Skip to content

Instantly share code, notes, and snippets.

@AdamISZ
Last active April 3, 2023 20:10
Show Gist options
  • Save AdamISZ/ddfa49c5fc0e7aeddc7e23e9b909f2a1 to your computer and use it in GitHub Desktop.
Save AdamISZ/ddfa49c5fc0e7aeddc7e23e9b909f2a1 to your computer and use it in GitHub Desktop.
Compressed tx transfer

Looking for optimally minimal data transfer to send a transaction.

Just throwing this out there; I'm sure we can do better.

Some stuff should be pre-agreed by anyone following this protocol. For example:

  • Preagreed: script type (say legacy P2PKH)
  • Preagreed: version 1, locktime 0, sequence maxint-1, fee 10K sats (tweak this later)

Receiver has address AR, requests X sats.

Computes scriptpubkeyhash ARSPKH 20 bytes in this case.

Sends ARSPKH + amt encoded as varint (5 bytes), total 25 bytes.

Sender finds a chosen utxo U1, on a pubkey PS, not currently reused. Same script type (P2PKH).

Constructs TX: input 0: U1+vout for PS

output 0: ARSPKH with amt as noted above.

output 1: change, back to PS encoded as P2PKH, amt is U1+vout's amount minus amt above minus 10Ksat fee.

signs and gets sig S.

Un-DER encodes S to get (r, s) of exactly 64 bytes (ignore sign).

Sends PS+S (total: 33+64 = 97 bytes).

Receiver gets 97 bytes.

  1. Extracts PS as first 33; converts to address P2PKH; looks up on blockchain; recovers only existing utxo U1 with amount.
  2. Extracts (r, s) from s and re-DER-encodes to get S*.
  3. Reconstructs transaction as in "Constructs TX" above
  4. Verifies re-DER-encoded S* to see if it fits, if not flip sign until it does.
  5. Inserts valid S and broadcasts.

Sender: 25 bytes.

Receiver: 97 bytes.

Probably can do better. Bad stuff includes:

  • P2PKH is bad not least because non-segwit doesn't sign over value which is a risk factor.
  • Address reuse is always a bad thing.
@remyers
Copy link

remyers commented Mar 6, 2019

What do you think of using a short hash of an extended public key (BIP-32) or even better, a PayNym (BIP-47) to communicate public key information? The xPub or Paynym could be looked up in a directory. For very short hashes, it might take some iterating to find the match to the signature, but trading-off computation for bandwidth might be worth it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment