Be more explicit about ext_flag values in BIP118 #1335
Closed
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
I find it difficult to reason about as-written, even if implicitly it may be correct.
ajtowns
reviewed
Jun 24, 2022
| @@ -82,7 +82,7 @@ We define the following constants using bits 6 and 7 of <code>hash_type</code>: | |||
| * <code>SIGHASH_ANYPREVOUT = 0x40</code> | |||
| * <code>SIGHASH_ANYPREVOUTANYSCRIPT = 0xc0</code> | |||
|
|
|||
| As per [[bip-0341.mediawiki|BIP 341]], the parameter ''ext_flag'' is an integer in the range 0-127, used for indicating that extensions are added at the end of the message. The parameter ''key_version'' is an 8-bit unsigned value (an integer in the range 0-255) used for committing to the public key version. | |||
| As per [[bip-0341.mediawiki|BIP 341]], the parameter ''ext_flag'' is an integer in the range 0-127, used for indicating that extensions are added at the end of the message, with the value of ''0'' indicating no extension, and ''1'' indicating the presence of ''SigExt118(hash_type,key_version)''. The parameter ''key_version'' is an 8-bit unsigned value (an integer in the range 0-255) used for committing to the public key version. | |||
There was a problem hiding this comment.
What it's intending to describe is:
- BIP 341's
SigMsgbehaviour is covered bySigMsg(h,0) = SigMsg118((h & ~0x40), 0) - BIP 342's is covered by
SigMsg(h, 1) = SigMsg118((h & ~0x40), 1)andext = SigExt118(h, 0) - BIP 118 introduces new behaviour for
SigMsg118((h | 0x40), 1)andSigExt118(h, 1)
But maybe it would be better to change it entirely, and describe it more like:
- If
sigis not 64 or 65 bytes, fail. - If
sigis 64 bytes:hash_type = 0sig_data = sig
- If
sigis 65 bytes:hash_type = sig[64]. Ifhash_type == 0, fail.sig_data = sig[0:64]
- Return
Verify(p, hash<sub>TapSigHash</sub>(0x00 || msg_and_ext, sig_data)whereVerifyis as defined in BIP 340, and wheremsg_and_extis defined as:- If
hash_type & 0x40 = 0,msg = SigMsg(hash_type, 1)per BIP341. - If
hash_type & 0x40 != 0,msg = SigMsg118(hash_type)as "above". msg_and_ext = msg || Ext118(hash_type)as "above".
- If
Then the definition of SigMsg118 only needs to deal with ANYPREVOUT signatures, and Ext118 can hard code key version 0x01.
Mertz22
approved these changes
Jun 30, 2022
|
#1367 was merged, so I guess this can be closed? |
|
Yes
…On Fri, Oct 7, 2022, 4:39 AM Anthony Towns ***@***.***> wrote:
#1367 <#1367> was merged, so I guess
this can be closed?
—
Reply to this email directly, view it on GitHub
<#1335 (comment)>, or
unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABMAFUYOFHNOJZTF5L6E2ETWB7OVTANCNFSM5ZQS3W5A>
.
You are receiving this because you authored the thread.Message ID:
***@***.***>
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
I find it difficult to reason about as-written, even if implicitly it may be correct.
cc @ajtowns