mirror of
https://github.com/bitcoinbook/bitcoinbook
synced 2024-11-29 19:38:25 +00:00
CH07: Switch from M-of-N to K-of-N
Explanation for change is in changed text, but briefly: k-of-n is clearer when pronounced.
This commit is contained in:
parent
7417842837
commit
ec534165ba
@ -324,33 +324,40 @@ image::../images/mbc2_0606.png["Tx_Script_P2PubKeyHash_2"]
|
||||
scripts")))((("transactions", "advanced", id="Tadv07")))((("scripting",
|
||||
"multisignature scripts", id="Smulti07")))((("multisignature
|
||||
scripts")))Multisignature scripts set a condition where N public keys
|
||||
are recorded in the script and at least M of those must provide
|
||||
signatures to spend the funds. This is also known as an M-of-N scheme,
|
||||
where N is the total number of keys and M is the threshold of signatures
|
||||
are recorded in the script and at least K of those must provide
|
||||
signatures to spend the funds. This is also known as a K-of-N scheme,
|
||||
where N is the total number of keys and K is the threshold of signatures
|
||||
required for validation. For example, a 2-of-3 multisignature is one
|
||||
where three public keys are listed as potential signers and at least two
|
||||
of those must be used to create signatures for a valid transaction to
|
||||
spend the funds.
|
||||
|
||||
At this time, _standard_ multisignature scripts are limited to at most 3
|
||||
[TIP]
|
||||
====
|
||||
Some Bitcoin documentation, including earlier editions of this book,
|
||||
uses the term M-of-N for traditional multisignature. However, it's hard
|
||||
to tell "M" and "N" apart when they're spoken, so we use the alternative
|
||||
K-of-N. Both phrases refer to the same type of signature scheme.
|
||||
====
|
||||
|
||||
At this time, _standard_ multisignature scriptPubKeys are limited to at most 3
|
||||
listed public keys, meaning you can do anything from a 1-of-1 to a
|
||||
3-of-3 multisignature or any combination within that range. The
|
||||
limitation to 3 listed keys might be lifted by the time this book is
|
||||
published, so check the +IsStandard()+ function to see what is currently
|
||||
3-of-3 multisignature or any combination within that range.
|
||||
You may want to check the +IsStandard()+ function to see what is currently
|
||||
accepted by the network. Note that the limit of 3 keys applies only to
|
||||
standard (also known as "bare") multisignature scripts, not to
|
||||
multisignature scripts wrapped in a Pay-to-Script-Hash (P2SH) script.
|
||||
P2SH multisignature scripts are limited to 15 keys, allowing for up to
|
||||
15-of-15 multisignature. We will learn about P2SH in <<p2sh>>.
|
||||
|
||||
The general form of a scriptPubKey setting an M-of-N multisignature
|
||||
The general form of a scriptPubKey setting an K-of-N multisignature
|
||||
condition is:
|
||||
|
||||
----
|
||||
M <Public Key 1> <Public Key 2> ... <Public Key N> N OP_CHECKMULTISIG
|
||||
K <Public Key 1> <Public Key 2> ... <Public Key N> N OP_CHECKMULTISIG
|
||||
----
|
||||
|
||||
where N is the total number of listed public keys and M is the threshold
|
||||
where N is the total number of listed public keys and K is the threshold
|
||||
of required signatures to spend the output.
|
||||
|
||||
A scriptPubKey setting a 2-of-3 multisignature condition looks like
|
||||
@ -388,7 +395,7 @@ the three public keys set as an encumbrance.
|
||||
((("scripting", "multisignature scripts", "OP_CHECKMULTISIG
|
||||
bug")))((("OP_CHECKMULTISIG bug workaround")))There is a bug in
|
||||
++OP_CHECKMULTISIG++'s execution that requires a slight workaround. When
|
||||
+OP_CHECKMULTISIG+ executes, it should consume M+N+2 items on the stack as
|
||||
+OP_CHECKMULTISIG+ executes, it should consume K+N+2 items on the stack as
|
||||
parameters. However, due to the bug, +OP_CHECKMULTISIG+ will pop an extra
|
||||
value or one value more than expected.
|
||||
|
||||
@ -402,10 +409,10 @@ example:
|
||||
First, +OP_CHECKMULTISIG+ pops the top item, which is +N+ (in this example
|
||||
"3"). Then it pops +N+ items, which are the public keys that can sign.
|
||||
In this example, public keys A, B, and C. Then, it pops one item, which
|
||||
is +M+, the quorum (how many signatures are needed). Here M = 2. At this
|
||||
point, +OP_CHECKMULTISIG+ should pop the final +M+ items, which are the
|
||||
is +K+, the quorum (how many signatures are needed). Here M = 2. At this
|
||||
point, +OP_CHECKMULTISIG+ should pop the final +K+ items, which are the
|
||||
signatures, and see if they are valid. However, unfortunately, a bug in
|
||||
the implementation causes +OP_CHECKMULTISIG+ to pop one more item (M+1
|
||||
the implementation causes +OP_CHECKMULTISIG+ to pop one more item (K+1
|
||||
total) than it should. The extra item is disregarded when checking the
|
||||
signatures so it has no direct effect on +OP_CHECKMULTISIG+ itself.
|
||||
However, an extra value must be present because if it is not present,
|
||||
|
Loading…
Reference in New Issue
Block a user