-Path: <shiva@blockonomics.co>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id C15618D9
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 6 Sep 2017 05:20:55 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
Received: from blockonomics.co (blockonomics.co [52.10.115.182])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id BF37412A
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 6 Sep 2017 05:20:53 +0000 (UTC)
Received: from mail-ua0-f174.google.com (mail-ua0-f174.google.com
[209.85.217.174])
(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
(No client certificate requested)
by blockonomics.co (Postfix) with ESMTPSA id EE2971F1420
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 6 Sep 2017 05:20:52 +0000 (UTC)
Received: by mail-ua0-f174.google.com with SMTP id s15so11974457uag.1
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 05 Sep 2017 22:20:52 -0700 (PDT)
X-Gm-Message-State: AHPjjUjTIh2UBvSz9RviyjABjF2l+dDPENmxNZ0VRdB3wm42mdlD26WO
ZeT+mOfG1LxVuFF6nG3GsJ5hK0BpYw==
X-Google-Smtp-Source: ADKCNb7NJAYAai7wYw0UrDHuFo2C27/kUnaAMr4/VbVs3XhhNi8gPFkdjq4gPj6E85y62DVTttublrp30U8xXInl4Dg=
X-Received: by 10.176.10.29 with SMTP id q29mr783866uah.133.1504675251812;
Tue, 05 Sep 2017 22:20:51 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.176.75.9 with HTTP; Tue, 5 Sep 2017 22:20:31 -0700 (PDT)
From: shiva sitamraju <shiva@blockonomics.co>
Date: Wed, 6 Sep 2017 10:50:31 +0530
X-Gmail-Original-Message-ID: <CABuOfujTuZADkrb_zcWGy0Wx72nEuctMDge2yTXFNYPEzYRO3A@mail.gmail.com>
Message-ID: <CABuOfujTuZADkrb_zcWGy0Wx72nEuctMDge2yTXFNYPEzYRO3A@mail.gmail.com>
To: bitcoin-dev@lists.linuxfoundation.org, thomasv@electrum.org,
stick@satoshilabs.com
Content-Type: multipart/alternative; boundary="94eb2c0e9910e2fe9305587e81b3"
X-Spam-Status: No, score=0.0 required=5.0 tests=HTML_MESSAGE,RP_MATCHES_RCVD
autolearn=disabled version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
X-Mailman-Approved-At: Wed, 06 Sep 2017 05:46:29 +0000
Subject: Re: [bitcoin-dev] BIP49 Derivation scheme changes
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Wed, 06 Sep 2017 05:20:55 -0000
--94eb2c0e9910e2fe9305587e81b3
Content-Type: text/plain; charset="UTF-8"
Hi Thomas,
Can you explain why P2WPKH nested in BIP16 P2SH require a different version
than P2WPKH? It seems to me both would would generate same bitcoin address
in txout and hence would be in the same wallet account.
I am fine with your proposal too. Would be great if you can list all new
versions including testnet ones. I would prefer all testnet ones start with
t (easier to identify) instead of having t,u,v
Thanks
On Wed, Sep 6, 2017 at 3:21 AM, <
bitcoin-dev-request@lists.linuxfoundation.org> wrote:
> Send bitcoin-dev mailing list submissions to
> bitcoin-dev@lists.linuxfoundation.org
>
> To subscribe or unsubscribe via the World Wide Web, visit
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
> or, via email, send a message with subject or body 'help' to
> bitcoin-dev-request@lists.linuxfoundation.org
>
> You can reach the person managing the list at
> bitcoin-dev-owner@lists.linuxfoundation.org
>
> When replying, please edit your Subject line so it is more specific
> than "Re: Contents of bitcoin-dev digest..."
>
>
> Today's Topics:
>
> 1. Re: BIP49 Derivation scheme changes (Pavol Rusnak)
> 2. Re: Proposal: bip32 version bytes for segwit scripts
> (Pavol Rusnak)
> 3. Re: BIP49 Derivation scheme changes (Thomas Voegtlin)
> 4. Re: Proposal: bip32 version bytes for segwit scripts (Luke Dashjr)
> 5. Re: Sidechain headers on mainchain (unification of
> drivechains and spv proofs) (Chris Stewart)
> 6. Re: Proposal: bip32 version bytes for segwit scripts
> (Thomas Voegtlin)
> 7. SF proposal: prohibit unspendable outputs with amount=0
> (Jorge Tim?n)
>
>
> ----------------------------------------------------------------------
>
> Message: 1
> Date: Tue, 5 Sep 2017 17:41:37 +0200
> From: Pavol Rusnak <stick@satoshilabs.com>
> To: shiva sitamraju <shiva@blockonomics.co>, Bitcoin Protocol
> Discussion <bitcoin-dev@lists.linuxfoundation.org>
> Subject: Re: [bitcoin-dev] BIP49 Derivation scheme changes
> Message-ID: <9da64df3-c6a9-c232-c801-f379a6d65e44@satoshilabs.com>
> Content-Type: text/plain; charset=windows-1252
>
> On 05/09/17 09:10, shiva sitamraju via bitcoin-dev wrote:
> > 0x042393df , sxpr , segwit mainnet private key
> > 0x04239377 , sxpb , segwit mainnet public key
> > 0x04222463 , stpb , segwit testnet public key
> > 0x042224cc , stpr , segwit testnet private key
>
> I am fine with both your proposal and proposal from Thomas
> ({x,y,z}{pub,prv}).
>
> Let's just decide ASAP which one we'll use.
>
>
> --
> Best Regards / S pozdravom,
>
> Pavol "stick" Rusnak
> CTO, SatoshiLabs
>
>
> ------------------------------
>
> Message: 2
> Date: Tue, 5 Sep 2017 17:44:01 +0200
> From: Pavol Rusnak <stick@satoshilabs.com>
> To: Thomas Voegtlin <thomasv@electrum.org>, Bitcoin Protocol
> Discussion <bitcoin-dev@lists.linuxfoundation.org>
> Subject: Re: [bitcoin-dev] Proposal: bip32 version bytes for segwit
> scripts
> Message-ID: <198be73d-4676-45e9-6e3d-b89f73e31702@satoshilabs.com>
> Content-Type: text/plain; charset=windows-1252
>
> On 05/09/17 12:25, Thomas Voegtlin via bitcoin-dev wrote:
> > ========== =========== ===================================
> > Version Prefix Description
> > ========== =========== ===================================
> > 0x0488ade4 xprv P2PKH or P2SH
> > 0x0488b21e xpub P2PKH or P2SH
> > 0x049d7878 yprv (P2WPKH or P2WSH) nested in P2SH
> > 0x049d7cb2 ypub (P2WPKH or P2WSH) nested in P2SH
> > 0x04b2430c zprv P2WPKH or P2WSH
> > 0x04b24746 zpub P2WPKH or P2WSH
> > ========== =========== ===================================
> > (source: http://docs.electrum.org/en/latest/seedphrase.html)
> >
> > I have heard the argument that xpub/xprv serialization is a format for
> > keys, and that it should not be used to encode how these keys are used.
>
> I used this argument for mnemonic/seed, not xpub/xprv. I am fine with
> this proposal of yours, so don't worry.
>
> --
> Best Regards / S pozdravom,
>
> Pavol "stick" Rusnak
> CTO, SatoshiLabs
>
>
> ------------------------------
>
> Message: 3
> Date: Tue, 5 Sep 2017 18:33:00 +0200
> From: Thomas Voegtlin <thomasv@electrum.org>
> To: bitcoin-dev@lists.linuxfoundation.org
> Subject: Re: [bitcoin-dev] BIP49 Derivation scheme changes
> Message-ID: <28d57503-c2b3-7736-bfea-46506636d999@electrum.org>
> Content-Type: text/plain; charset=utf-8
>
>
>
> On 05.09.2017 09:10, shiva sitamraju via bitcoin-dev wrote:
> > Hi,
> >
> > Thanks Thomas. The procedure described in
> > http://docs.electrum.org/en/latest/seedphrase.html is really what I was
> > looking for ! I really don't see any point of following BIP49, If
> possible
> > it would be great if you can propose an alternative to BIP49 that follows
> > similar structure to what is used in electrum.
> >
> > I have proposed following changes to BIP32 serialization format
> > https://github.com/bitcoin/bips/blob/master/bip-0032.
> mediawiki#serialization-format
> > to differentiate segwit xpub/xprv. Below the list of new version bytes,
> > resulting base58 prefix and network type:
> >
> > 0x042393df , sxpr , segwit mainnet private key
> > 0x04239377 , sxpb , segwit mainnet public key
> > 0x04222463 , stpb , segwit testnet public key
> > 0x042224cc , stpr , segwit testnet private key
> >
>
> I have proposed a similar idea, with letters z,y,z combined with pub/prv
> (see the electrum documentation page)
>
> The point is that we need 3 types of keys, not 2, because there are two
> types of segwit output scripts: native and nested in p2sh.
>
> We could use t,u,v for testnet.
>
>
> ------------------------------
>
> Message: 4
> Date: Tue, 5 Sep 2017 13:03:39 -0400
> From: Luke Dashjr <luke@dashjr.org>
> To: bitcoin-dev@lists.linuxfoundation.org, Thomas Voegtlin
> <thomasv@electrum.org>
> Subject: Re: [bitcoin-dev] Proposal: bip32 version bytes for segwit
> scripts
> Message-ID: <201709051303.43410.luke@dashjr.org>
> Content-Type: Text/Plain; charset="iso-8859-1"
>
> On Tuesday 05 September 2017 06:25:16 Thomas Voegtlin via bitcoin-dev
> wrote:
> > I have heard the argument that xpub/xprv serialization is a format for
> > keys, and that it should not be used to encode how these keys are used.
> > However, the very existence of version bytes, and the fact that they are
> > used to signal whether keys will be used on testnet or mainnet goes
> > against that argument.
> >
> > If we do not signal the script type in the version bytes, I believe
> > wallet developers are going to use dirtier tricks, such as the bip32
> > child number field in combination with bip43/bip44/bip49.
>
> I think it makes more sense to use a child number field for this purpose.
> It seems desirable to use the same seed for all different script formats...
>
> As you note, xpub\xprv are already being used for both P2PKH and P2SH. It
> really doesn't make sense to differentiate segwit specifically.
>
> Luke
>
>
> ------------------------------
>
> Message: 5
> Date: Tue, 5 Sep 2017 12:06:32 -0500
> From: Chris Stewart <chris@suredbits.com>
> To: ZmnSCPxj <ZmnSCPxj@protonmail.com>, Bitcoin Protocol
> Discussion
> <bitcoin-dev@lists.linuxfoundation.org>
> Subject: Re: [bitcoin-dev] Sidechain headers on mainchain (unification
> of drivechains and spv proofs)
> Message-ID:
> <CAGL6+mFHe_SfMea1oMZ3n-G3ey9yToAvTMTcfdxJ5qDD1dTXyQ@
> mail.gmail.com>
> Content-Type: text/plain; charset="utf-8"
>
> Hi ZmnSCPxj,
>
> Basically, in case of a sidechain fork, the mainchain considers the longest
> > chain to be valid if it is longer by the SPV proof required length. In
> the
> > above, at mainchain block 10, the sidechain H is now 4 blocks (H,G,F,E)
> > longer than the other sidechain fork that ended at d.
> >
> > Mainchain nodes can validate this rule because the sidechain headers are
> > embedded in the mainchain block's coinbase. Thus, mainchain fullnodes
> can
> > validate this part of the sidechain rule of "longest work chain".
> >
>
> What happens in the case that the provided merkle tree hash has a invalid
> transaction in it? Wouldn't this mean that the mainchain nodes would think
> the longest work chain is the valid chain, and it would kill off any
> consensus valid chain that sidechain miners are trying to construct? It
> seems that a malicious miner could extend the chain to whatever the SPV
> proof block height is and make it impossible for the chain to reorg after
> that. I guess if that is a sufficiently long block waiting period it may
> not be a realistic concern, but something to think about any way.
>
> Just a side note -- I think it should be highly recommended that the
> coinbase maturity period on the sidechain to be longer than 288 (or
> whatever we decide on the parameter). This incentivizes the s:miners to
> work together to extend the chain by working with other s:miners (otherwise
> they won't be able to claim their bribes). If they do not work together
> they will not be able to spend their s:coinbase_tx outputs until they
> extend their own sidechain by 288 blocks meaning they need to tie up a
> large amount of capital to go rogue on their fork.
>
> Another interesting thing might be to use the OP_WITHDRAWPROOFVERIFY op
> code
> <https://github.com/ElementsProject/elements/blob/
> elements-0.14.1/src/script/interpreter.cpp#L1420>
> used in the elements project. Since the cannonical merkle root hashes are
> included in the mainchain, we can provide a merkle proof to the bitcoin
> blockchain to initiate a withdrawl from the sidechain. I wrote up a blog
> post on how OP_WPV works here
> <https://medium.com/@Chris_Stewart_5/what-can-go-wrong-
> when-transferring-coins-into-a-sidechain-with-op-withdrawproofverify-
> b2f49b02ab60>.
> This allows us to prove that a transaction occurred on the sidechain to
> lock up those funds.
>
> -Chris
> ?
> -------------- next part --------------
> An HTML attachment was scrubbed...
> URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/
> attachments/20170905/37b0bcbe/attachment-0001.html>
>
> ------------------------------
>
> Message: 6
> Date: Tue, 5 Sep 2017 20:09:19 +0200
> From: Thomas Voegtlin <thomasv@electrum.org>
> To: Luke Dashjr <luke@dashjr.org>,
> "bitcoin-dev@lists.linuxfoundation.org"
> <bitcoin-dev@lists.linuxfoundation.org>
> Subject: Re: [bitcoin-dev] Proposal: bip32 version bytes for segwit
> scripts
> Message-ID: <41fb5a09-a964-a81b-497e-70a930b6923c@electrum.org>
> Content-Type: text/plain; charset=utf-8
>
>
>
> On 05.09.2017 19:03, Luke Dashjr wrote:
>
> > It seems desirable to use the same seed for all different script
> formats...
>
> That does not seem desirable to everybody.
>
> If you want to guarantee that users will be able to recover all their
> funds from their mnemonic seed (and that is what they expect), then
> wallets must implement all script formats, even the ones that are
> deprecated. In addition, the list of script formats that must be
> supported is not defined in advance, but it keeps growing. This makes
> wallet implementation increasingly difficult. In the long run, seed
> portability is guaranteed to fail in such a system.
>
> > As you note, xpub\xprv are already being used for both P2PKH and P2SH. It
> > really doesn't make sense to differentiate segwit specifically.
>
> That's not a reason. The fact that xpub/xprv can be used for both P2PKH
> and P2SH has already resulted in users receiving coins on addresses they
> do not control.
>
>
> ------------------------------
>
> Message: 7
> Date: Tue, 5 Sep 2017 23:51:45 +0200
> From: Jorge Tim?n <jtimon@jtimon.cc>
> To: Bitcoin Dev <bitcoin-dev@lists.linuxfoundation.org>
> Subject: [bitcoin-dev] SF proposal: prohibit unspendable outputs with
> amount=0
> Message-ID:
> <CABm2gDojDQWMhw8wW1UkRGKtdbby2+6AFFZLPuRcUb7WF_u5qQ@mail.
> gmail.com>
> Content-Type: text/plain; charset="UTF-8"
>
> This is not a priority, not very important either.
> Right now it is possible to create 0-value outputs that are spendable
> and thus stay in the utxo (potentially forever). Requiring at least 1
> satoshi per output doesn't really do much against a spam attack to the
> utxo, but I think it would be slightly better than the current
> situation.
>
> Is there any reason or use case to keep allowing spendable outputs
> with null amounts in them?
>
> If not, I'm happy to create a BIP with its code, this should be simple.
>
>
> ------------------------------
>
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
>
> End of bitcoin-dev Digest, Vol 28, Issue 6
> ******************************************
>
--94eb2c0e9910e2fe9305587e81b3
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div>Hi Thomas,<br><div><br></div>Can you explain why P2WP=
KH nested in BIP16 P2SH require a different version than P2WPKH? It seems t=
o me both would would generate same bitcoin address in txout and hence woul=
d be in the same wallet account.<br></div><div><br></div><div>I am fine wit=
h your proposal too. Would be great if you can list all new versions includ=
ing testnet ones. I would prefer all testnet ones start with t (easier to i=
dentify) instead of having t,u,v <br></div><div><br></div><div>Thanks<br></=
div><div><br></div><div><br></div><div><div><div><div class=3D"gmail_extra"=
><br><div class=3D"gmail_quote">On Wed, Sep 6, 2017 at 3:21 AM, <span dir=
=3D"ltr"><<a href=3D"mailto:bitcoin-dev-request@lists.linuxfoundation.or=
g" target=3D"_blank">bitcoin-dev-request@lists.linuxfoundation.org</a>><=
/span> wrote:<br><blockquote class=3D"gmail_quote" style=3D"margin:0px 0px =
0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">Send bit=
coin-dev mailing list submissions to<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 <a href=3D"mailto:bitcoin-dev@lists.linuxfounda=
tion.org">bitcoin-dev@lists.<wbr>linuxfoundation.org</a><br>
<br>
To subscribe or unsubscribe via the World Wide Web, visit<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 <a href=3D"https://lists.linuxfoundation.org/ma=
ilman/listinfo/bitcoin-dev" rel=3D"noreferrer" target=3D"_blank">https://li=
sts.linuxfoundation.<wbr>org/mailman/listinfo/bitcoin-<wbr>dev</a><br>
or, via email, send a message with subject or body 'help' to<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 <a href=3D"mailto:bitcoin-dev-request@lists.lin=
uxfoundation.org">bitcoin-dev-request@lists.<wbr>linuxfoundation.org</a><br=
>
<br>
You can reach the person managing the list at<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 <a href=3D"mailto:bitcoin-dev-owner@lists.linux=
foundation.org">bitcoin-dev-owner@lists.<wbr>linuxfoundation.org</a><br>
<br>
When replying, please edit your Subject line so it is more specific<br>
than "Re: Contents of bitcoin-dev digest..."<br>
<br>
<br>
Today's Topics:<br>
<br>
=C2=A0 =C2=A01. Re: BIP49 Derivation scheme changes (Pavol Rusnak)<br>
=C2=A0 =C2=A02. Re: Proposal: bip32 version bytes for segwit scripts<br>
=C2=A0 =C2=A0 =C2=A0 (Pavol Rusnak)<br>
=C2=A0 =C2=A03. Re: BIP49 Derivation scheme changes (Thomas Voegtlin)<br>
=C2=A0 =C2=A04. Re: Proposal: bip32 version bytes for segwit scripts (Luke =
Dashjr)<br>
=C2=A0 =C2=A05. Re: Sidechain headers on mainchain (unification of<br>
