You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Copy file name to clipboardExpand all lines: reference.html
-99Lines changed: 0 additions & 99 deletions
Original file line number
Diff line number
Diff line change
@@ -88,105 +88,6 @@ <h3 class="card-header">
88
88
89
89
</div>
90
90
91
-
<divclass="card-block">
92
-
<p>
93
-
<em>Miniscript</em> is a language for writing (a subset of) Bitcoin Scripts in a structured way, enabling analysis, composition, generic signing and more.
94
-
95
-
<p>
96
-
Bitcoin Script is an unusual stack-based language with many edge cases, designed for implementing spending conditions consisting of various combinations of
97
-
signatures, hash locks, and time locks. Yet despite being limited in functionality it is still highly nontrivial to:<ul>
98
-
<li>Given a combination of spending conditions, finding the most economical script to implement it.</li>
99
-
<li>Given two scripts, construct a script that implements a composition of their spending conditions (e.g. a multisig where one of the "keys" is another multisig).</li>
100
-
<li>Given a script, find out what spending conditions it permits.</li>
101
-
<li>Given a script and access to a sufficient set of private keys, construct a general satisfying witness for it.</li>
102
-
<li>Given a script, be able to predict the cost of spending an output.</li>
103
-
<li>Given a script, know whether particular resource limitations like the ops limit might be hit when spending.</li>
104
-
</ul>
105
-
106
-
<p>
107
-
Miniscript functions as a representation for scripts that makes these sort of operations possible. It has a structure that allows composition. It is very easy to
108
-
statically analyze for various properties (spending conditions, correctness, security properties, malleability, ...). It can be targeted by spending policy compilers
109
-
(see below). Finally, compatible scripts can easily be converted to Miniscript form - avoiding the need for additional metadata for e.g. signing devices that support it.
110
-
111
-
<p>
112
-
Miniscript is designed for (P2SH-)P2WSH and Tapscript (as defined in BIP342) embedded scripts. Most of its constructions
113
-
work fine in P2SH as well, but some of the (optional) security properties rely on Segwit-specific rules. Furthermore,
114
-
the implemented policy compilers assume a Segwit-specific cost model.
115
-
116
-
<p>
117
-
Miniscript was designed and implemented by Pieter Wuille, Andrew Poelstra, and Sanket Kanjalkar at Blockstream Research, but is the result of discussions with several other people.
118
-
119
-
<p>
120
-
Links:<ul>
121
-
<li>This <ahref="http://bitcoin.sipa.be/miniscript">website</a> and C++ compiler: <ahref="https://github.com/sipa/miniscript">[code]</a></li>
122
-
<li>Bitcoin Core compatible C++ implementation: <ahref="https://github.com/sipa/miniscript/tree/master/bitcoin/script">[code]</a></li>
<li>Talk about (an early version of) Miniscript at <ahref="https://cyber.stanford.edu/sbc19">SBC'19</a>: <ahref="https://www.youtube.com/watch?v=XM1lzN4Zfks">[video]</a><ahref="http://diyhpl.us/wiki/transcripts/stanford-blockchain-conference/2019/miniscript/">[transcript]</a><ahref="https://prezi.com/view/KH7AXjnse7glXNoqCxPH/">[slides]</a></li>
125
-
</ul>
126
-
127
-
</div>
128
-
</div>
129
-
130
-
<divclass="card mb-3 text-left">
131
-
<h3class="card-header">Policy to Miniscript compiler</h3>
132
-
<divclass="card-block">
133
-
134
-
<p>Here you can see a demonstration of the P2WSH Miniscript compiler. Write a spending policy according to the instructions below, and observe how it affects the constructed Miniscript.
<li><samp>pk(<em>NAME</em>)</samp>: Require public key named <em>NAME</em> to sign. <em>NAME</em> can be any string up to 16 characters.</li>
142
-
<li><samp>after(<em>NUM</em>)</samp>, <samp>older(<em>NUM</em>)</samp>: Require that the <samp>nLockTime</samp>/<samp>nSequence</samp> value is at least <em>NUM</em>. <em>NUM</em> cannot be 0.</li>
143
-
<li><samp>sha256(<em>HEX</em>)</samp>, <samp>hash256(<em>HEX</em>)</samp>: Require that the preimage of 64-character <em>HEX</em> is revealed. The special value <samp>H</samp> can be used as <em>HEX</em>.</li>
144
-
<li><samp>ripemd160(<em>HEX</em>)</samp>, <samp>hash160(<em>HEX</em>)</samp>: Require that the preimage of 40-character <em>HEX</em> is revealed. The special value <samp>H</samp> can be used as <em>HEX</em>.</li>
145
-
<li><samp>and(<em>POL</em>,<em>POL</em>)</samp>: Require that both subpolicies are satisfied.</li>
146
-
<li><samp>or([<em>N</em>@]<em>POL</em>,[<em>N</em>@]<em>POL</em>)</samp>: Require that one of the subpolicies is satisfied. The numbers N indicate the relative probability of each of the subexpressions (so <samp>9@</samp> is 9 times more likely than the default).</li>
147
-
<li><samp>thresh(<em>NUM</em>,<em>POL</em>,<em>POL</em>,...)</samp>: Require that NUM out of the following subpolicies are met (all combinations are assumed to be equally likely).</li>
148
-
</ul></div>
149
-
Fill field with:
150
-
<ul>
151
-
<li><aclass="demo_link" href='javascript:load_policy("pk(key_1)")'>A single key</a>
152
-
<li><aclass="demo_link" href='javascript:load_policy("or(pk(key_1),pk(key_2))")'>One of two keys (equally likely)</a>
153
-
<li><aclass="demo_link" href='javascript:load_policy("or(99@pk(key_likely),pk(key_unlikely))")'>One of two keys (one likely, one unlikely)</a>
154
-
<li><aclass="demo_link" href='javascript:load_policy("and(pk(key_user),or(99@pk(key_service),older(12960)))")'>A user and a 2FA service need to sign off, but after 90 days the user alone is enough</a>
155
-
<li><aclass="demo_link" href='javascript:load_policy("thresh(3,pk(key_1),pk(key_2),pk(key_3),older(12960))")'>A 3-of-3 that turns into a 2-of-3 after 90 days</a>
0 commit comments