Unified partial signature format #10674

issue sipa opened this issue on June 27, 2017
  1. sipa commented at 1:26 AM on June 27, 2017: member

    The current createrawtransaction + fundrawtransaction + signrawtransaction workflow is complicated by the fact that there is some information that needs to be passed out of band:

    • Signing requires access to the outputs being spent to know the scriptPubKey (and amount in BIP143).
    • For P2SH inputs, the signer must know the redeemscript
    • For P2WSH inputs, the signer must know the witness program

    These are currently handled transparently by the fact that signrawtransaction has access to the wallet transactions, scripts, and node UTXO set. However, third party signers do not necessarily have access to this information.

    Given that it is known in advance what signers will need when the unsigned transaction is constructed, I wonder if the easiest approach isn't creating a more generic partial transaction format that can store multiple extra records for each input (which don't go into the final transaction):

    • For non-witness transactions, the full previous transaction being spent from (so the fee can be computed trustlessly) should be included.
    • For witness transactions, the UTXO being spent.
    • The redeemscript and witness scripts for P2SH/P2WSH respectively.
    • Partial signatures for OP_CHECKMULTISIG (instead of hacking those inside the scriptSig before it's complete)

    This would also simplify extending to more complicated script types in the future.

  2. dcousens commented at 2:08 AM on June 27, 2017: contributor

    Wouldn't this be a BIP? (on the basis that https://github.com/bitcoin/bitcoin has set the standard so far for partial signatures)

  3. sipa commented at 2:11 AM on June 27, 2017: member

    @dcousens Once completed, I'd say yes. But here I'm just asking for some brainstorming about the approach.

  4. achow101 commented at 2:15 AM on June 27, 2017: member

    Why would the full previous transaction being spent from required for non-witness transactions? Isn't just the UTXO enough?

  5. sipa commented at 2:17 AM on June 27, 2017: member

    @achow101 The transaction creator could lie about the UTXO amount, resulting in you signing over a huge amount of money into fees. You need the full transaction to know that the fee is what is claimed. This is the reason why hardware wallets require seeing the full transactions being spent from.

    In BIP143 that is no longer necessary, as the full UTXO being spent is included in the sighash. If you lie about UTXO amount, the signature won't be valid.

  6. laanwj added the label RPC/REST/ZMQ on Jun 28, 2017
  7. laanwj added the label Brainstorming on Jun 28, 2017
  8. achow101 commented at 9:39 PM on March 18, 2019: member

    This can be closed as BIP 174 does this.

  9. MarcoFalke closed this on Mar 19, 2019
  10. MarcoFalke locked this on Dec 16, 2021
Contributors
sipadcousensachow101
Labels
BrainstormingRPC/REST/ZMQ
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bitcoin. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-04-13 15:15 UTC
This site is hosted by @0xB10C
More mirrored repositories can be found on mirror.b10c.me