> > The primary change is to truly have all input and output data for each in > their respective maps 1) +1. It would be really great to have a complete map per input/output that does not require an annoying lookup to a global field. A Bitcoin transaction only has a single locktime yet a PSBT may have > multiple lock times. 2) One other thing, the per input timelock also helps in detecting whether the transaction contains a mix of block-based timelocks and height based timelocks. Recall that such inputs can't be spent together under the same nLocktime. 3) Finally, one last thing which I noted while implementing a generic finalizer for Miniscript is the restriction on sighashType. From the BIP > Signatures for this input must use the sighash type, finalizers must fail > to finalize inputs which have signatures that do not match the specified > sighash type. Signers who cannot produce signatures with the sighash type > must not provide a signature. Is such a restriction necessary? If the purpose is to only suggest signer which sighashType to use, then I think the finalizer should not reject those. Along those lines, we can also mark with suggestions for the type of nlockTime(block vs height) that should be used. With such suggestions, input parties can decide which branches in the satisfaction they should prefer and sign with the corresponding signatures. Note that this purpose is different from the stated purpose of PSBT_GLOBAL_PREFERRED_LOCKTIME. Cheers, Sanket On Wed, Dec 9, 2020 at 4:33 PM Andrew Chow via bitcoin-dev < bitcoin-dev@lists.linuxfoundation.org> wrote: > Hi All, > > I would like to propose a new PSBT version that addresses a few > deficiencies in the current PSBT v0. As this will be backwards > incompatible, a new PSBT version will be used, v1. > > The primary change is to truly have all input and output data for each > in their respective maps. Instead of having to parse an unsigned > transaction and lookup some data from there, and other data from the > correct map, all of the data for an input will be contained in its map. > Doing so also disallows PSBT_GLOBAL_UNSIGNED_TX in this new version. > Thus I propose that the following fields be added: > > Global: > * PSBT_GLOBAL_TX_VERSION = 0x02 > * Key: empty > * Value: 32-bit little endian unsigned integer for the transaction > version number. Must be provided in PSBT v1 and omitted in v0. > * PSBT_GLOBAL_PREFERRED_LOCKTIME = 0x03 > * Key: empty > * Value: 32 bit little endian unsigned integer for the preferred > transaction lock time. Must be omitted in PSBT v0. May be provided in > PSBT v1, assumed to be 0 if not provided. > * PSBT_GLOBAL_INPUT_COUNT = 0x04 > * Key: empty > * Value: Compact size unsigned integer. Number of inputs in this > PSBT. Must be provided in PSBT v1 and omitted in v0. > * PSBT_GLOBAL_OUTPUT_COUNT = 0x05 > * Key: empty > * Value: Compact size unsigned integer. Number of outputs in this > PSBT. Must be provided in PSBT v1 and omitted in v0. > > Input: > * PSBT_IN_PREVIOUS_TXID = 0x0e > * Key: empty > * Value: 32 byte txid of the previous transaction whose output at > PSBT_IN_OUTPUT_INDEX is being spent. Must be provided in PSBT v1 and > omitted in v0. > * PSBT_IN_OUTPUT_INDEX = 0x0f > * Key: empty > * Value: 32 bit little endian integer for the index of the output > being spent. Must be provided in PSBT v1 and omitted in v0. > * PSBT_IN_SEQUENCE = 0x0f > * Key: empty > * Value: 32 bit unsigned little endian integer for the sequence > number. Must be omitted in PSBT v0. May be provided in PSBT v1 assumed > to be max sequence (0xffffffff) if not provided. > * PSBT_IN_REQUIRED_LOCKTIME = 0x10 > * Key: empty > * Value: 32 bit unsigned little endian integer for the lock time that > this input requires. Must be omitted in PSBT v0. May be provided in PSBT > v1, assumed to be 0 if not provided. > > Output: > * PSBT_OUT_VALUE = 0x03 > * Key: empty > * Value: 64-bit unsigned little endian integer for the output's > amount in satoshis. Must be provided in PSBT v1 and omitted in v0. > * PSBT_OUT_OUTPUT_SCRIPT = 0x04 > * Key: empty > * Value: The script for this output. Otherwise known as the > scriptPubKey. Must be provided in PSBT v1 and omitted in v0. > > This change allows for PSBT to be used in the construction of > transactions. With these new fields, inputs and outputs can be added as > needed. One caveat is that there is no longer a unique transaction > identifier so more care must be taken when combining PSBTs. > Additionally, adding new inputs and outputs must be done such that > signatures are not invalidated. This may be harder to specify. > > An important thing to note in this proposal are the fields > PSBT_GLOBAL_PREFERRED_LOCKTIME and PSBT_IN_REQUIRED_LOCKTIME. A Bitcoin > transaction only has a single locktime yet a PSBT may have multiple > locktimes. To choose the locktime for the transaction, finalizers must > choose the maximum of all of the *_LOCKTIME fields. > PSBT_IN_REQUIRED_LOCKTIME is added because some inputs, such as those > involving OP_CHECKLOCKTIMEVERIFY, require a specific minimum locktime to > be set. This field allows finalizers to choose a locktime that is high > enough for all inputs without needing to understand the scripts > involved. The PSBT_GLOBAL_PREFERRED_LOCKTIME is the locktime to use if > no inputs require a particular locktime. > > As these changes disallow the PSBT_GLOBAL_UNSIGNED_TX field, PSBT v1 > needs the version number bump to enforce backwards incompatibility. > However once the inputs and outputs of a PSBT are decided, a PSBT could > be "downgraded" back to v0 by creating the unsigned transaction from the > above fields, and then dropping these new fields. > > If the list finds that these changes are reasonable, I will write a PR > to modify BIP 174 to incorporate them. > > Thanks, > Andrew Chow > > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev >