BIP323: 24 nVersion bits for general purpose use#2116
Merged
Conversation
murchandamus
reviewed
Mar 5, 2026
murchandamus
added
New BIP
PR Author action required
Contributor
Author
|
Addressed feedback. |
TheBlueMatt
force-pushed
the
2026-02-more-bits
branch
from
7a68443 to
c2f8667
Compare
murchandamus
removed
the
PR Author action required
murchandamus
reviewed
Apr 6, 2026
Member
murchandamus
left a comment
murchandamus
left a comment
There was a problem hiding this comment.
Concept ACK
Just got that one outstanding comment that should be incorporated.
| Non-upgraded nodes will interpret the reserved bits of this proposal as signals for soft forks, and | ||
| may additionally activate the warning system for unknown soft forks. | ||
|
|
||
| At the time of writing no known soft forks are pending using any of 24 bits reserved in this BIP, |
Member
There was a problem hiding this comment.
I saw AJ point out that there was a CTV deployment attempt that uses bit 5. I don’t think knowledge of that is widespread, but that should probably be addressed in the backwards compatibility section here.
Member
There was a problem hiding this comment.
I don't think it makes sense to include a troll deployment in the backwards compatibility section of a serious BIP. As far as i know the activation parameters have not even been specified in a BIP in the first place.
Contributor
Author
There was a problem hiding this comment.
Still, the wording as it was phrased was at least technically inaccurate. I updated the phrasing to say that no soft forks "which are being actively signaled for" are using these bits. Which I believe is true, the CTV deployment attempt is not being signaled for.
murchandamus
changed the title
3 tasks
|
ACK from Sv2 contributor here Sv2 introduces the notion of Header-only Mining (HOM) via Standard Channels, which freezes the HOM incurs in a few benefits for mining operations, namely:
in other words with HOM:
and these can become meaningful optimizations when applied at scale. the main challenge however, is the fact that currently, HOM is limited to a 280 TH/s ceiling (assuming
and the mining industry is already surpassing this limit on state-of-the-art devices that would relegate Sv2 Standard Channels to a second tier, throwing away the potential optimizations that HOM can bring when applied at scale on mining farms therefore, lifting the number of rollabe |
Member
murchandamus
left a comment
murchandamus
left a comment
There was a problem hiding this comment.
Thanks for the update, LGTM
TheBlueMatt
force-pushed
the
2026-02-more-bits
branch
from
573ea84 to
70253d2
Compare
Contributor
Author
|
Squashed without further changes. |
jonatack
reviewed
Apr 21, 2026
jonatack
reviewed
Apr 21, 2026
jonatack
reviewed
Apr 21, 2026
murchandamus
changed the title
Member
|
Let’s call this BIP323! You know the drill: could you please rename the file, update the preamble, add a README table entry, and put the number in the Proposed-Replacement header of BIP320? |
murchandamus
added
the
PR Author action required
TheBlueMatt
force-pushed
the
2026-02-more-bits
branch
from
70253d2 to
042f96c
Compare
TheBlueMatt
force-pushed
the
2026-02-more-bits
branch
from
042f96c to
09c6179
Compare
Contributor
Author
|
Addressed feedback. |
murchandamus
removed
the
PR Author action required
Member
murchandamus
left a comment
murchandamus
left a comment
There was a problem hiding this comment.
Gave this another read. LGTM. @TheBlueMatt: Unless you’re waiting for something or have more planned work, I propose that this can be published later this week. WDYT?
Contributor
Author
|
I see no reason to hold this up on anything else. I believe @darosior was planning to "update" Bitcoin Core (which AFAIU just means changing some logging and RPC warnings). |
Contributor
This is bitcoin/bitcoin#34779 |
Rose2161
pushed a commit
to Rose2161/bips
that referenced
this pull request
May 20, 2026
* Update bip-0116.mediawiki * bip54: clarify sigops counting, borrow bip16 language * bip-0054: update forward compat section with Bitcoin Core v30 The BIP 54 sigops limit was made a standardness rules in Bitcoin Core 30.0. * bip-0054: correct link typo in test vectors README * BIP53: Clarify wording around implementation complexity Co-authored-by: Chris Stewart <stewart.chris1234@gmail.com> * BIP53: Use different notation for txids and tx-bytes * BIP-390: allow musig() under rawtr() * Add BIP433 Pay to Anchor (P2A) * bip-373: Fix GLOBAL_XPUB key name and clean up compressed vs x-only note (bitcoin#2007) * bip-373: Fix GLOBAL_XPUB key name and clean up compressed vs x-only note * add requires * Revert "BIP3: add guidance on originality, quality, LLMs" This reverts commit d083ce5. * bip3: Broaden reference implementation formats Based on Luke Dashjr’s b46e819 * bip3: Clarify editor assignment of BIP numbers Adopted from: https://github.com/bitcoin/bips/pull/2037/commits/a399d0791d173510badd3cbf954be547c3d347e4k Co-authored-by: luke+github_public@dashjr.org * bip3: Avoid implying BIP editors must reply to every ML post Co-authored-by: Luke Dashjr <luke-jr+git@utopios.org> * bip3: Clarify that draft needs to be discussed on ML * bip-0003: Move Type header responsibility to the author(s) * bip-0003: Changes from BIP 2: Make it match actual spec * bip3: Fix capitalization and drop footnote * bip3: Avoid onus * bip3: Add and backfill Changelog section The Version header is omitted at this time, as it is not permitted under BIP 2. * bip3: Require technical soundness Co-authored-by: jon@atack.com * bip3: Do not waste community’s time Co-authored-by: jon@atack.com * bip-325: document signet minimum difficulty This was implicit in the genesis block's nbits value, but better to be clearer. * Update gentestvectors.go * BIP-322: fix proof-of-funds inputs wording * BIP93: terminology, typo, and phrasing fixups (bitcoin#2052) * Change master seed to secret in most places, ''t'' to ''k'' and other term fixes * Replace deleted linebreak, delete vestigal oxford commas * errors->random errors, fix newlines, vector5: secret seed->codex32 secret reduced the heading level of checksum and error correction to make the table of contents easier to parse. Moved Master seed Encoding to be below Unshared Secret. * BIP93: change codex32 characters to bech32 characters * Fix hrp length off by 1 bug. Refactor validity condition to read easier. * BIP-337: fix incorrect reference in Input Data Outpoint row (bitcoin#2053) * BIP-337: fix incorrect reference in Input Data Outpoint row * Fix typo in BIP 337 * BIP-310: fix version-rolling.min-bit-count parameter spec * CI: commit README.mediawiki delta from script to git (bitcoin#2063) Use a hardcoded delta rather than requiring the delta to never change, so that it can be changed deliberately when desired without breaking CI. Also avoids the need to checkout the previous commit, so no longer changes the repository state. * BIP-327: correct DeterministicSign pubnonce and key length (bitcoin#2071) Co-authored-by: lisenokdonbassenok <lisdonbassa@gmail.com> * process: Activate BIP3, close BIP2 * process: Update README to match BIP3 * process: Clarify handling of controversial BIPs It is preferable to close PRs over having them stuck in controversy limbo indefinitely. * process: Proposed ↦ Complete Amend CI script to new statuses and update existing status field values in table and BIPs. ``` sed -z -i 's/Status: Proposed/Status: Complete/' bip-0*.md sed -z -i 's/Status: Proposed/Status: Complete/' bip-0*.mediawiki sed -i 's/| Proposed/| Complete/' README.mediawiki ``` * process: Final/Active ↦ Deployed ``` sed -z -i 's/Status: Active/Status: Deployed/' bip-0*.md sed -z -i 's/Status: Active/Status: Deployed/' bip-0*.mediawiki sed -z -i 's/Status: Final/Status: Deployed/' bip-0*.md sed -z -i 's/Status: Final/Status: Deployed/' bip-0*.mediawiki sed -i 's/| Active/| Deployed/' README.mediawiki sed -i 's/| Final/| Deployed/' README.mediawiki ``` * process: Deferred/Obsolete/Rejected/Replaced/Withdrawn ↦ Closed ``` sed -z -i 's/Status: Deferred/Status: Closed/' bip-0*.md sed -z -i 's/Status: Deferred/Status: Closed/' bip-0*.mediawiki sed -z -i 's/Status: Obsolete/Status: Closed/' bip-0*.md sed -z -i 's/Status: Obsolete/Status: Closed/' bip-0*.mediawiki sed -z -i 's/Status: Rejected/Status: Closed/' bip-0*.md sed -z -i 's/Status: Rejected/Status: Closed/' bip-0*.mediawiki sed -z -i 's/Status: Replaced/Status: Closed/' bip-0*.md sed -z -i 's/Status: Replaced/Status: Closed/' bip-0*.mediawiki sed -z -i 's/Status: Withdrawn/Status: Closed/' bip-0*.md sed -z -i 's/Status: Withdrawn/Status: Closed/' bip-0*.mediawiki ``` ``` sed -i 's/| Deferred/| Closed/' README.mediawiki sed -i 's/| Obsolete/| Closed/' README.mediawiki sed -i 's/| Rejected/| Closed/' README.mediawiki sed -i 's/| Replaced/| Closed/' README.mediawiki sed -i 's/| Withdrawn/| Closed/' README.mediawiki ``` * process: Superseded-By ↦ Proposed-Replacement sed -z -i 's/Superseded-By: /Proposed-Replacement: /' bip-0*.md sed -z -i 's/Superseded-By: /Proposed-Replacement: /' bip-0*.mediawiki * process: Standards Track ↦ Specification ``` sed -z -i 's/Type: Standards Track/Type: Specification/' bip-0*.md sed -z -i 's/Type: Standards Track/Type: Specification/' bip-0*.mediawiki ``` After the scripted changes, the changes to BIP-40, BIP-41, and BIP-63 were undone, because it breaks CI. These three BIPs only exist conceptually and their proposal documents are missing which causes changes to them ot break the CI. I defer the changes to these BIPs to a separate pull request to get CI to pass. * BIP135: Move discussion to correct header * process: Post-History ↦ Discussion Also line up with additional items in the lines below. ``` sed -i -z 's/ Post-History: / Discussion: /' bip-0*.md sed -i -z 's/ Post-History: / Discussion: /' bip-0*.mediawiki ``` * process: Remove Comments-URI and -Summary ``` sed -i '0,/Comments-Summary/{/Comments-Summary/d}' bip-0*md sed -i '0,/Comments-Summary/{/Comments-Summary/d}' bip-0*mediawiki sed -i '0,/Comments-URI/{/Comments-URI/d}' bip-0*md sed -i '0,/Comments-URI/{/Comments-URI/d}' bip-0*mediawiki ``` Then reset the BIPs with non-empty comment wikis: - bip-0037.mediawiki - bip-0038.mediawiki - bip-0039.mediawiki - bip-0042.mediawiki - bip-0044.mediawiki - bip-0047.mediawiki - bip-0049.mediawiki - bip-0060.mediawiki - bip-0061.mediawiki - bip-0074.mediawiki - bip-0075.mediawiki - bip-0077.md - bip-0084.mediawiki - bip-0090.mediawiki - bip-0118.mediawiki - bip-0125.mediawiki - bip-0150.mediawiki - bip-0151.mediawiki - bip-0152.mediawiki - bip-0171.mediawiki - bip-0172.mediawiki - bip-0173.mediawiki - bip-0174.mediawiki - bip-0176.mediawiki - bip-0178.mediawiki - bip-0199.mediawiki - bip-0322.mediawiki - bip-0340.mediawiki - bip-0341.mediawiki * process: Author ↦ Authors ``` sed -z -i 's/Author: /Authors: /' bip-0*.md sed -z -i 's/Author: /Authors: /' bip-0*.mediawiki ``` Also align correctly in case of multiple authors. * process: Allow Deputies header * process: Increase title limit * process: Update license check * BIP372: Drop redundant Discussions-To Header BIP2 states that the Discussions-To header should only be used if the proposal was discussed somewhere else beside the Bitcoin Developer Mailing List. Therefore, the only use of the Discussions-To header in the repository is unnecessary and can be removed before the header is abolished. * process: Drop unused Discussions-To Header * editor: Remove outdated comment from README