[bitcoin-dev] Why SegWit Anyway?

Johnson Lau jl2012 at xbt.hk
Mon Nov 20 19:58:57 UTC 2017


Not really. BIP140 might be easier to implement, but in longterm the UTXO overhead is significant and unnecessary. There are also other benefits of segwit written in BIP141. Some of those are applicable even if you are making a new coin.

> On 21 Nov 2017, at 2:07 AM, Praveen Baratam <praveen.baratam at gmail.com> wrote:
> 
> BIP 140 looks like it solves Tx Malleability with least impact on current practices. It is still a soft fork though.
> 
> Finally, if we were to create an alternative cyptocurrency similar to Bitcoin, a Normalized Tx ID approach would be a better choice if I get it right!
>> 
> On Mon, Nov 20, 2017 at 11:15 PM, Johnson Lau <jl2012 at xbt.hk <mailto:jl2012 at xbt.hk>> wrote:
> We can’t “just compute the Transaction ID the same way the hash for signing the transaction is computed” because with different SIGHASH flags, there are 6 (actually 256) ways to hash a transaction.
> 
> Also, changing the definition of TxID is a hardfork change, i.e. everyone are required to upgrade or a chain split will happen.
> 
> It is possible to use “normalised TxID” (BIP140) to fix malleability issue. As a softfork, BIP140 doesn’t change the definition of TxID. Instead, the normalised txid (i.e. txid with scriptSig removed) is used when making signature. Comparing with segwit (BIP141), BIP140 does not have the side-effect of block size increase, and doesn’t provide any incentive to control the size of UTXO set. Also, BIP140 makes the UTXO set permanently bigger, as the database needs to store both txid and normalised txid
> 
>> On 21 Nov 2017, at 1:24 AM, Praveen Baratam via bitcoin-dev <bitcoin-dev at lists.linuxfoundation.org <mailto:bitcoin-dev at lists.linuxfoundation.org>> wrote:
>> 
>> Bitcoin Noob here. Please forgive my ignorance.
>> 
>> From what I understand, in SegWit, the transaction needs to be serialized into a data structure that is different from the current one where signatures are separated from the rest of the transaction data.
>> 
>> Why change the format at all? Why cant we just compute the Transaction ID the same way the hash for signing the transaction is computed?
>> 
>> -- 
>> Dr. Praveen Baratam
>> 
>> about.me <http://about.me/praveen.baratam>_______________________________________________
>> bitcoin-dev mailing list
>> bitcoin-dev at lists.linuxfoundation.org <mailto:bitcoin-dev at lists.linuxfoundation.org>
>> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>
> 
> 
> 
> 
> -- 
> Dr. Praveen Baratam
> 
> about.me <http://about.me/praveen.baratam>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20171121/27d81473/attachment-0001.html>


More information about the bitcoin-dev mailing list