public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
* [Bitcoin-development] [RFC] Canonical input and output ordering in transactions
@ 2015-06-06  4:42 Rusty Russell
  2015-06-06  4:46 ` Mark Friedenbach
                   ` (2 more replies)
  0 siblings, 3 replies; 18+ messages in thread
From: Rusty Russell @ 2015-06-06  4:42 UTC (permalink / raw)
  To: Bitcoin Dev

Title: Canonical Input and Output Ordering
Author: Rusty Russell <rusty@rustcorp.com.au>
Discussions-To: "Bitcoin Dev" <bitcoin-development@lists.sourceforge.net>
Status: Draft
Type: Standards Track
Created: 2015-06-06

Abstract

This BIP provides a canonical ordering of inputs and outputs when
creating transactions.

Motivation

Most bitcoin wallet implementations randomize the outputs of
transactions they create to avoid trivial linkage analysis (especially
change outputs), however implementations have made mistakes in this area
in the past.

Using a canonical ordering has the same effect, but is simpler, more
obvious if incorrect, and can eventually be enforced by IsStandard() and
even a soft-fork to enforce it.

Specification

Inputs should be ordered like so:
        index (lower value first)
        txid (little endian order, lower byte first)

Outputs should be ordered like so:
        amount (lower value first)
        script (starting from first byte, lower byte first, shorter wins)

Rationale

Any single wallet is already free to implement this, but if other
wallets do not it would reduce privacy by making those transactions
stand out.  Thus a BIP is appropriate, especially if this were to
become an IsStandard() rule once widely adopted.

Because integers are fast to compare, they're sorted first, before the
lexographical ordering.

The other input fields do not influence the sort order, as any valid
transactions cannot have two inputs with the same index and txid.

Reference Implementation

https://github.com/rustyrussell/bitcoin/tree/bip-in-out-ordering



^ permalink raw reply	[flat|nested] 18+ messages in thread

end of thread, other threads:[~2015-06-24 22:09 UTC | newest]

Thread overview: 18+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2015-06-06  4:42 [Bitcoin-development] [RFC] Canonical input and output ordering in transactions Rusty Russell
2015-06-06  4:46 ` Mark Friedenbach
2015-06-06  6:44   ` Rusty Russell
2015-06-06  8:24   ` Wladimir J. van der Laan
2015-06-06  9:45     ` Mark Friedenbach
2015-06-08 21:25 ` Danny Thorpe
2015-06-08 21:36   ` Peter Todd
2015-06-14 23:04   ` Gregory Maxwell
2015-06-14 23:02 ` Gregory Maxwell
2015-06-15  2:29   ` Rusty Russell
2015-06-15  2:33     ` Gregory Maxwell
2015-06-15  2:47       ` Mark Friedenbach
2015-06-15 21:01         ` Rusty Russell
2015-06-16  7:10           ` Jorge Timón
2015-06-16  8:06             ` Rusty Russell
     [not found]               ` <CABm2gDpkwHvrsB8Dh-hsO6H9trcweEX9XGB5Jh5KLPsPY5Z1Sw@mail.gmail.com>
2015-06-21  7:27                 ` [Bitcoin-development] Fwd: " Jorge Timón
2015-06-15  4:01   ` [Bitcoin-development] " Kristov Atlas
2015-06-24 22:09     ` [bitcoin-dev] " Kristov Atlas

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox