Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Draft for Extra Data / HASH160 Support #1587

Open
wants to merge 2 commits into
base: master
Choose a base branch
from

Conversation

JeremyRubin
Copy link
Contributor

This adds support for 3 new modes to CTV:

20 Bytes HASH160
21 Bytes HASH160 + ExtraData
33 Bytes Sha256 + ExtraData

This allows LN Symmetry users to use less space and include extra data in any CSFS without enabling OP_CAT or Vectorized CSFS.

@jonatack
Copy link
Member

jonatack commented May 6, 2024

@JeremyRubin would you please add a link to the required mailing discussion (and would it make sense to append this information to the BIP119 draft instead)?

@murchandamus murchandamus added the PR Author action required Needs updates, has unaddressed review comments, or is otherwise waiting for PR author label May 9, 2024
@luke-jr luke-jr changed the title 119.2 Draft for Extra Data / HASH160 Support Draft for Extra Data / HASH160 Support May 10, 2024
@murchandamus
Copy link
Contributor

I would also be curious whether you intend this to be a separate BIP or whether it should be added to BIP-119.

@JeremyRubin
Copy link
Contributor Author

JeremyRubin commented May 14, 2024 via email

@reardencode
Copy link
Contributor

Thanks for the further prod to comment here.

I'm a big fan of the HASH160 support as it would be appropriate for many protocols.

I'm less of a fan of the concatenation with another stack item while performing CHECKTEMPLATEVERIFY. I could be blinded by my own work and that of @stevenroose in proposing extensions to BIP119 that would use that 33rd byte (in the case of TemplateKey, compatibly with this CVT-v2, but in the case of TXHASH, conflicting with it).

overheads.


==Detailed Specification==
Copy link
Contributor

@ProofOfKeags ProofOfKeags May 22, 2024

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

One of the things I'm having trouble following here is precisely why this extra byte allows for Extra Data to be committed to. As far as I can tell the extra byte ensures that there are at least two stack elements but doesn't actually verify what the first stack element is.

I assume that CTV's natural semantics already result in committing to the contents of that second stack element but the mechanism is not obvious to me.

Copy link
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

this equation might help:

Sha256(CTVHASH(TX) || sha256(stack[-2])) == stack[-1][0:32]

more or less, check that the 32 bytes on the back of the stack match if you took the CTV hash and hashed it with some extra data.

The point is to enable signing stack[-1][0:32] with CSFS, which then also covers the extra data, allowing you to stuff arbitrary extra data into the witness.

Copy link
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Ah yes now I see it. I got lost in the noise and didn't see the -2 at the end here.

I get it now. Thanks for explaining!

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
New BIP PR Author action required Needs updates, has unaddressed review comments, or is otherwise waiting for PR author
Projects
None yet
Development

Successfully merging this pull request may close these issues.

6 participants