{"type":"rich","version":"1.0","title":"Achow101 [ARCHIVE] wrote","author_name":"Achow101 [ARCHIVE] (npub1wh…d26cj)","author_url":"https://yabu.me/npub1wh7lmdsh2r0ygnp39pk7k5a7mll5x5w44pwn6ekvdvmwjhazr5rqxd26cj","provider_name":"njump","provider_url":"https://yabu.me","html":"📅 Original date posted:2018-06-22\n📝 Original message:Hi all,\n\nAfter reading the comments here about BIP 174, I would like to propose the following changes:\n\n- Moving redeemScripts, witnessScripts, and BIP 32 derivation paths to per-input and per-output data\n\nI think that by moving these three fields into input and output specific maps, the format will be\neasier to read and simpler for signers to parse. Instead of having to be able to parse entire\nscripts and extract pubkeys, the signer can simply look at which pubkeys are provided in the inputs\nand sign the input based upon the presence of a pubkey for which the signer has a privkey.\n\nA neat trick that fits well with this model is that a plain pubkey (one that is not part of a BIP 32\nderivation) can still be put in a BIP 32 derivation path field where the value is just the fingerprint\nof the pubkey itself. This would indicate that no derivation needs to be done from the master key, and\nthe master key is just the specified key itself.\n\nAdditionally, by having the redeemScript and witnessScript readily available in the input, signers\ndo not need to construct a map to find a redeemScript or witnessScript and can instead just look\ndirectly in the input data. There is also no need to include the hashes of these scripts, so the key\nis just the type. This also allows us to enforce the requirement for only one redeemScript and one\nwitnessScript per input easily by continuing to follow the generic rule of unique keys.\n\nBy using input specific and output specific fields, there is no need for the input index and the input\ncount types as all inputs will be accounted for.\n\n- Finalized scriptSig and scriptWitness fields\n\nTo determine whether two PSBTs are the same, we can compare the unsigned transaction. To ensure that the\nunsigned transactions are the same for two PSBTs with data for the same tx, we cannot put scriptSigs or\nscriptWitnesses into it. Thus for each input, two new fields have been added to store the finalized scriptSig\nand finalized scriptWitness.\n\n- Mandatory sighash\n\nThe sighash type field will be changed from a recommendation to a requirement. Signatures will need to \nuse the specified sighash type for that input. If a Signer cannot sign for a particular sighash type, it\nmust not add a partial signature.\n\n- Encoding\n\nI have decided that PSBTs should either be in binary or encoded as a Base64 string. For the latter, several\nBitcoin clients already support Base64 encoding of data (for signed messages) so this will not add any extra\ndependencies like Z85 would.\n\n\nA draft of the revised BIP can be found here: https://github.com/achow101/bips/blob/bip174-rev/bip-0174.mediawiki\nIf these changes are satisfactory, I will open a PR to the BIPs repo to update the BIP tomorrow. I will also\ncreate test vectors and update the implementation PR'ed to Core.\n\nAndrew"}