BIP-0322: polishing follow-up #2155

pull guggero wants to merge 4 commits into bitcoin:master from guggero:bip-0322-follow-up changing 2 files +57 −54
  1. guggero commented at 7:24 AM on May 8, 2026: contributor

    Addresses a couple of review comments in #2141 as a follow-up.

  2. guggero force-pushed on May 8, 2026
  3. in bip-0322.mediawiki:37 in d9feef36b5 
      33 | @@ -33,7 +34,8 @@ interoperability with existing signing hardware, we also define a signature mess
  34 |  resembles a Bitcoin transaction (except that it contains an invalid input, so it cannot be spent on
  35 |  any real network).
  36 |  
  37 | -The Proof of Funds variant allows demonstrating control of a set of UTXOs.
  38 | +The [[bip-0322.mediawiki#full-proof-of-funds|Proof of Funds]] variant allows demonstrating control
    jonatack commented at 6:40 PM on May 8, 2026:

    Do you think an anchor link would be best here?

    See just-merged https://github.com/bitcoin/bips/pull/2091/changes for the format.

  4. jonatack added the label BIP Update by Owner on May 8, 2026
  5. in bip-0322.mediawiki:264 in d9feef36b5
    jonatack commented at 7:07 PM on May 8, 2026:

    Let ''T'' be

    Highlighting this typo separately.

    danielabrozzoni commented at 1:45 PM on May 11, 2026:

    to_spend is not formatted correctly, it's </code>to_spend</code> but should be <code>to_spend</code> (note the extra / in the opening tag)

    guggero commented at 11:11 AM on May 13, 2026:

    Nice catch too, thanks. Fixed.

  6. jonatack commented at 7:22 PM on May 8, 2026: member

    Thanks for following up @guggero!

    Here are some suggested edits. Feel free to pick and choose (or for the BIP names, adopt a different format to be used consistently):

    https://github.com/jonatack/bips/commits/2026-05-bip322-suggested-edits-or-areas-of-feedback/

  7. guggero force-pushed on May 9, 2026
  8. guggero commented at 3:56 PM on May 9, 2026: contributor

    Thanks a lot for the review and suggested fixes, @jonatack! Took almost all of them, really appreciate the inputs.

    I also added a commit to clarify the use of the SIGHASH_DEFAULT for Taproot-based inputs.

  9. in bip-0322.mediawiki:39 in 6a61279d6c 
      39 |  resembles a Bitcoin transaction (except that it contains an invalid input, so it cannot be spent on
  40 |  any real network).
  41 |  
  42 |  The [[#full-proof-of-funds|Proof of Funds]] variant allows demonstrating control
  43 |  of a set of UTXOs in addition to the message being signed.
  44 |  The list of UTXOs may or may not be related to the address being signed with (the
    danielabrozzoni commented at 1:27 PM on May 11, 2026:

    I'm a bit unsure about this sentence... I think this is an implementation detail that doesn't really belong in the motivation. Also, before reading the whole BIP, I found this sentence to be a bit confusing, it almost reads as if a signer could prove ownership of arbitrary UTXOs, including ones they don't control.

    guggero commented at 11:10 AM on May 13, 2026:

    You're right, this sounds weird in the motivation. I moved the section to the definition of the Proof of Funds variant and also attempted to make it more clear in what it means. What do you think?

  10. in bip-0322.mediawiki:159 in 6a61279d6c 
     157 | -tag = <code>BIP0322-signed-message</code> and <code>m</code> is the message as is without length
 158 | +where <code>message_hash</code> is a BIP340-tagged hash of the message, i.e., sha256_tag(m), where
 159 | +tag = <code>BIP0322-signed-message</code> and <code>m</code> is the message as-is without length
 160 |  prefix or null terminator, and <code>message_challenge</code> is the to be proven (public) key
 161 | -script.
 162 | +script to be proven.
    danielabrozzoni commented at 1:28 PM on May 11, 2026:

    this sentence contains "to be proven" twice: " is the to be proven (public) key script to be proven."

    jonatack commented at 6:53 PM on May 11, 2026:

    suggest dropping the first occurrence and keeping the second one

    guggero commented at 11:11 AM on May 13, 2026:

    Ah yes, that didn't make sense at all. Fixed.

  11. in bip-0322.mediawiki:459 in 6a61279d6c 
     454 | @@ -455,8 +455,8 @@ A '''transaction finalizer''' of a BIP-0322 PSBT must follow these steps:
 455 |  
 456 |  == Compatibility ==
 457 |  
 458 | -This specification is backwards compatible with the legacy signmessage/verifymessage specification
 459 | -through the special case as described above.
 460 | +This specification is backwards-compatible with the legacy signmessage/verifymessage specification
 461 | +through the special case [#legacy|as described above].
    danielabrozzoni commented at 1:32 PM on May 11, 2026:

    The [#legacy|as described above] is not a link on Github, and is shown as this:

    <img width="1012" height="72" alt="Image" src="https://github.com/user-attachments/assets/6727438b-3242-44f3-be63-0f2989c3703b" />

    I think you want it written as: [[#legacy|as described above]].

    Also, you may want to move this to the second commit (it's in the fourth one at the moment).

    guggero commented at 11:11 AM on May 13, 2026:

    Right, good catch!

