1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
|
Return-Path: <pieter.wuille@gmail.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id 84887723
for <bitcoin-dev@lists.linuxfoundation.org>;
Mon, 19 Aug 2019 23:17:34 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-ot1-f52.google.com (mail-ot1-f52.google.com
[209.85.210.52])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 495DC89B
for <bitcoin-dev@lists.linuxfoundation.org>;
Mon, 19 Aug 2019 23:17:33 +0000 (UTC)
Received: by mail-ot1-f52.google.com with SMTP id q20so3319166otl.0
for <bitcoin-dev@lists.linuxfoundation.org>;
Mon, 19 Aug 2019 16:17:33 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
h=mime-version:from:date:message-id:subject:to;
bh=UY4EqY/J35yBKOUTmb/bIbeQXWP//RtuO1/HZg1RERo=;
b=IgqQp/SXaG19p0lexCzCC+rbvBy+BW5avtK4ctLMFO+BkjvNlpVCIO2PHHgy0HtJdn
4h5MffTTqg+gsi53sOPFOyk0Euj5BT51HAMo9zOUYHkS0YjGOPMCc/TU4uw/FlCxKV1o
pwmqgDv+e92ZCLYkOFjqzdGjmInGkBJ6uwzr6ANkuTKwTXiD7h1i2+QmqSA4TmU8Z5Lv
+oVmfgoGeTmkFgWpUnxC6SNxMhOXeebkkbfRKKnsXd/HeJxLmLAK2AFYQtEk+81VzPjp
atIPD93+xYY1RAVClzX28PdtwnHs8LVVLKp0PuqrOm3AkRCL+dFk/x8x1s2+W/xBrv9l
LSgA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:mime-version:from:date:message-id:subject:to;
bh=UY4EqY/J35yBKOUTmb/bIbeQXWP//RtuO1/HZg1RERo=;
b=ON9EHPzSTcDxLMYczT2LWgX+RQfBUGfVfLexQP4faGL4hG8MXASZwO3qKS8W8shyFM
cEQd/HFVDPD39tWtplzJv/m9WbnxoskGZY0yh0j/cmk40zaASBSWC+YF24S3xu3T0r0B
y/okHSGxgyOu+P8M9seCbGjFEM0ZmyEwcD6v0/e+iN4YouMSbx4SGviAVI3jBuxmrlB6
/gblZuaBmxDp81qiZ25jUah0Ig8YgS1AyzOSnRzu+1yBwvVmo/ylZbrSlBogzGSbsZtq
kpltCs0u5KjjpYALt6ILVL3r7vhLXNuUc7QQkZDhBxDKAfBiwhrlpIhjpJaHIdWI6eAc
NU/w==
X-Gm-Message-State: APjAAAVwy3bhhZaxC2/xpp2zEqAmqeZGVz3Zn48rL9JE5kSNOMr9Z9a8
d6MuRmuvEtvRMT50FO9TM9XfR4hOlx3D2CoVrpqWqmrcVyU=
X-Google-Smtp-Source: APXvYqzg5O7eFLVN6IEb6os1ztpYxZ1KaDYEnjmMja0lbP2kl3uKuzD4EqwlcRk3YgZG/1eY3IHAj/xmRcwu5MvQh+Q=
X-Received: by 2002:a9d:7dc6:: with SMTP id k6mr18461861otn.99.1566256652222;
Mon, 19 Aug 2019 16:17:32 -0700 (PDT)
MIME-Version: 1.0
From: Pieter Wuille <pieter.wuille@gmail.com>
Date: Mon, 19 Aug 2019 16:17:21 -0700
Message-ID: <CAPg+sBiknRwBc8RV62wtuRVYi6wE1HNw6_ePquYVMWvjwp46bg@mail.gmail.com>
To: Bitcoin Dev <bitcoin-dev@lists.linuxfoundation.org>
Content-Type: text/plain; charset="UTF-8"
X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM,
RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
Subject: [bitcoin-dev] Miniscript
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Mon, 19 Aug 2019 23:17:34 -0000
Hi all,
Miniscript is a project we've been working on for the past year or so,
and is now at a stage where I'd like to get it some more attention. It is joint
work with Andrew Poelstra and Sanket Sanjalkar.
It's a language for writing (a subset of) Bitcoin Scripts in a structured way,
enabling analysis, composition, generic signing and more.
For example the script
<A> OP_CHECKSIG OP_IFDUP OP_NOTIF OP_DUP OP_HASH160 <hash160(B)>
OP_EQUALVERIFY OP_CHECKSIGVERIFY <144> OP_CSV OP_ENDIF
in Miniscript notation would be
or_d(c:pk(A),and_v(vc:pk_h(B),older(144)))
making it human (engineer?) readable that this is a script that permits A to
take the coins at any time, and B after 1 day. A full description of the
language can be found on the project website http://bitcoin.sipa.be/miniscript
Using Miniscript it's possible to:
* Write descriptors for addresses for scripts that implement things more
complicated than multisig.
* Make software that can deal with composition of policies (e.g. have funds
in a 2-of-3 setup where one of the 3 "keys" is itself a policy that involves
perhaps multiple devices and timeouts).
* Compile complex spending policies to efficient scripts.
* Figure out under what necessary and/or sufficient conditions a script can be
satisfied.
* Given signatures for a sufficient set of keys (and hash preimages, if needed),
generically construct a witness for arbitrary scripts, without metadata
apart from the script itself and public keys appearing in it. This means
generic PSBT signers are possible for this class of scripts.
* Compute the bounds on the size of a witness for arbitrary scripts.
* Perform static analysis to see if any of Script's resource limitations
(ops limit, stack size, ...) might interfere with the ability to spend.
* Who knows what else...
We have two implementations:
* a C++ one (https://github.com/sipa/miniscript)
* a Rust library (https://github.com/apoelstra/rust-miniscript).
The implementations are a work in progress, but through large scale randomized
tests we have confidence that the language design and associated witnesses are
compatible with the existing consensus and standardness rules.
To be clear: Miniscript is designed for Bitcoin as it exists today (primarily
P2WSH), and does not need any consensus changes. That said, we plan to extend
the design to support future script changes Bitcoin may include.
Cheers,
--
Pieter
|
