[Bitcoin-development] Lexicographical Indexing of Transaction Inputs and Outputs

Stephen stephencalebmorse at gmail.com
Sat Jun 6 03:20:38 UTC 2015


Hi Kristov,

I like the idea. Mainly because having a standard reminds developers to consider this issue. In addition, we would have visibility into the portion of the network that adopts this strategy to enhance privacy. A few points of feedback:

 - I think your explanation of sorting could be significantly shortened and clarified by simply saying that the TXIDs of inputs should be compared as uint256 integers. 
 - The malleability of input TXIDs, as mentioned in the proposal, could cause inputs to be ordered in a non-standard way. Reordering then them would invalidate the signatures (assuming SIGHASH_ALL), so the transaction would be left with improperly ordered inputs. While not a huge issue, it's not ideal. I think the best way to get around this would be to use normalized TXIDs, but you might also be able to sort based on the previous outputs that each of the inputs are spending? These both require information that may not be readily available, however, and use of normalized transaction IDs is not fully developed yet. 

Best,
Stephen 



> On Jun 5, 2015, at 8:12 PM, Kristov Atlas <kristovatlas.lists at gmail.com> wrote:
> 
> Hello all,
> 
> I have written a draft of a BIP to standardize the sorting of tx inputs and outputs for privacy and security reasons. A few colleagues have reviewed this and provided feedback privately, but now it's ready for feedback from a wider audience.
> 
> If there is positive sentiment about the proposal after feedback is integrated, I aim for a bip number to be assigned and have it accepted into https://github.com/bitcoin/bips 
> 
> Link: https://github.com/kristovatlas/rfc/blob/master/bips/bip-li01.mediawiki
> 
> For your convenience, here's the abstract:
> 
> "Currently there is no standard for bitcoin wallet clients when ordering transaction inputs and outputs. As a result, wallet clients often have a discernible blockchain fingerprint, and can leak private information about their users. By contrast, a standard for non-deterministic sorting could be difficult to audit. This document proposes deterministic lexicographical sorting, using hashes of previous transactions and output indices to sort transaction inputs, as well as value and locking scripts to sort transaction outputs."
> 
> Thanks,
> 
> Kristov Atlas
> Open Bitcoin Privacy Project Contributor, Blockchain.info Security Engineer, etc.
> Twitter: @kristovatlas
> Blog: kristovatlas.com
> ------------------------------------------------------------------------------
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development at lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150605/6364f4b4/attachment.html>


More information about the bitcoin-dev mailing list