  12. danielabrozzoni commented at 1:50 PM on May 11, 2026: member

    Left some comments. It's my first time reading BIP322, so I also left some comments outside of the current PR diff :)

  13. in README.mediawiki:1079 in 6a61279d6c 
    1075 | @@ -1076,7 +1076,7 @@ users (see also: [https://en.bitcoin.it/wiki/Economic_majority economic majority
1076 |  | [[bip-0322.mediawiki|322]]
1077 |  | Applications
1078 |  | Generic Signed Message Format
1079 | -| Karl-Johan Alm
1080 | +| Karl-Johan Alm, guggero
    jonatack commented at 6:59 PM on May 11, 2026:

    In the README, author names tend to be capitalized, and mostly real names instead of GitHub pseudonyms. It might be more a convention than a rule, though.

    murchandamus commented at 9:34 PM on May 11, 2026:

    The value in the README has to match the value in the Authors header in the document, so if you capitalize one, capitalize both.

    guggero commented at 11:11 AM on May 13, 2026:

    Okay, makes sense. Updated.

  14. in bip-0322.mediawiki:31 in 6a61279d6c 
      31 |  
  32 |  The current message signing standard only works for P2PKH (1...) invoice addresses. We propose to
  33 | -extend and generalize the standard by using a Bitcoin Script based approach. This ensures that any
  34 | -coins, no matter what script they are controlled by, can in-principle be signed for. For easy
  35 | -interoperability with existing signing hardware, we also define a signature message format which
  36 | +extend and generalize the standard by using an approach based on a Bitcoin Script. This ensures that
    jonatack commented at 7:03 PM on May 11, 2026:

    Not sure, but I think you wanted to write "an approach based on Bitcoin Script" here, rather than "an approach based on a Bitcoin Script" (and the first one seems closer to the current meaning).

    extend and generalize the standard by using an approach based on Bitcoin Script. This ensures that
    guggero commented at 11:12 AM on May 13, 2026:

    Yes of course, copy/paste mistake :sweat_smile: Thanks, fixed.

  15. in bip-0322.mediawiki:252 in 6a61279d6c 
     248 | @@ -247,7 +249,7 @@ Validation consists of the following steps:
 249 |  ## Confirm that the two transactions together satisfy all consensus rules, except for <code>to_spend</code>'s missing input, and except that ''nSequence'' of <code>to_sign</code>'s first input and ''nLockTime'' of <code>to_sign</code> are not checked.
 250 |  # (Optional) If the validator does not have a full script interpreter, it should check that it understands all scripts being satisfied. If not, it should stop here and output ''inconclusive''.
 251 |  # Check the '''required rules''':
 252 | -## All signatures must use the SIGHASH_ALL flag.
 253 | +## All signatures must use the <code>SIGHASH_ALL</code> (or <code>SIGHASH_DEFAULT</code> for [[bip-0341.mediawiki|BIP341 P2TR]] inputs) flag.
    murchandamus commented at 3:15 PM on May 12, 2026:

    The phrasing here feels a bit cumbersome. How about:

    ## All signatures MUST use the <code>SIGHASH_ALL</code> flag, unless the output type supports <code>SIGHASH_DEFAULT</code>, which then MAY be used alternatively (e.g., [[bip-0341.mediawiki|BIP341 P2TR]]).
    guggero commented at 11:12 AM on May 13, 2026:

    Much better, thank you!

  16. murchandamus commented at 3:16 PM on May 12, 2026: member

    Good improvements. I just have one additional suggestion.

  17. murchandamus added the label PR Author action required on May 12, 2026
  18. BIP-0322: change role to author, add required BIPs ad0e02f746
  19. BIP-0322: link to later sections for clarity 52b2e6d81b
  20. BIP-0322: clarify sighash flag for P2TR 352c66b783
  21. guggero force-pushed on May 13, 2026
  22. murchandamus removed the label PR Author action required on May 13, 2026
  23. in bip-0322.mediawiki:173 in ae43dce51e 
     166 | @@ -175,13 +167,22 @@ A ''full'' signature consists of the variant-prefixed (<code>ful</code>) base64-
 167 |  
 168 |  === Full (Proof of Funds) ===
 169 |  
 170 | +The [[#full-proof-of-funds|Proof of Funds]] variant extends the basic scheme: in addition to signing
 171 | +a message under a single address's key, the signer proves control over an arbitrary set of UTXOs.
 172 | +This UTXO set is chosen freely by the signer and need not be associated with the signing address
 173 | +(the <code>message_challenge</code>. For example, it may consist of outputs paid to that address,
    murchandamus commented at 6:12 PM on May 13, 2026:

    There is at least a closing parenthesis missing here, but the first sentence reads a bit wonky.

    guggero commented at 9:31 AM on May 14, 2026:

    Oops, thanks. Fixed and slightly reformulated.

  24. murchandamus commented at 6:16 PM on May 13, 2026: member

    Sorry for the piece-meal review: I noticed an open parenthesis that isn’t being closed on this read. Other than that all the changes looks good to me. Let’s get this shipped. :)

  25. BIP-0322: grammar and readability touchup
    Co-authored-by: Jon Atack <jon@atack.com>
    46bfccd318
  26. guggero force-pushed on May 14, 2026
  27. danielabrozzoni approved
  28. danielabrozzoni commented at 10:16 AM on May 14, 2026: member

    Looks good to me! I read the whole document, but I didn't do an in depth review of the "Detailed Specification" section.

    Thanks for moving the Proof of Funds part outside the motivation, and congrats on becoming a BIP author :)

  29. murchandamus approved
  30. murchandamus commented at 12:26 PM on May 14, 2026: member

    LGTM

  31. murchandamus merged this on May 14, 2026
  32. murchandamus closed this on May 14, 2026
  33. guggero deleted the branch on May 14, 2026
Contributors
guggerojonatackdanielabrozzonimurchandamus
Labels
BIP Update by Owner
Linked (view graph)
#2141 BIP-0322: clarify motivation/purpose, add prefix, clarify Proof of Funds format, describe PSBT based signing
github-metadata-mirror

This is a metadata mirror of the GitHub repository bitcoin/bips. This site is not affiliated with GitHub. Content is generated from a GitHub metadata backup.
generated: 2026-05-19 06:50 UTC