Segwit
Bitcoin scalability Bitcoin transactions
native segwit = bech32 BIP84 ?
nested segwit = P2SH で対応 BIP141
Resources
BIP 148: Mandatory activation of segwit deployment #501
Segwit support: https://en.bitcoin.it/wiki/Segwit_support
What is Segregated Witness?: http://learnmeabitcoin.com/faq/segregated-witness
BR029 - SegWit, Taproot, Schnoor, Inscriptions & Witness Discount ft. Andrew Poelstra & Adam Gibson — Bitcoin.Review Podcast with NVK & Guests — Overcast
bitcoinbook/ch07.asciidoc at develop · bitcoinbook/bitcoinbook
ビットコインで有効化された「SegWit」を技術的に理解する | ビットバンク マーケット情報
I Looked Into SegWit, and Here's What I Saw — Steemit
https://overcast.fm/+6ncSye7Is
Overview
To fix Transaction Malleability
quodratic hashing みたいなやつ
BIP141 txid, witness program
Fixes
Transaction malleability
署名が tx id に影響しなくなる
witness が新しく定義され、従来の scriptSig の代わりになる
BIP142 address について
BIP143 署名について
BIP173 bech32
P2WPKHを使うトランザクションの作成と署名
Segwitのアドレスフォーマット(BIP-142)
Bitcoin Core :: Segregated Witness Wallet Development Guide
#p2wpkh
version byte + witness program
p2wpkh は witness program は必ず 20byte で HASH160(pubkey)
scriptPubkey に version byte + witness program
0204_Segwitの特徴と利用.pdf
script code
For P2WPKH witness program, the scriptCode is 0x1976a914{20-byte-pubkey-hash}88ac.
https://github.com/bitcoin/bips/blob/master/bip-0143.mediawiki
spend p2wpkh
script witness
sginature + pubkey
#p2wsh
txid
bip141
witness program
要はいままでのscriptPubkey
1 byteのスクリプトサイズと、それにつづくwitness program
p2wpkhの場合20 byte(HASH160 of public key)
p2wpkhの場合32 byte
segwit宛 transaction
bitcoin-cliではp2shでネストしたp2wpkhしかつくれないよう
bech32アドレスregtestでのプレフィックスはbcrt/ https://github.com/bitcoin/bitcoin/issues/12314
0 + <20 byte pubkey hash> = 0x0014<hash> => script pubkey なのでこれに当てて送る
=> 0da72a28d28296500b1e3d7207f194c76908ebce4e8e6e77fbf1631eb80d7c76
署名対象(これをダブルsha256) => これをhashしたものがsig_hash?
1. nVersion of the transaction (4-byte little endian)
2. hashPrevouts (32-byte hash) / すべてのprev outpointをシリアライズして、dsha256/ e.g.
3. hashSequence (32-byte hash) / sha256 of all sequence / e.g.
4. outpoint (32-byte hash + 4-byte little endian) 通常と同じ
5. scriptCode of the input (serialized as scripts inside CTxOuts)
prev txのwitness programをp2wpkかp2wshかに応じて当てはめる
6. value of the output spent by this input (8-byte little endian) 前outputの量と同じ
7. nSequence of the input (4-byte little endian)
8. hashOutputs (32-byte hash) => outputsに使われる額を含む。これは6のamountとは違う
9. nLocktime of the transaction (4-byte little endian)
10. sighash type of the signature (4-byte little endian)
compressed pubkyeからp2wpkhをつくる/ mastering bitcoin
p2wpkhへの送金はp2pkhとおなじ? => 違う
p2wsh
code:valid transaction
01000000013bf0363b7e11bca907df0a8e2940c932c863ca6890fd698c30ad3dffa3ab7469010000006a47304402205e391148574b9cb7070ab0049cb5265cf03d6540923b3963a21ebc8e35407a3c022006d709285a98742b028117b722e91ca94c4b8acef1853f22e156f434764dda83012102b6590ab11b9b21a1e6d33f69d1fe92e368d42f52c70723123e31a1b086af63b9ffffffff0160d7ceb200000000220020b92b345181c998a74a09f9ed19ea0b05a61321a3c08ab9344340b9db4c3dcdd900000000
redeem sript: 522103c8e58fda1e410b1c5ebd7175f61d1edcf97bae36abe454ae48dd6a161131af8e2102b1673cbe8329e8d17170d02a31fe37258707a6939206654650e6d24265c6d70c21034487d8471645681abaaa03ed0625596831a699efdbdb5292791f355b96d5cd2153ae
ToCheck
Censorship
Without SF
LN without SW
All segwit transactions can be spent by anybody with no proof of authorization
All segwit transactions can be spent by anybody with no proof of authorization: https://www.reddit.com/r/Bitcoin/comments/6r6910/all_segwit_transactions_can_be_spent_by_anybody/
If SegWit is an anyone can spend input. Does that mean funds stored are vulnerable to a malicious soft fork?: https://www.reddit.com/r/Bitcoin/comments/58tf16/if_segwit_is_an_anyone_can_spend_input_does_that/
https://www.reddit.com/r/Bitcoin/comments/6r6910/all_segwit_transactions_can_be_spent_by_anybody/dl2o8fw/
https://www.reddit.com/r/btc/comments/6oxesh/segwit_would_make_it_harder_for_you_to_prove_you/
risk of segwit: https://nchain.com/en/blog/risks-of-segregated-witness-mining-cartels/
盗む=HF
全てのコインはジョナサンの秘密鍵で送れる」という新しいルールもハードフォークです。: https://twitter.com/23pluton/status/923396591590940672
Good Points
New type of node: https://www.reddit.com/r/btc/comments/50d3zv/please_eli10_segwit/d736od5/
The Segwit Benefits document has this to say about P2SH security for base transactions: https://bitcoin.stackexchange.com/questions/54841/birthday-attack-on-p2sh/54844
FIrst, Block size was 32MB
Let's Talk Bitcoin! ep.217 The Bitcoin Block Size Discussion: https://www.youtube.com/watch?v=KYWhShzzELg
To prevent attack that cause taking much time to valify block because of huge block size
Block weight
Block weight: https://en.bitcoin.it/wiki/Block_weight
Understanding Segwit Block Size: https://medium.com/@jimmysong/understanding-segwit-block-size-fd901b87c9d4
How many more transactions can fit in a 1mb segwit vs. 4mb non Segwit blocks?: https://www.reddit.com/r/Bitcoin/comments/6rlojb/how_many_more_transactions_fit_in_a_1mb_sw_block/
Finally a real chance for the Core team and miners to build some trust: https://www.reddit.com/r/Bitcoin/comments/6i6e20/finally_a_real_chance_for_the_core_team_and/
https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki#Block_siz
Segwitのblock weightは4MB
取引データのうち署名部分が大きくなればなるほど、4MBに近づく。
現在の平均取引だと2.xMBほどになるらしい
SegWit では Block size limit を 4,000,000 wight にする
block に non-segwit しか入っていない場合は、今までと同じ 1MB と変わらない
なぜなら weight の定義は以下
(tx size with witness data stripped) * 3 + (tx size)
block weight = Base size(Total minus witness) * 3 + Total size
tx size *4
fee
Fee calculation in LN
レガシーノードはwitnessデータは受けとらない。
Segwit2Xは8MB??: https://www.reddit.com/r/Bitcoin/comments/6i6e20/finally_a_real_chance_for_the_core_team_and/
Segwitで送ったBitcoinとNon SegwitのBitcoinはセキュリティが異なり価値が異なってしまうのでは?