1
0
mirror of https://github.com/bitcoinbook/bitcoinbook synced 2024-11-26 18:08:31 +00:00
Commit Graph

72 Commits

Author SHA1 Message Date
David A. Harding
0cab0c9d2a Meta: edit notes for the future 2023-09-01 13:22:04 +02:00
David A. Harding
399e004211 CH05: fix script nesting (from Murchandamus feedback, thanks!) 2023-09-01 13:21:39 +02:00
David A. Harding
114d7bf25a Auth&Auth: explain differerence between MAST and Merklized Alt Script Trees
Inspired by a comment from Roasbeef about how we shouldn't described
MAST because that's not what taproot implements.
2023-09-01 13:21:39 +02:00
David A. Harding
89b548d5b5 All: update images for reviewer feedback
Special thanks to Murchandamus who provided most of the feedback
2023-09-01 13:21:39 +02:00
David A. Harding
8d6972d719 Libbitcoin bx: remove all mentions of vulnerable tool
- Remove appendix dedicated to `bx`.  They had already been slated for
  deletion, as I wrote to a reviewer on 2023-07-27: "I'm also probably
  going to delete the library/tool focused appendixes as I don't think
  they add anything".  After the disclosure of CVE-2023-39910 on August
  8th, it's clear that this appendix was worse than useless: it was
  harmful.

- Remove other mentions of `bx` in the book.  I had not previously
  intended this because it looked like a pain, but mentions of a tool
  often come across as endorsements to readers and no tool created by
  the team behind Libbitcoin is one I would ever want to endorse.  I
  regret that I didn't remove the mentions earlier in the process of
  updating the book.

- Remove appendix dedicated to pycoin.  I'm now aware of any problems
  with pycoin, but I don't think these sort of short detached tutorials
  add anything.  Programming Bitcoin is an entire book built on pycoin,
  and all of these tools have their own webpages that get updated more
  frequently than the book.
2023-09-01 13:21:39 +02:00
David A. Harding
d9f6cf53c7 CH12-14: edits for Murchandamus feedback
- Describe topological order to help readers understand how that solves
  the double spend problem

- Mention that transactions can be safely relayed one block before their
  locktime allows them to be included in a block because they'll be
  valid next block.

- Be a bit clearer about when subsidy becomes zero due to rounding and
  when BIP42 makes it zero unconditionally.

- Describe the creation of the witness merkle root before the block
  header merkle root

- Move up note about the retarget off-by-one bug

- Make "best blockchain" an inherent property and not an alias for a
  current chain.  When a new block arrives that triggers a reorg, we
  don't switch best blockchains---the new chain is the best blockchain
  and we switch to using it.

- Combine two sections about forks that were repetitive

- Mention that pool miners also need to prove they paid the pool's
  preferred coinbase transaction template

- Add a todo to clarify terminology around the 51% attack.  The existing
  text used this in a way that's consistent with how it was used in
  early Bitcoin history, but it's potentially confusing because it
  doesn't actually require a majority of hashrate to make the attack and
  it confuses it with a censorship attack that does require a majority
  (or at least a selfishing mining minority) to maintain.

- Reduce the situations we describe as "double spends". Consensus
  prevents double spending within a valid chain; the other situations
  are about unconfirmed transactions, which might better be described
  using other terms that won't confuse readers into thinking Bitcoin's
  double spend protection doesn't work.

- Add warning about backing up more than your seed when multisig or
  complex contracts are in use.

- Add a todo to fix "millibits" situation, which might involve image
  changes.

- Note that the first commitment transaction (the refund) needs to be
  signed before the funding transaction in LN channels.

- Pluralize "bitcoin" as necessary (somehow missed this before).

- Drop mention of tumblebit and teechan, which nobody is working on
  AFAIK.
2023-08-06 21:45:37 -10:00
David A. Harding
b8933271ff All: mostly replace "SPV client" with "lightweight client"
The description of SPV in the original paper assumed full nodes would
warn SPV clients about invalid blocks.  Such fraud proofs are not used
in production, so lightweight clients are (arguably) not SPV clients.
2023-08-06 21:08:04 -10:00
David A. Harding
672c3fdc07 All: edits for Roasbeef feedback
- Drop soon-to-be-outdated mention of current block reward amount

- Aezeed: mention internal and external version sumbers.  Instead of
  saying "global word list", clarify that both the backup and the
  recovery software need to support the same word list.