=C2=A0 =C2=A0 =C2=A0 drivechains and spv proofs) (Chris Stewart)<br>
=C2=A0 =C2=A06. Re: Proposal: bip32 version bytes for segwit scripts<br>
=C2=A0 =C2=A0 =C2=A0 (Thomas Voegtlin)<br>
=C2=A0 =C2=A07. SF proposal: prohibit unspendable outputs with=C2=A0 =C2=A0=
amount=3D0<br>
=C2=A0 =C2=A0 =C2=A0 (Jorge Tim?n)<br>
<br>
<br>
------------------------------<wbr>------------------------------<wbr>-----=
-----<br>
<br>
Message: 1<br>
Date: Tue, 5 Sep 2017 17:41:37 +0200<br>
From: Pavol Rusnak <<a href=3D"mailto:stick@satoshilabs.com">stick@satos=
hilabs.com</a>><br>
To: shiva sitamraju <<a href=3D"mailto:shiva@blockonomics.co">shiva@bloc=
konomics.co</a>>,=C2=A0 =C2=A0 Bitcoin Protocol<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 Discussion <<a href=3D"mailto:bitcoin-dev@li=
sts.linuxfoundation.org">bitcoin-dev@lists.<wbr>linuxfoundation.org</a>>=
<br>
Subject: Re: [bitcoin-dev] BIP49 Derivation scheme changes<br>
Message-ID: <<a href=3D"mailto:9da64df3-c6a9-c232-c801-f379a6d65e44@sato=
shilabs.com">9da64df3-c6a9-c232-c801-<wbr>f379a6d65e44@satoshilabs.com</a>&=
gt;<br>
Content-Type: text/plain; charset=3Dwindows-1252<br>
<br>
On 05/09/17 09:10, shiva sitamraju via bitcoin-dev wrote:<br>
> 0x042393df ,=C2=A0 sxpr ,=C2=A0 =C2=A0segwit mainnet private key<br>
> 0x04239377 , sxpb , segwit mainnet public key<br>
> 0x04222463 , stpb ,=C2=A0 segwit testnet public key<br>
> 0x042224cc ,=C2=A0 stpr ,=C2=A0 segwit testnet private key<br>
<br>
I am fine with both your proposal and proposal from Thomas<br>
({x,y,z}{pub,prv}).<br>
<br>
Let's just decide ASAP which one we'll use.<br>
<br>
<br>
--<br>
Best Regards / S pozdravom,<br>
<br>
Pavol "stick" Rusnak<br>
CTO, SatoshiLabs<br>
<br>
<br>
------------------------------<br>
<br>
Message: 2<br>
Date: Tue, 5 Sep 2017 17:44:01 +0200<br>
From: Pavol Rusnak <<a href=3D"mailto:stick@satoshilabs.com">stick@satos=
hilabs.com</a>><br>
To: Thomas Voegtlin <<a href=3D"mailto:thomasv@electrum.org">thomasv@ele=
ctrum.org</a>>,=C2=A0 =C2=A0 =C2=A0Bitcoin Protocol<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 Discussion <<a href=3D"mailto:bitcoin-dev@li=
sts.linuxfoundation.org">bitcoin-dev@lists.<wbr>linuxfoundation.org</a>>=
<br>
Subject: Re: [bitcoin-dev] Proposal: bip32 version bytes for segwit<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 scripts<br>
Message-ID: <<a href=3D"mailto:198be73d-4676-45e9-6e3d-b89f73e31702@sato=
shilabs.com">198be73d-4676-45e9-6e3d-<wbr>b89f73e31702@satoshilabs.com</a>&=
gt;<br>
Content-Type: text/plain; charset=3Dwindows-1252<br>
<br>
On 05/09/17 12:25, Thomas Voegtlin via bitcoin-dev wrote:<br>
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D<wbr>=3D=3D=3D=3D=3D<br>
> Version=C2=A0 =C2=A0 Prefix=C2=A0 =C2=A0 =C2=A0 Description<br>
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D<wbr>=3D=3D=3D=3D=3D<br>
> 0x0488ade4 xprv=C2=A0 =C2=A0 =C2=A0 =C2=A0 P2PKH or P2SH<br>
> 0x0488b21e xpub=C2=A0 =C2=A0 =C2=A0 =C2=A0 P2PKH or P2SH<br>
> 0x049d7878 yprv=C2=A0 =C2=A0 =C2=A0 =C2=A0 (P2WPKH or P2WSH) nested in=
P2SH<br>
> 0x049d7cb2 ypub=C2=A0 =C2=A0 =C2=A0 =C2=A0 (P2WPKH or P2WSH) nested in=
P2SH<br>
> 0x04b2430c zprv=C2=A0 =C2=A0 =C2=A0 =C2=A0 P2WPKH or P2WSH<br>
> 0x04b24746 zpub=C2=A0 =C2=A0 =C2=A0 =C2=A0 P2WPKH or P2WSH<br>
> =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D =3D=
=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=3D=
=3D=3D=3D=3D<wbr>=3D=3D=3D=3D=3D<br>
> (source: <a href=3D"http://docs.electrum.org/en/latest/seedphrase.html=
" rel=3D"noreferrer" target=3D"_blank">http://docs.electrum.org/en/<wbr>lat=
est/seedphrase.html</a>)<br>
><br>
> I have heard the argument that xpub/xprv serialization is a format for=
<br>
> keys, and that it should not be used to encode how these keys are used=
.<br>
<br>
I used this argument for mnemonic/seed, not xpub/xprv. I am fine with<br>
this proposal of yours, so don't worry.<br>
<br>
--<br>
Best Regards / S pozdravom,<br>
<br>
Pavol "stick" Rusnak<br>
CTO, SatoshiLabs<br>
<br>
<br>
------------------------------<br>
<br>
Message: 3<br>
Date: Tue, 5 Sep 2017 18:33:00 +0200<br>
From: Thomas Voegtlin <<a href=3D"mailto:thomasv@electrum.org">thomasv@e=
lectrum.org</a>><br>
To: <a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org">bitcoin-dev@li=
sts.<wbr>linuxfoundation.org</a><br>
Subject: Re: [bitcoin-dev] BIP49 Derivation scheme changes<br>
Message-ID: <<a href=3D"mailto:28d57503-c2b3-7736-bfea-46506636d999@elec=
trum.org">28d57503-c2b3-7736-bfea-<wbr>46506636d999@electrum.org</a>><br=
>
Content-Type: text/plain; charset=3Dutf-8<br>
<br>
<br>
<br>
On 05.09.2017 09:10, shiva sitamraju via bitcoin-dev wrote:<br>
> Hi,<br>
><br>
> Thanks Thomas. The procedure described in<br>
> <a href=3D"http://docs.electrum.org/en/latest/seedphrase.html" rel=3D"=
noreferrer" target=3D"_blank">http://docs.electrum.org/en/<wbr>latest/seedp=
hrase.html</a> is really what I was<br>
> looking for ! I really don't see any point of following BIP49, If =
possible<br>
> it would be great if you can propose an alternative to BIP49 that foll=
ows<br>
> similar structure to what is used in electrum.<br>
><br>
> I have proposed following changes to BIP32 serialization format<br>
> <a href=3D"https://github.com/bitcoin/bips/blob/master/bip-0032.mediaw=
iki#serialization-format" rel=3D"noreferrer" target=3D"_blank">https://gith=
ub.com/bitcoin/<wbr>bips/blob/master/bip-0032.<wbr>mediawiki#serialization-=
format</a><br>
> to differentiate segwit xpub/xprv. Below the list of new version bytes=
,<br>
> resulting base58 prefix and network type:<br>
><br>
> 0x042393df ,=C2=A0 sxpr ,=C2=A0 =C2=A0segwit mainnet private key<br>
> 0x04239377 , sxpb , segwit mainnet public key<br>
> 0x04222463 , stpb ,=C2=A0 segwit testnet public key<br>
> 0x042224cc ,=C2=A0 stpr ,=C2=A0 segwit testnet private key<br>
><br>
<br>
I have proposed a similar idea, with letters z,y,z combined with pub/prv<br=
>
(see the electrum documentation page)<br>
<br>
The point is that we need 3 types of keys, not 2, because there are two<br>
types of segwit output scripts: native and nested in p2sh.<br>
<br>
We could use t,u,v for testnet.<br>
<br>
<br>
------------------------------<br>
<br>
Message: 4<br>
Date: Tue, 5 Sep 2017 13:03:39 -0400<br>
From: Luke Dashjr <<a href=3D"mailto:luke@dashjr.org">luke@dashjr.org</a=
>><br>
To: <a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org">bitcoin-dev@li=
sts.<wbr>linuxfoundation.org</a>,=C2=A0 =C2=A0 =C2=A0 Thomas Voegtlin<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 <<a href=3D"mailto:thomasv@electrum.org">tho=
masv@electrum.org</a>><br>
Subject: Re: [bitcoin-dev] Proposal: bip32 version bytes for segwit<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 scripts<br>
Message-ID: <<a href=3D"mailto:201709051303.43410.luke@dashjr.org">20170=
9051303.43410.luke@<wbr>dashjr.org</a>><br>
Content-Type: Text/Plain;=C2=A0 charset=3D"iso-8859-1"<br>
<br>
On Tuesday 05 September 2017 06:25:16 Thomas Voegtlin via bitcoin-dev wrote=
:<br>
> I have heard the argument that xpub/xprv serialization is a format for=
<br>
> keys, and that it should not be used to encode how these keys are used=
.<br>
> However, the very existence of version bytes, and the fact that they a=
re<br>
> used to signal whether keys will be used on testnet or mainnet goes<br=
>
> against that argument.<br>
><br>
> If we do not signal the script type in the version bytes, I believe<br=
>
> wallet developers are going to use dirtier tricks, such as the bip32<b=
r>
> child number field in combination with bip43/bip44/bip49.<br>
<br>
I think it makes more sense to use a child number field for this purpose.<b=
r>
It seems desirable to use the same seed for all different script formats...=
<br>
<br>
As you note, xpub\xprv are already being used for both P2PKH and P2SH. It<b=
r>
really doesn't make sense to differentiate segwit specifically.<br>
<br>
Luke<br>
<br>
<br>
------------------------------<br>
<br>
Message: 5<br>
Date: Tue, 5 Sep 2017 12:06:32 -0500<br>
From: Chris Stewart <<a href=3D"mailto:chris@suredbits.com">chris@suredb=
its.com</a>><br>
To: ZmnSCPxj <<a href=3D"mailto:ZmnSCPxj@protonmail.com">ZmnSCPxj@proton=
mail.com</a>>,=C2=A0 =C2=A0 =C2=A0 =C2=A0 =C2=A0Bitcoin Protocol Discuss=
ion<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 <<a href=3D"mailto:bitcoin-dev@lists.linuxfo=
undation.org">bitcoin-dev@lists.<wbr>linuxfoundation.org</a>><br>
Subject: Re: [bitcoin-dev] Sidechain headers on mainchain (unification<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 of drivechains and spv proofs)<br>
Message-ID:<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 <<a href=3D"mailto:CAGL6%2BmFHe_SfMea1oMZ3n-=
G3ey9yToAvTMTcfdxJ5qDD1dTXyQ@mail.gmail.com">CAGL6+mFHe_SfMea1oMZ3n-<wbr>G3=
ey9yToAvTMTcfdxJ5qDD1dTXyQ@<wbr>mail.gmail.com</a>><br>
Content-Type: text/plain; charset=3D"utf-8"<br>
<br>
Hi ZmnSCPxj,<br>
<br>
Basically, in case of a sidechain fork, the mainchain considers the longest=
<br>
> chain to be valid if it is longer by the SPV proof required length.=C2=
=A0 In the<br>
> above, at mainchain block 10, the sidechain H is now 4 blocks (H,G,F,E=
)<br>
> longer than the other sidechain fork that ended at d.<br>
><br>
> Mainchain nodes can validate this rule because the sidechain headers a=
re<br>
> embedded in the mainchain block's coinbase.=C2=A0 Thus, mainchain =
fullnodes can<br>
> validate this part of the sidechain rule of "longest work chain&q=
uot;.<br>
><br>
<br>
What happens in the case that the provided merkle tree hash has a invalid<b=
r>
transaction in it? Wouldn't this mean that the mainchain nodes would th=
ink<br>
the longest work chain is the valid chain, and it would kill off any<br>
consensus valid chain that sidechain miners are trying to construct? It<br>
seems that a malicious miner could extend the chain to whatever the SPV<br>
proof block height is and make it impossible for the chain to reorg after<b=
r>
that. I guess if that is a sufficiently long block waiting period it may<br=
>
not be a realistic concern, but something to think about any way.<br>
<br>
Just a side note -- I think it should be highly recommended that the<br>
coinbase maturity period on the sidechain to be longer than 288 (or<br>
whatever we decide on the parameter). This incentivizes the s:miners to<br>
work together to extend the chain by working with other s:miners (otherwise=
<br>
they won't be able to claim their bribes). If they do not work together=
<br>
they will not be able to spend their s:coinbase_tx outputs until they<br>
extend their own sidechain by 288 blocks meaning they need to tie up a<br>
large amount of capital to go rogue on their fork.<br>
<br>
Another interesting thing might be to use the OP_WITHDRAWPROOFVERIFY op cod=
e<br>
<<a href=3D"https://github.com/ElementsProject/elements/blob/elements-0.=
14.1/src/script/interpreter.cpp#L1420" rel=3D"noreferrer" target=3D"_blank"=
>https://github.com/<wbr>ElementsProject/elements/blob/<wbr>elements-0.14.1=
/src/script/<wbr>interpreter.cpp#L1420</a>><br>
used in the elements project. Since the cannonical merkle root hashes are<b=
r>
included in the mainchain, we can provide a merkle proof to the bitcoin<br>
blockchain to initiate a withdrawl from the sidechain. I wrote up a blog<br=
>
post on how OP_WPV works here<br>
<<a href=3D"https://medium.com/@Chris_Stewart_5/what-can-go-wrong-when-t=
ransferring-coins-into-a-sidechain-with-op-withdrawproofverify-b2f49b02ab60=
" rel=3D"noreferrer" target=3D"_blank">https://medium.com/@Chris_<wbr>Stewa=
rt_5/what-can-go-wrong-<wbr>when-transferring-coins-into-<wbr>a-sidechain-w=
ith-op-<wbr>withdrawproofverify-<wbr>b2f49b02ab60</a>>.<br>
This allows us to prove that a transaction occurred on the sidechain to<br>
lock up those funds.<br>
<br>
-Chris<br>
?<br>
-------------- next part --------------<br>
An HTML attachment was scrubbed...<br>
URL: <<a href=3D"http://lists.linuxfoundation.org/pipermail/bitcoin-dev/=
attachments/20170905/37b0bcbe/attachment-0001.html" rel=3D"noreferrer" targ=
