Number: HIP-0009
Title: Standard Recoverable Script Addresses
Type: Standards
Status: Draft
Authors: Chi Kei Chan <[email protected]>
Matthew Zipkin <[email protected]>
Kurumi Imari <https://github.com/kurumiimari>
Created: 2021-10-21
We propose a method for generating application-specific scripts and scripthash addresses by deriving key pairs from specific BIP44 branches.
Secondary market protocols, like Shakedex (see HIP-1), currently generate a new private key for each script address, which makes recovery possible only as long as the user has backed up each individual key they generate. By deterministically deriving script addresses using a standard BIP44 wallet seed, we can recover the user's auction listing and pending fills by importing the seed, re-generating the script addresses and re-scanning the blockchain.
Recall from BIP32
that keys are derived from a series of 4-byte indexes. Indexes lower than 0x7fffffff
are derived using non-hardened derivation, which is required if an algorithm
only has access to the public key.
Recall from BIP44 that wallets using standard BIP32 paths can regenerate all of a user's private keys and addresses and then, by re-scanning the blockchain, restore the entire previous state of the wallet. The standard is common enough for interoperability between wallet implementations.
BIP44 specifies the following derivation path using BIP32:
m' / purpose' / coin_type' / account' / branch / address_index
(note that '
denotes hardened derivation)
BIP44 also specifies the use of purpose: 44'
and defines two branch indexes:
0x00000000
: receive addresses ("external")0x00000001
: change addresses ("internal")
Note that bcoin uniquely uses branch 0x00000002
for
generating nested segwit addresses.
This is only used for Bitcoin of course but exists as "prior art" reference.
This HIP document should be maintained as a directory for new script address protocols. Proposals should follow the existing examples and these guidelines:
- "branch" is always expressed as four bytes in hexadecimal.
- "name" can be a casual identifier or application title.
- "script" should list the redeem script for the address using opcode symbols,
and indicate in
{{double-curly-braces}}
where the BIP44-derived public key belongs in the script. Some protocols may require additional public keys from other accounts, etc and we invite those developers to extend the notation here as they see fit. Portions of this field may be left ambiguous as long as it is well-documented in attached links. - "notes / links" should direct developers to additional documentation or existing implementations for further detail.
branch | name | script | notes / links |
0x0073646c |
Shakedex |
OP_TYPE 0x09 OP_EQUAL OP_IF {{public key at index n}} OP_CHECKSIG OP_ELSE OP_TYPE 0x0a OP_EQUAL OP_ENDIF |
73646c is ASCII for "sdl" or "ShakeDex Lock script" Implemented in
Gohan and
Bob Wallet.
The script is defined and explained in
HIP-1.
|