- Mention that compact block filters are something that blocks might
  commit to in the future in a consensus-enforced way.

- Add links to both RGB and Taproot Assets documentation.

- Mention that taproot assets can also support native forwarding.

- Minor edits and add some FIXMEs for later changes.
2023-08-06 21:08:04 -10:00
David A. Harding
b387a9c09e Appendixes: add whitepaper errata
Suggested by Murchandamus.
2023-08-01 11:13:43 -10:00
David A. Harding
6e14b9637a CH09-10: edits for Murchandamus feedback
- Mention an example of Bitcoin Core sending a BIP151 transacation in
  advance, alas it's the only case implemented.

- Mention that FIBRE is software (since Matt's main network for it was
  shut down)

- Add fRelay to the node announcement message.  We've only had it for 11
  years.

- Clarify descriptions mention the genesis block as part of the block
  chain

- Mention that BIP157/8 is not able to relay unconfirmed transactions

- Update assertion that the mempool is only stored in memory (on Bitcoin
  Core, it is now written to disk on shutdown; on libbitcoin, it's
  always written to disk)

- HUGE FIX: correct inverted enumerator and denominator on feerates.  So
  embarrasing!
2023-08-01 07:53:41 -10:00
David A. Harding
4a6344a4d0 CH09: remove sections about fee market theory
These were absurdly hard to write and, as often happens when something
is that hard to write, they don't appear to be helpful, as judged by
Murch.  The last time I tried to explain the theory[1], it also sucked,
so maybe this isn't what I'm meant to do.  :-)

The removed text introduces the term "mempool" for this chapter, so a
small edit is made later on to compensate.

[1] https://en.bitcoin.it/wiki/Miner_fees#The_market_for_block_space
2023-08-01 07:53:21 -10:00
David A. Harding
baae9293cf Multi: switch from k-of-n/n-of-n to t-of-k/k-of-k
Suggested by Murchandamus
2023-08-01 07:52:54 -10:00
David A. Harding
644867fd92 CH08: edits for feedback from Murch
- Drop box with Wikipedia definition of digital signatures.  It didn't
  add anything and its accuracy was debatable.

- Use "commitment hash" earlier and more often.

- Fix some variable-name errors in the math

- Correct info about worst-case signature verification cost
2023-08-01 07:52:54 -10:00
David A. Harding
4165d6e113 Appendix Script Ops: remove (replace with link)
During his review, Mark "Murch" Erhardt discovered that the appendix
contained several errors and many entries that were confusing.  When I
looked at the upstream source on the wiki, I discover that it had extra
information that eliminated those problems.  Since we only reference the
appendix twice, don't really go into detail about writing your own
scripts, and since all the information is easily accessible online for
free, we drop the appendix and replace references to it with a link to
the wiki.
2023-08-01 07:52:54 -10:00
David A. Harding
27337e415f CH07 edits for Murch feedback
- Describe OP_CMS pubkey limits for consensus, relay policy, and P2SH.

- Mention that OP_CLTV and OP_CSV leave elements on the stack, unlike
  other VERIFY opcodes.
2023-08-01 07:52:54 -10:00
David A. Harding
491891fdaa CH05-06: edits for Murchandamus feedback
- Explicitly describe what BIPs are before we start dropping references
  to them.

- Mention that addresses don't encode a message, so using a unique
  address that the receiver has privately associated with a spender is
  the only guaranteed way to identify payments from that spender.

- Correct how many blocks need to elapse before an output can be spent
  by an input with a relative lock time.

- Many other small edits.
2023-08-01 07:34:58 -10:00
David A. Harding
a4f337b840 All: update to comply with current draft of bip-bikeshed 2023-08-01 06:44:36 -10:00
David A. Harding
e6f895732a [Housekeeping] Normalize BIP references 2023-08-01 06:44:36 -10:00
David A. Harding
60f25a5985 CH08: fix broken reference 2023-06-28 16:24:41 -10:00
David A. Harding
6ac0122731 CH07-13: edits for arufino feedback (thanks!) 2023-06-28 15:19:52 -10:00
David A. Harding
02d0bdbd62 CH08: add anchor for MAST 2023-06-28 14:31:38 -10:00
David A. Harding
c4007411b4 CH08: fix reference 2023-05-18 15:55:38 -10:00
David A. Harding
037d8108fc CH07 & CH08: edits for arufino feedback (thanks!) 2023-05-08 14:21:49 -10:00
David A. Harding
3ff08d8fff CH09: add info about fees
- New introduction to fees
- More detail about how the fee market works
- Adds RBF and CPFP fee bumping
- Adds transaction pinning
- Adds package relay
- Adds CPFP carve out
- Small edits to 'Adding fees'
- Tiny edits to fee sniping
2023-05-07 09:16:34 -10:00
David A. Harding
02d7401f9d fixmes 2023-04-09 05:52:11 -10:00
David A. Harding
e0af3f1fa3 [Move only] Move CH06/07 fee material to Fees chapter 2023-04-09 05:30:48 -10:00
David A. Harding
e96341c9b7 CH08: add conclusion 2023-04-08 11:42:33 -10:00
David A. Harding
51a71a8e01 CH08: ECDSA terminology update
- "Ephemeral key pair" -> nonce; makes it consistent with schnorr
  section and better composes with section about avoiding nonce reuse

- Changed variables to be consistent with schnorr section
2023-04-08 11:42:33 -10:00
David A. Harding
4f53af3f4e CH08: Add new intro to ECDSA to compare it to schnorr 2023-04-08 11:42:33 -10:00
David A. Harding
4749fc033f CH08: Describe schnorr signatures, multisignatures, t-signatures 2023-04-08 11:42:33 -10:00
David A. Harding
a28d4bb054 CH08: update RFC6979 text to describe BIP340 and synthentic nonces 2023-04-08 11:40:31 -10:00
David A. Harding
5f4a8cfc66 CH08: Edits to intro and other prev edition content 2023-04-08 11:40:31 -10:00
David A. Harding
5515a74870 CH08: update text about flex sighashes to ANYPREVOUT 2023-04-08 11:40:31 -10:00
David A. Harding
260df04abe CH08: clarify that diff sigs in the same input can have diff sighashes 2023-04-08 11:40:31 -10:00
David A. Harding
afed975b8c CH08: Move serialization of ECDSA signatures 2023-04-08 11:40:31 -10:00
David A. Harding
237fd1ea50 CH08: generalize text about signatures (ECDSA->{ECDSA,schnorr}) 2023-04-08 11:40:31 -10:00
David A. Harding
07e475583b CH08: drop paragraph about segwit commiting to input amount
This now has a well-known problem and doesn't provide the guarantees
that were hoped for.
2023-04-08 11:40:31 -10:00
David A. Harding
61369c7206 CH06/07: Update titles, anchors, and cross-references links 2023-04-08 11:40:31 -10:00
David A. Harding
43b736cd3b [Move Only] Content from old ch06/07 to new chapter 8 (signing) 2023-03-31 05:23:35 -10:00
David A. Harding
32d0aca1c0 CH07: Fix chapter heading 2023-03-30 14:20:01 -10:00
David A. Harding
dfb3aae2e0 CH06: try again to fix listing xref 2023-03-30 14:17:54 -10:00
David A. Harding
6dfdbbcd70 CH03/06: remove [listing] tag to see if that fixes ref 2023-03-30 14:09:33 -10:00
David A. Harding
a0a50cb547 CH06: edits for feedback from arufino (thanks!) 2023-03-30 14:01:06 -10:00
David A. Harding
1a27ee296e CH07: Add MAST, P2C, scriptless multisignature, taproot, tapscript 2023-03-30 14:01:06 -10:00
David A. Harding
fe575bb33e CH07: New chapter introduction 2023-03-30 14:01:06 -10:00
David A. Harding
eb1a75ad97 CH07: Minor edits
A bunch of minor edits just from reading through the previous text.
2023-03-30 14:01:06 -10:00
David A. Harding
3d659cec16 CH07: Leave future todo about implications of no script in scriptSig
- E.g., the idea that it might have been possible to implement
  script delegation
2023-03-30 14:01:06 -10:00
David A. Harding
61b18af41b CH07: Update warning about mixing locktimes
We go into more detail about the problems of mixining locktimes, both
CLTV and CSV.
2023-03-30 14:01:06 -10:00
David A. Harding
7b6bc29171 CH07: drop confusing claims about segwit wallet requirements 2023-03-30 14:01:06 -10:00
David A. Harding
90eafb5df8 CH07: Minor: wallets don't need to know what type of wit prog they spend to 2023-03-30 14:01:06 -10:00