forked from bitcoin/bips
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
1 parent
9c57fac
commit b088af3
Showing
1 changed file
with
69 additions
and
0 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,69 @@ | ||
<pre> | ||
BIP: TBD | ||
Layer: Consensus (soft fork) | ||
Title: INTERNALKEY | ||
Author: Brandon Black <[email protected]> | ||
Comments-Summary: No comments yet. | ||
Status: Draft | ||
Type: Standards Track | ||
Created: 2023-12-22 | ||
License: PD | ||
</pre> | ||
|
||
==Abstract== | ||
|
||
This BIP describes a new tapscript opcode (OP_INTERNALKEY) which pushes the | ||
taproot internal key to the stack. | ||
|
||
==Specification== | ||
|
||
When verifying taproot script spends having leaf version 0xc0 (as defined in | ||
BIP342), OP_INTERNALKEY replaces OP_SUCCESS187 (0xbb). OP_INTERNALKEY pushes | ||
the taproot internal key, as defined in BIP341, to the stack. | ||
|
||
==Motivation== | ||
|
||
===Key spend with additional conditions=== | ||
|
||
When building taproot outputs, especially those secured by an aggregate key | ||
representing more than 1 signer; the parties may wish to collaborate on signing | ||
with the taproot internal key, but only with additional script restrictions. In | ||
this case, OP_INTERNALKEY saves 32 bytes of witness space. | ||
|
||
===Mitigated control block overhead for scripts using hash locks=== | ||
|
||
In cases where script path spending is not desired, the internal key may be set | ||
to a NUMS point whose bytes would otherwise be required in a tapscript. This | ||
could be used with any hash locked transaction, for example, to save 32 witness | ||
bytes. | ||
|
||
==Reference Implementation== | ||
|
||
A reference implementation is provided here: | ||
|
||
https://github.com/brandonblack/bitcoin/commit/aa94c2865badc9bef86c29c330d4da77f341c0f2 | ||
|
||
==Backward Compatibility== | ||
|
||
By constraining the behavior of an OP_SUCCESS opcode, deployment of the BIP can | ||
be done in a backwards compatible, soft-fork manner. If anyone were to rely on | ||
the OP_SUCCESS behavior of OP_SUCCESS187, OP_INTERNALKEY would invalidate their | ||
spend. | ||
|
||
==Deployment== | ||
|
||
TBD | ||
|
||
==Credits== | ||
|
||
Jeremy Rubin described most of the ideas for OP_INTERNALKEY to me. | ||
|
||
==References== | ||
|
||
[https://github.com/bitcoin/bips/blob/master/bip-0341.mediawiki BIP 341] Taproot | ||
|
||
[https://github.com/bitcoin/bips/blob/master/bip-0342.mediawiki BIP 342] Tapscript | ||
|
||
==Copyright== | ||
|
||
This document is placed in the public domain. |