table * Allow `Version` field in checks as per BIP 3 * process: Created ↦ Assigned ``` sed -z -i 's/Created: /Assigned: /' bip-0*.md sed -z -i 's/Created: /Assigned: /' bip-0*.mediawiki ``` * Convert licenses to SPDX codes * bip134: Remove wrong License header The Copyright section specifies additional conditions, so the License header is not correct (or at least misleading). So let's just remove it. This is pragmatic because the field was only added as part of the activation of BIP 2 anyway, and there are other old BIPs with a License header. * bip2: Use correct SPDX license ids in the text See https://spdx.org/licenses/ * process: Use "official" SPDX identifiers See https://spdx.org/licenses/ * process: Fix up license sections to match preamble Co-authored-by: Jon Atack <jon@atack.com> * process: Backfill missing Version headers …for BIPs that have a Changelog section that mentions a version. BIP 1 and BIP 340 have Changelog sections, but do not define versions. * BIP77: Change sequence diagrams to text format (bitcoin#2064) Updated sequence diagrams to use text format instead of mermaid syntax. I cargo cult'd the RFC Rules: > “How are images handled for the plain text version of an RFC?” > The RFC Editor will accept both ASCII art and SVG. If only ASCII art is provided, it will be included in all publication formats. If ASCII art and SVG are both provided, ASCII art will be included in the plain text, and SVG in all other outputs. A note indicating alternative artwork is available is strongly advised. If only SVG is provided, a URI will be included in the plain-text publication format pointing to the HTML version. All artwork and figures should have a complete written description to support assisted reader technology. see: https://www.rfc-editor.org/rse/format-faq/ Since BIPs don't publish html/pdf renders, ASCII art seems like the right choice to render everywhere. Since normative prose is already provided, I chose not to include a written description of the diagrams to support assisted reader tech. * README edits * BIP174: Specify PSBT_IN_PREVIOUS_TXID serialization order (bitcoin#2001) * specify PSBT_IN_PREVIOUS_TXID serialization order * fix: remove ambiguous use of endianness language * Squashed 'bip-0374/secp256k1lab/' content from commit 44dc4bd git-subtree-dir: bip-0374/secp256k1lab git-subtree-split: 44dc4bd893b8f03e621585e3bf255253e0e0fbfb * BIP-374: avoid using sys.path[0] to find current working directory This approach is incompatible with the sys.path extension approach in the next commit which is used to to find the vendored copy of secp256k1lab, so use __file__ instead which works as well. * BIP-374: replace secp256k1.py with vendored copy of secp256k1lab * BIP-374: use `tagged_hash` and `xor_bytes` routines from secp256k1lab * BIP-374: mention secp256k1lab in BIP text * BIP434: p2p feature negotiation * BIP324: Add Version header and Changelog section * BIP14: Backfill discussion URLs * Add BIP-346: OP_TXHASH * BIP324: supporting 1 byte message type ids means supporting the equivalent 12 byte ASCII message types * BIP324: define message_length * BIP 324: Add auxiliary file tracking assignments of one-byte message type IDs * BIP324, BIP183: Add utreexo's p2pv2 message type ids * BIP324, BIP434: Assign message type id for "feature" message * BIP 434: fix license inconsistency * BIP 89: Chain Code Delegation for Private Collaborative Custody (bitcoin#2004) * Add Chaincode Delegation BIP * Update license to BSD-3-Clause and expand blinded signing documentation * Address initial PR comments * Update with BIP number assignment * Fix delegator_sign test vector * Upgrade secp256k1lab and add license file - Upgrade vendored secp256k1lab to commit a265da1 (adds type annotations) - Add COPYING file to satisfy MIT license requirements - Document secp256k1lab commit reference in BIP text * Fix type checker and linter issues in reference implementation - Fix TweakContext to use Scalar types for gacc/tacc - Replace HashFunction enum with Callable type alias - Fix bytearray to bytes conversion in blind_sign - Move imports to top of file - Fix boolean comparison style (use 'not' instead of '== False') - Add proper type annotations and casts for dict handling - Remove unused imports and type ignore comments * Address PR review comments on terminology and clarity - Add intro explaining delegation naming (chain code is delegated, not signing authority) - Reorder terminology to list Delegator before Delegatee - Replace "quorum" with clearer "can co-sign for UTXOs" language - Clarify derivation constraints in terms of delegatee's extended key - Rename "Delegatee Signing" section to "Signing Modes" - Fix "delegatee can apply" to "delegator can produce" (line 112) - Replace undefined "caller" with "delegatee" (line 173) - Clarify "Change outputs" to "Tweaks for change outputs" (line 98) - Add note that message is separate from CCD bundle - Add note on application-specific verification (addresses, amounts) - Add transition sentence clarifying non-concurrent protocol scope * Add changelog entry for 0.1.3 * Fix header: use Authors (plural) for multiple authors * Fix BIP header format for CI compliance - Change Type from 'Standards Track' to 'Specification' (valid type) - Change 'Created' to 'Assigned' (correct field name per BIP format) - Change 'Post-History' to 'Discussion' (recognized field in buildtable.pl) * Apply suggestion from @murchandamus --------- Co-authored-by: Jesse Posner <jesse.posner@gmail.com> * Escape pipe character in markdown table (bitcoin#2095) * BIP 110: Reduced Data Temporary Softfork (bitcoin#2017) * Reduced Data Temporary Softfork * BIP-RDTS: update and expand according to PR feedback * BIP-RDTS: minor updates to