et=3D"_blank">http://lists.linuxfoundation.<wbr>org/pipermail/bitcoin-dev/<=
wbr>attachments/20170905/37b0bcbe/<wbr>attachment-0001.html</a>><br>
<br>
------------------------------<br>
<br>
Message: 6<br>
Date: Tue, 5 Sep 2017 20:09:19 +0200<br>
From: Thomas Voegtlin <<a href=3D"mailto:thomasv@electrum.org">thomasv@e=
lectrum.org</a>><br>
To: Luke Dashjr <<a href=3D"mailto:luke@dashjr.org">luke@dashjr.org</a>&=
gt;,<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 "<a href=3D"mailto:bitcoin-dev@lists.linux=
foundation.org">bitcoin-dev@lists.<wbr>linuxfoundation.org</a>"<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 <<a href=3D"mailto:bitcoin-dev@lists.linuxfo=
undation.org">bitcoin-dev@lists.<wbr>linuxfoundation.org</a>><br>
Subject: Re: [bitcoin-dev] Proposal: bip32 version bytes for segwit<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 scripts<br>
Message-ID: <<a href=3D"mailto:41fb5a09-a964-a81b-497e-70a930b6923c@elec=
trum.org">41fb5a09-a964-a81b-497e-<wbr>70a930b6923c@electrum.org</a>><br=
>
Content-Type: text/plain; charset=3Dutf-8<br>
<br>
<br>
<br>
On 05.09.2017 19:03, Luke Dashjr wrote:<br>
<br>
> It seems desirable to use the same seed for all different script forma=
ts...<br>
<br>
That does not seem desirable to everybody.<br>
<br>
If you want to guarantee that users will be able to recover all their<br>
funds from their mnemonic seed (and that is what they expect), then<br>
wallets must implement all script formats, even the ones that are<br>
deprecated. In addition, the list of script formats that must be<br>
supported is not defined in advance, but it keeps growing. This makes<br>
wallet implementation increasingly difficult. In the long run, seed<br>
portability is guaranteed to fail in such a system.<br>
<br>
> As you note, xpub\xprv are already being used for both P2PKH and P2SH.=
It<br>
> really doesn't make sense to differentiate segwit specifically.<br=
>
<br>
That's not a reason. The fact that xpub/xprv can be used for both P2PKH=
<br>
and P2SH has already resulted in users receiving coins on addresses they<br=
>
do not control.<br>
<br>
<br>
------------------------------<br>
<br>
Message: 7<br>
Date: Tue, 5 Sep 2017 23:51:45 +0200<br>
From: Jorge Tim?n <jtimon@jtimon.cc><br>
To: Bitcoin Dev <<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org=
">bitcoin-dev@lists.<wbr>linuxfoundation.org</a>><br>
Subject: [bitcoin-dev] SF proposal: prohibit unspendable outputs with<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 amount=3D0<br>
Message-ID:<br>
=C2=A0 =C2=A0 =C2=A0 =C2=A0 <<a href=3D"mailto:CABm2gDojDQWMhw8wW1UkRGKt=
dbby2%2B6AFFZLPuRcUb7WF_u5qQ@mail.gmail.com">CABm2gDojDQWMhw8wW1UkRGKtdbby<=
wbr>2+6AFFZLPuRcUb7WF_u5qQ@mail.<wbr>gmail.com</a>><br>
Content-Type: text/plain; charset=3D"UTF-8"<br>
<br>
This is not a priority, not very important either.<br>
Right now it is possible to create 0-value outputs that are spendable<br>
and thus stay in the utxo (potentially forever). Requiring at least 1<br>
satoshi per output doesn't really do much against a spam attack to the<=
br>
utxo, but I think it would be slightly better than the current<br>
situation.<br>
<br>
Is there any reason or use case to keep allowing spendable outputs<br>
with null amounts in them?<br>
<br>
If not, I'm happy to create a BIP with its code, this should be simple.=
<br>
<br>
<br>
------------------------------<br>
<br>
______________________________<wbr>_________________<br>
bitcoin-dev mailing list<br>
<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org">bitcoin-dev@lists.=
<wbr>linuxfoundation.org</a><br>
<a href=3D"https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev" =
rel=3D"noreferrer" target=3D"_blank">https://lists.linuxfoundation.<wbr>org=
/mailman/listinfo/bitcoin-<wbr>dev</a><br>
<br>
<br>
End of bitcoin-dev Digest, Vol 28, Issue 6<br>
******************************<wbr>************<br>
</blockquote></div><br></div></div></div></div></div>
--94eb2c0e9910e2fe9305587e81b3--
|