wording to address feedback * Address PR comments: update Reference Implementation and Deployment * Address PR comments: Clarify deployment name and bit * Address PR comments: Update BIP number, creation date, and README entry * Address @murchandamus X comment: Add activation threshold * Address PR comments: Update to BIP-3; clarify rationale and deployment * Address PR comments: Clarify scriptPubKey limit rationale and LOCKED_IN behavior * BIP360: Pay to Merkle Root (P2MR) (bitcoin#1670) Review comments and assistance by: Armin Sabouri <armins88@gmail.com> D++ <82842780+dplusplus1024@users.noreply.github.com> Jameson Lopp <jameson.lopp@gmail.com> jbride <jbride2001@yahoo.com> Joey Yandle <xoloki@gmail.com> Jon Atack <jon@atack.com> Jonas Nick <jonasd.nick@gmail.com> Kyle Crews <kylecrews@Kyles-Mac-Studio.local> Mark "Murch" Erhardt <murch@murch.one> notmike-5 <notmike-5@users.noreply.github.com> Vojtěch Strnad <43024885+vostrnad@users.noreply.github.com> Co-authored-by: Ethan Heilman <ethan.r.heilman@gmail.com> Co-authored-by: Isabel Foxen Duke <110147802+Isabelfoxenduke@users.noreply.github.com> * BIP85: fix typo in byte value (bitcoin#2100) * BIP352: Add Sebastian Falbesoner as Author * BIP128: Timelock-Recovery Storage Format (bitcoin#2068) * new bip: timelock recovery storage format * Comparison with Script-Based Wallets * Type is Specification Co-authored-by: Mark "Murch" Erhardt <murch@murch.one> * Change Authors to a single Author Co-authored-by: Mark "Murch" Erhardt <murch@murch.one> * Replace OP_VAULT mention with OP_CHECKCONTRACTVERIFY * Only the Alert Transaction needs to be non-malleable * Adding discussion link * limiting the transactions weight This is important in order to prevent users from creating recovery-plans that are hard to propagate. * Explain anchor-addresses * fix typo Co-authored-by: Mark "Murch" Erhardt <murch@murch.one> * add surname initial to author name * Explain unintentional initiation of rrecovery-plan. * limit alert_inputs length to 2439 * updating bip number to 128 * rename to bip-0128.mediawiki * BIP 128: Timelock-Recovery storage format * fix field order, change title to uppercase * Making plugin_version optional Relevant only in wallets where the feature is implemented via a plugin. * Removing mainnet Irrelevant. Obviously a monitoring service for mainnet should verify that the addresses are on mainnet. * BIP-117: add missing BIP8 reference (bitcoin#2080) * bip-0044: add Requires header for BIP32 and BIP43 (bitcoin#2072) * BIP-383: remove extra stray </tt> (bitcoin#2061) * BIP129: Add Requires header (bitcoin#2019) * BIP20,21: add Superseded-By and Replaces headers (bitcoin#1984) * BIP-174: port public key terminology from BIP 373 (bitcoin#2085) The changes are ported from PR 1705 so that the same public key terminology is reflected in BIP 174 as well. Please refer this other PR for more details. * BIP-352: introduce per-group recipient limit K_max (=2323) In theory this is a backwards incompatible protocol change. Practically, no existing Silent Payments wallets out there supports sending to such a high quantity of recipients (not even in terms of _total_ number of recipients), so the K_max limit should be safe to introduce, without any negative effects in the wallet ecosystem. * BIP-352: test vectors: allow specifying repeated recipients for sending Introduce an optional "count" field for recipient objects. Also update the documentation of the fields. * BIP-352: test vectors: allow to check found output count for receiving Introduce an optional "n_outputs" field as alternative to the detailed "outputs" objects (the field was already specified, but not used so far). Also update the documentation of the fields. * BIP-352: add test vector for exceeding K_max limit [sender side] Test case: as the (only) recipient group contains 2324 addresses and thus exceeds the K_max limit by one, sending fails. Can be tested by `$ ./bip-0352/reference.py ./bip-0352/send_and_receive_test_vectors.json` * BIP-352: add test vector for exceeding K_max limit [receiver side] Test case: even though there are 2324 outputs targeted to the recipient, only 2323 are found due to the introduced K_max limit. Any implementation following the new BIP protocol rule wouldn't create such a transaction in the first place, but an attacker might do. Can be tested by `$ ./bip-0352/reference.py ./bip-0352/send_and_receive_test_vectors.json` * bip347: Complete OP_CAT (bitcoin#2090) * OP_CAT to BIP 0003 format, add usecase * draft --> complete * Update bip-0347.mediawiki Co-authored-by: Mark "Murch" Erhardt <murch@murch.one> * BIP347: Update table entry to complete * Fix breaking test * Add test vectors --------- Co-authored-by: Mark "Murch" Erhardt <murch@murch.one> * Merge pull request bitcoin#2110 from casey/fix-readme-link Fix mailing list link in readme * Squashed 'bip-0352/secp256k1lab/' content from commit 44dc4bd git-subtree-dir: bip-0352/secp256k1lab git-subtree-split: 44dc4bd893b8f03e621585e3bf255253e0e0fbfb * BIP-352: take use of vendored secp256k1lab for reference implementation This allows to remove secp256k1.py and replace the secp256k1-specific parts in the reference implementation. Replacement guide: * ECKey -> Scalar * ECKey.set(seckey_bytes) -> Scalar.from_bytes_checked(seckey_bytes) * seckey.get_pubkey() -> seckey * G * seckey.get_bytes() -> seckey.to_bytes() * seckey.add(tweak_bytes) -> seckey + Scalar.from_bytes_checked(tweak_bytes) * seckey.negate() -> seckey = -seckey * seckey.sign_schnorr -> schnorr_sign(..., seckey.to_bytes(), ...) * ECPubKey -> GE * ECPubKey.set(pubkey_bytes) -> GE.from_bytes_{xonly,compressed}(pubkey_bytes) * pubkey.get_y() % 2 == 0 -> pubkey.has_even_y() * pubkey.get_bytes(False) -> pubkey.to_bytes_compressed() * pubkey.get_bytes() -> pubkey.to_bytes_xonly() * not pubkey.valid -> pubkey.infinity * pubkey.verify_schnorr -> schnorr_verify(..., pubkey.to_bytes_xonly(), ...) * TaggedHash -> tagged_hash * hashlib.sha256(preimage).digest() -> hash_sha256(preimage) * BIP442: OP_PAIRCOMMIT (bitcoin#1699) * Add: PAIRCOMMIT * New revision with Brandon Black * Fix: Authors and spelling merklize * Fix: header * Rework based on feedback from PR 1699 commit ae69991 Author: moonsettler <moonsettler@protonmail.com> Date: Tue Sep 23 02:23:43 2025 +0200 Update references commit 6adcb4e Author: moonsettler <moonsettler@protonmail.com> Date: Tue Sep 23 02:15:14 2025 +0200 General computation simplify wording commit 2f911cb Author: moonsettler <moonsettler@protonmail.com> Date: Tue Sep 23 01:36:41 2025 +0200 Rework based on feedback from PR 1699 * More readeable scripts & fix footnotes * Format and readability improvements * Update general computation section * THIKCS cost compare * Reference BIP-446 * Standard -> Specification Co-authored-by: Mark "Murch" Erhardt <murch@murch.one> * Update header to BIP-3 compatible Co-authored-by: Mark "Murch" Erhardt <murch@murch.one> * Add: Post-History * Update Cost comparison table * Post-History -> Discussion Co-authored-by: Mark "Murch" Erhardt <murch@murch.one> * bip119: fix stack[-1] -> self.stack[-1] in pseudocode The execute_bip_119 pseudocode references `stack[-1]` on line 74 instead of `self.stack[-1]`, inconsistent with all other stack references in the function. The C++ reference implementation correctly uses `stack.back()` throughout. * BIP 370: remove redundant field inclusion comment in OUT_SCRIPT description There are already "Requiring inclusion" / "Requiring exclusion" columns that specify that. * BIP-110: Clarify rule 2 witness stack element exclusions * BIP-110: Update deployment section with EXPIRED state; add GBT subsection to specification * BIP392: Silent Payment Output Script Descriptors (bitcoin#2047) * Add sp() output descriptor format for BIP352 Silent Payments * Update headers and remove space after comma in descriptors * Add label ranges with examples * Update with assigned number and adjust preamble for BIP3 * BIP392: Add table entry to README * Add two argument key expression form and remove birthday and label arguments * Add BIP392 sp() descriptor to BIP380 script expressions table * Add sp() descriptor to BIP390 allowed expressions and add musig() example to BIP392 * Add changelog and version header to BIP390 * BIP32: edits by ddustin for clarity (picks up PR785) (bitcoin#1903) Co-authored-by: Dusty Daemon <dustinpaystaxes@gmail.com> Co-authored-by: Pieter Wuille <pieter@wuille.net> Co-authored-by: Murch <murch@murch.one> * BIP-352: mention secp256k1lab in BIP text also fix a small grammar nit (s/are provided/is provided/) * bip54: reword "potentially executed" language in sigops limit specification The paragraph in its entirety is already unambiguous that all signature-checking operations *present* in the Script (as opposed to *executed*) are counted. However i received feedback that the "potentially executed" language in the first sentence of this paragraph may be confusing. This is because it is in theory possible to have a more accurate upper bound by analyzing the possible spending paths and use the maximum number of signature-checking operations in either to check against the limit. This commit rewords the first sentence to use the word "present" to be extra-clear before even describing how the accounting is performed in later sentences. * bip54: expand on rationale for non-final coinbase nSequence Making sure that the coinbase is timelocked is a neat simplification in reasoning about duplicates, but it has caused some confusions. For instance here: https://gnusha.org/pi/bitcoindev/e758af9b-72fc-4fdd-8e07-e1126635780an@googlegroups.com/ Fix this by explicitly stating the implications. * bip54: update sigops test vectors following Inquisition review This is a batch update to the tests vectors for the limit on legacy signature-checking operations introduced in BIP 54, following feedack received on the Bitcoin Inquisition PR and from Chris Stewart's implementation in Bitcoin-S. * bip54: move comment as first element in txsize test vectors This is part of feedback received during the Bitcoin Inquisition PR review. * bip54: make test vectors POSIX-compliant (newline at EOF) This was pointed out during the Bitcoin Inquisition PR review * bip54: restructure timestamp test vectors into a tree The test vectors were initially designed to maximally simple, which led to much redundancy. That was probably too close to one extreme on the spectrum between simplicity and efficiency. Here we shave off 20k lines by simply representing the header chains as a tree instead of list of lists by duplicating all common headers. * bip54: add another transaction size test case Ariard mentioned he would like to see a test case for a 64-byte transaction spending a Taproot output with an annex. I took the opportunity to also make the output be an OP_RETURN with a 2-byte push, as another semi-realistic transaction. * BIP-128: exact specification for the checksum calculation (bitcoin#2121) * Add BIP446: OP_TEMPLATEHASH, BIP448: Taproot-native (Re)bindable Transactions (bitcoin#1974) Co-authored-by: Antoine Poinsot <darosior@protonmail.com> * BIP-174: mark PSBT_GLOBAL_VERSION as required for v2 * BIP-375: Add bitcoin test framework as dependency - deps/bitcoin_test * Squashed 'bip-0375/deps/secp256k1lab/' content from commit 44dc4bd git-subtree-dir: bip-0375/deps/secp256k1lab git-subtree-split: 44dc4bd893b8f03e621585e3bf255253e0e0fbfb * BIP442: Update reference links (bitcoin#2129) * Varops: Two BIPs for Script Restoration: varops calculations and tapleaf version (0xc2). Special thanks to Murch for teaching me mediawiki, and so much great formatting and clarity advice. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> * script restoration: fix MUL cost to account to round up B to word boundary. Julian points out that the implementation does this, which improves accuracy for the case of small B (since the term is multiplied: for normal OP_ADD etc we don't bother, since the difference is very bounded). Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> * BIP 440, 441: official numbers, into README.mediawiki and renamed. Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> * BIP-375: add test vector file * BIP-375: add BIP375PSBT extension classes BIP375PSBT (a PSBT subclass that deserializes into BIP375PSBTMap instances) BIP375PSBTMap (a PSBTMap subclass with BIP-375 field access helpers) * BIP-375: add test_runner and validate PSBT structure Implement psbt structure checks Add test_runner.py for processing test vectors * BIP-375: add ecdh coverage validation Add deps/dleq.py (Adapted from bip-0374/reference.py) Extract pubkey from PSBT inputs - PSBT_IN_BIP32_DERIVATION - PSBT_IN_WITNESS_UTXO for P2TR Add script type helpers - bip352 input eligibility helpers * BIP-375: add input eligibility validation Verify segwit version >1 not used if silent payment outputs present (bip352) Verify SIGHASH_ALL requirement * BIP-375: add output scripts validation Add support for computing bip352 output scripts Extract ECDH shares and public key from PSBT and aggregate both if necessary Refactor validate_ecdh_coverage to use collect_input_ecdh_and_pubkey * BIP-375: update documentation Update Test Vectors section Add README.md to explain validation tooling and dependencies * BIP-370: add invalid test vector for PSBT_IN_REQUIRED_HEIGHT_LOCKTIME of 0 * BIP-370: add invalid test vector for PSBT_GLOBAL_UNSIGNED_TX in PSBTv2 * BIP-370: add invalid test vector for missing PSBT_GLOBAL_TX_VERSION in PSBTv2 * BIP-375: address review feedback correctly label witness_utxo vs non_witness_utxo key in supplementary inputs Summary of test vector changes: removed test: - psbt structure: empty PSBT_OUT_SCRIPT field when sending to non-sp output modified test: - ecdh coverage: only one ineligible P2SH multisig input when PSBT_OUT_SCRIPT set for sp output - can finalize: one P2PKH input single-signer - can finalize: two inputs using per-input ECDH shares - only eligible inputs contribute shares (P2SH excluded) added test: - can finalize: two inputs using global ECDH share - only eligible inputs contribute shares (P2SH excluded) * BIP-375: clarify eligible input restriction in Signer text * BIP-375: clarify eligible inputs restriction in Computing the Output Scripts text * BIP-375: skip ineligible inputs when combining ecdh shares add fake ecdh share and dleq proof to P2SH input for valid test: two inputs using per-input ECDH shares - only eligible inputs contribute shares (P2SH excluded) remove unused return string from is_input_eligible * Merge pull request bitcoin#2099 from craigraw/descriptorannotations BIP393: Output Script Descriptor Annotations * BIP-352: warn against stopping scan due to wallet policy filtering (bitcoin#2134) Adds a warning to the "if no matches are found, stop" scanning step. Without it, wallet developers may be tempted to apply policy filtering (e.g. dust) before deciding to continue, causing subsequent outputs for the same sender to be missed. * BIP-375: fix label byte order used by labelhash Test vectors with labels now use big-endian byte order instead of little-endian, matching BIP-352 specification Summary of test vector changes: - psbt structure: missing PSBT_OUT_SP_V0_INFO field when PSBT_OUT_SP_V0_LABEL set - can finalize: one P2WPKH input / two mixed outputs - labeled sp output and BIP 32 change - can finalize: two sp outputs - output 0 uses label=3 / output 1 uses label=1 * BIP-0322: add format clarification table This commit adds a table that clarifies what script types are compatible with what signing variant and also makes more clear what the exact format for the signatures of the different variants are. * BIP-0322: clarify scriptSig on to_sign for legacy transactions Before this commit it was not clear that non-native SegWit outputs (e.g. P2PKH or P2SH-P2WPKH) only work if the correct scriptSig is provided. This then also makes it more clear why P2SH-P2WPKH outputs are NOT supported by the "simple" variant. * BIP-0322: turn test vectors into JSON, add more This commit turns the existing test vectors into a JSON and then adds more test cases covering the most common script types. * BIP376: Spending Silent Payment outputs with PSBTs (bitcoin#2089) * BIP174: Deduplicate global type definitions * BIP174: Deduplicate input type definitions * BIP174: Deduplicate per-output type definitions * 174: Add changelog and version number * BIP361: Post Quantum Migration and Legacy Signature Sunset (bitcoin#1895) * BIP-361 * bip361: Fix background color * address feedback * bip174: Explain BIP2 status in Changelog * bip388: Amend assignment date BIP3 clarified the content of the ambiguous Created header and renamed it to Assigned. BIP388 was assigned per bitcoin#1389 (review) on 2023-12-26. The prior "Created:" field content was moved to a Changelog entry. * bip388: Add missing Version header, rename Changelog * bip174: Fix relative paths to other BIPs * BIP-352: add test vector for edge case - input key intermediate sum zero Exercises [A, -A, A] input key pattern where the intermediate sum hits zero after the first two keys, but the final sum is non-zero. Implementations that validate after each pairwise addition (rather than summing all keys first) will incorrectly reject this case. * BIP-352: update changelog and correct typo Add patch version 1.1.1 to Changelog Remove extra leading double-quote in CoinJoin ref name * BIP-375: add changelog section Add Changelog section Begin with version 0.1.0 as this BIP is Draft phase * Corrections to BIP-0361 on rescue protocols * Fix BIP32 links and consistency Co-authored-by: Jon Atack <jon@atack.com> * BIP-0322: wrap long lines at 100 characters This re-formats the document for easier editing and diff viewing. Wiki syntax is weird for lists and line wraps break them. Simple lists were changed to <ul> or <ol> tags but complex lists remain as they are to not bloat the diff too much. * BIP-0322: small semantic and formatting fixes This fixes small inconsistencies or incomplete definitions based on previous, already merged changes. * BIP-0322: reference btcd implementation * BIP-0322: update motivation, clarify Proof of Funds purpose This addresses two discussion items: - The list of UTXOs should not be interpreted as a "proof that no other UTXOs for an address exist". - The BIP only addresses "signer receives funds with the address" and not "signer sent a previous transaction" use case. * BIP-0322: clarify terminology used Since the term "signature" can be pretty overloaded dependin on the context, we clarify what it actually means in this BIP. * BIP-0322: encode finalized PSBT for Proof of Funds This commit proposes a fix for the problem that an offline verifier previously was not able to even verify the witness stack of additional inputs. By providing the full finalized PSBT, a verifier has all the input data necessary to run the script through the validation engine. We require the PSBT to be finalized to make sure it contains the final script witness or final script sig but no extra potentially privacy-sensitive fields. The Non-Witness and Witness UTXO fields are explicitly allowed for finalized PSBTs, which makes the format perfect for the use case. * BIP-0322: add prefix to message signature * Fix broken BIP 3 reference in bip-0347 and bip-0360 changelogs Both BIPs added a changelog entry on 2026-01-23 referencing the updated BIP Process meta-BIP with the wrong form: - bip-0360.mediawiki:404 rendered `[[bip-0003.mediawiki|BIP 003]]`, but the actual file is `bip-0003.md`. The MediaWiki link therefore failed to resolve to the BIP 3 page on the bitcoin/bips GitHub wiki render and on the bips.dev / bip339 style mirrors — readers of the bip-0360 changelog landed on a 404. - bip-0347.mediawiki:170 wrote the same reference as bare text `BIP 003` with no link at all, so readers of bip-0347 had no way to navigate to the BIP 3 they were meant to follow. Rewrite both entries to use the canonical form `[[bip-0003.md|BIP 3]]`: - `bip-0003.md` matches the actual filename. - `BIP 3` matches the display text convention the README (line 40) and every other BIP in this repository already use when linking to bip-0003 — "BIP 003" with the three-digit zero-pad appears nowhere else in the repo for any BIP and is not part of the display style described in BIP 2. Also drops the trailing whitespace on the bip-0347 line while we are there (the `typos` CI tolerates it but it is inconsistent with every other line in the same changelog block). * Merge pull request bitcoin#1548 from seedhammer/master BIP391: Binary Output Descriptors * BIP-0329: Add spscan label type for labelling silent payments wallets (bitcoin#2149) * Add spscan label type * minor edits * Fix broken anchor links * BIP22: fix anchor links * BIP23: Fix anchor links * BIP342: Fix anchor links * Fix other broken anchors Used the following `sed` command and manually verified the unstaged changes. Special cases that were not committed included external links to Wikipedia which are case-sensitive, links specific lines in code, a link to a title with a slash that had to be cleaned up, and links to citations on the BIP repository that contain an underscore. ``` sed -E -i ' s/(\[\[[^][]*#)([^]|]*)(\||\]\])/\1\L\2\E\3/g :again s/(\[\[[^][]*#)([^]|]*)([: _]+)([^]|]*)(\||\]\])/\1\2-\4\5/g t again ' bip-0*mediawiki ``` * Eliminate remaining "user-content" anchor links * BIP451: Dust UTXO Disposal Protocol (bitcoin#2150) * Add draft BIP for dust utxo disposal protocol * Assign number 451, update preamble, rename BIP file, and add entry to README table * Small edits * Change title, abstract, motivation to focus on dust attack UTXOs * Simpify dust selection section * Add batching to address consolidation rules * Fix core version in privacy preservation * Fix table units * Add confirmed utxo rationale * Revert title back to original * Change output to always be OP_RETURN ash * BIP-0174+BIP-0322: describe PSBT based signing This commit proposes a new PSBT input field type for transporting the message to be signed to different signers in a multisig signing use case. * BIP-0322: update test vectors This commit updates the test vectors to reflect all the changes in the previous commits and also introduces new test vectors for the Proof of Funds variant. * BIP-0322: add guggero as deputy * BIP-0322: remove comments, add discussion links As described in BIP-0003, the comments section is no longer required. Instead we add all relevant discussions. * README+BIP-0322: add changelog, mark Complete * BIP 54: grammar improvements (bitcoin#2151) * bip54: Clarify deployment cost wording * bip54: Clarify merkle tree wording * bip54: Clarify sigops wording * bip54: Clarify timewarp wording * bip54: Clarify miner preparation cost wording * BIP352: Fix recipients typing in create_outputs to List[Dict[str, str]] * BIP352: fix Any typing `any` is a built-in logic function but not a valid type hint Instead, use `Any`, the special construct from the typing module that informs static analysis tools. * BIP352: complete return type annotations in bitcoin_utils The serialization helpers in bip-0352/bitcoin_utils.py were partially typed: ser_uint32, hash160, is_p2tr, is_p2wpkh, is_p2sh and is_p2pkh already declare argument and return types, but the surrounding from_hex / ser_uint256 / deser_uint256 / deser_txid / deser_compact_size / deser_string / deser_string_vector helpers omit them. Annotate the missing return types (and fill in the obvious argument types) so the file is consistent and so static analysis can flow types through callers in reference.py. No behavior changes. * bip-0054: spell out in more places that 64 bytes is for witness-stripped size * Add BIP323: 24 nVersion bits for general purpose use (bitcoin#2116) * BIP-0322: change role to author, add required BIPs * BIP-0322: link to later sections for clarity * BIP-0322: clarify sighash flag for P2TR * Fix bip322 link in bip174 type registry * BIP-0322: grammar and readability touchup Co-authored-by: Jon Atack <jon@atack.com> * bip-0054: clarify rationale for invalidating 64-byte txs As Eric points out on the mailing list: 1. the rationale section should mention and address the "seam" objection directly rather than burying it in a footnote; 2. the full node consensus split issue should not be used as sole rationale for invalidating 64-byte txs (but it's fair to point out it's fixed as a nice to have byproduct). ML thread: https://gnusha.org/pi/bitcoindev/43996cb3-9133-4627-8944-5fe08427be68n@googlegroups.com/T/#md66e252f0748f4ef7569d5e15d42631e12b66c0b, * bip-0054: state explicitly fake inclusion proofs only concern SPV verifier * nit fixes * bip-0054: less redundancy in 64-byte rationale, move caching risk to footnote * bip-0054: disambiguate use of "mitigation" Jon pointed that i use "mitigation" to refer both to the items of this BIP, and for the existing workarounds to make SPV verifiers safe in the presence of 64-byte txs. This commit rephrases the latter usage. * bip-0054: add a footnote with known workarounds for SPV verifiers --------- Signed-off-by: Rusty Russell <rusty@rustcorp.com.au> Co-authored-by: Bashmunta <georgebashmunta@gmail.com> Co-authored-by: Mark "Murch" Erhardt <murch@murch.one> Co-authored-by: Greg Sanders <gsanders87@gmail.com> Co-authored-by: Jon Atack <jon@atack.com> Co-authored-by: Antoine Poinsot <darosior@protonmail.com> Co-authored-by: Hodlinator <172445034+hodlinator@users.noreply.github.com> Co-authored-by: Chris Stewart <stewart.chris1234@gmail.com> Co-authored-by: yyhrnk <yaroslavnerest@gmail.com> Co-authored-by: Galoretka <galoretochka@gmail.com> Co-authored-by: Luke Dashjr <luke-jr+git@utopios.org> Co-authored-by: Anthony Towns <aj@erisian.com.au> Co-authored-by: maradini77 <140460067+maradini77@users.noreply.github.com> Co-authored-by: kurahin <kurahinvladikdos@gmail.com> Co-authored-by: Ben Westgate <BenWestgate@protonmail.com> Co-authored-by: VolodymyrBg <aqdrgg19@gmail.com> Co-authored-by: lisenokdonbassenok <lisdonbassa@gmail.com> Co-authored-by: Tim Ruffing <me@real-or-random.org> Co-authored-by: Olaoluwa Osuntokun <laolu32@gmail.com> Co-authored-by: Yuval Kogman <nothingmuch@woobling.org> Co-authored-by: Dan Gould <d@ngould.dev> Co-authored-by: Jack D <jack@unchained.com> Co-authored-by: Sebastian Falbesoner <sebastian.falbesoner@gmail.com> Co-authored-by: Steven Roose <steven@stevenroose.org> Co-authored-by: Jurvis Tan <5944973+jurvis@users.noreply.github.com> Co-authored-by: Jesse Posner <jesse.posner@gmail.com> Co-authored-by: Paul Miller <paul@paul.lol> Co-authored-by: Dathon Ohm <dathonohm@proton.me> Co-authored-by: Hunter Beast <hunter@cryptoquick.com> Co-authored-by: Ethan Heilman <ethan.r.heilman@gmail.com> Co-authored-by: Isabel Foxen Duke <110147802+Isabelfoxenduke@users.noreply.github.com> Co-authored-by: YoCheng <xyox860224@gmail.com> Co-authored-by: Oren <115847146+oren-z0@users.noreply.github.com> Co-authored-by: MoNyAvA <bazarunetuNYC@gmail.com> Co-authored-by: Mohammad Eglil <61068134+MohammadEglil@users.noreply.github.com> Co-authored-by: rkrux <rkrux.connect@gmail.com> Co-authored-by: Casey Rodarmor <casey@rodarmor.com> Co-authored-by: moonsettler <moonsettler@protonmail.com> Co-authored-by: Andreas Schjønhaug <andreas@schjonhaug.com> Co-authored-by: craigraw <craigraw@gmail.com> Co-authored-by: Dusty Daemon <dustinpaystaxes@gmail.com> Co-authored-by: Pieter Wuille <pieter@wuille.net> Co-authored-by: macgyver13 <4712150+macgyver13@users.noreply.github.com> Co-authored-by: Rusty Russell <rusty@rustcorp.com.au> Co-authored-by: Andrew Toth <andrewstoth@gmail.com> Co-authored-by: Oghenovo Usiwoma <37949128+Eunovo@users.noreply.github.com> Co-authored-by: Oli <gugger@gmail.com> Co-authored-by: nymius <155548262+nymius@users.noreply.github.com> Co-authored-by: Ava Chow <github@achow101.com> Co-authored-by: Jameson Lopp <jameson.lopp@gmail.com> Co-authored-by: conduition <conduition@proton.me> Co-authored-by: boskodev790 <boskomaljkovic790@outlook.com> Co-authored-by: SeedHammer <93251679+seedhammer@users.noreply.github.com> Co-authored-by: bubb1es71 <bubb1es71@proton.me> Co-authored-by: nervana21 <205626986+nervana21@users.noreply.github.com> Co-authored-by: Snezhkko <snezhkodaria38@gmail.com> Co-authored-by: omipheo <omipheo@gmail.com> Co-authored-by: Matt Corallo <649246+TheBlueMatt@users.noreply.github.com> Co-authored-by: Armin Sabouri <me@arminsabouri.com> Co-authored-by: scgbckbone <scgbckbone@proton.me>
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
7 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Mail list discussion: https://groups.google.com/g/bitcoindev/c/fCfbi8hy-AE/m/g85UXI4qAAAJ