-
Notifications
You must be signed in to change notification settings - Fork 5.4k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Replace BIP 21 with a new BIP containing information about more modern usage of it #1555
base: master
Are you sure you want to change the base?
Replace BIP 21 with a new BIP containing information about more modern usage of it #1555
Conversation
(Background discussion for context: https://delvingbitcoin.org/t/revisiting-bip21/630) Thanks for starting this! Conceptually, I agree with the updates but I think we can get a bigger win by advising the use of HRPs directly instead of key-value pairs. The benefits of this approach are:
For senders, this simplifies implementing support for new address types in that clients can implement support for a generic BIP21 URI using HRPs as keys. As the client supports new bech32m encoded addresses, they are supported automatically without any additional changes. Clients would still need to support new payment instructions that instead decided to use a query parameter, but I would expect most (if not all) clients to prefer bech32m encodings now that they get BIP21 support for free. I wrote a rough draft here, feel free use / modify as needed if you find it useful: josibake@07339bd |
I think this ship has sailed, but K/V-vs-no-K has no impact on this. We could do bitcoin:bc1q...?taproot=bc1p. or whatever just fine. Ultimately its probably too late to update how any taproot anything appears in QR codes/URIs.
This is similarly untrue, the only difference is it reduces the characters used for future instructions, but whether it supports future instructions or not, both do.
Indeed, we can save a few characters here or there. I think the ship has similarly sailed for BOLT 11, but of course we can do something different for BOLT 12. Ultimately I think the only difference between the two proposals are:
I think the right approach here is the simpler one, but there's not a really strong reason to prefer either over the other, honestly. |
No, they are not the same. This is especially relevant if wallets are using a BIP21 library: my wallet supports new address type
I'm not really sure what you're getting at here? My proposal is that any new payment addresses must use |
That applies both to a K/V parameter and a non-K/V parameter equally - there's really no difference here. A BIP21 parsing library should pass all parameters that it doesn't know.
Ah, okay, I misunderstood the proposal. I'm not really super excited to bake "future addresses will use bech32m" into the spec in that way, because at some point we're gonna want "bech32n" or some other encoding (which would make sense for stuff that's only in QR codes as you could get the QR a bit denser) and then we'll be back having this same discussion, except now we have to shove everything in K/V pairs because we restricted non-K/V pairs to bech32m-only. |
While certainly not perfect, I think this is better than the alternative of whitelisting a set of addresses that are allowed in a root in this BIP and requiring new formats to specify extension keys. My proposal gives us a way to specify a taproot address in a backwards compatible way, it allows for clients to save space by not needing to redundantly specify |
To be clear, I think we should "whitelist the set of addresses that are allowed in the root" either way. IMO it was a (now-clear) mistake to have taproot at the root rather than in a parameter. Whether we go with K/V or not-K/V we still want to have all future address types in parameters rather than the URI root (and eventually basically phase out the URI root entirely, or at least make it taproot-only). |
Effectively, this is what you get with my proposal:
The only distinction is newer bech32m address types can also be placed in the root. If you're planning to allow |
This is unrelated to the K/V/no-K/V discussion. We can get it either way.
I don't think we should allow this. It would be nice to only have one place to look for a given address type. |
I noticed that there is another pending PR that seeks to amend BIP21 #1394. At first glance, it seems like the change suggested there could be incorporated here. |
bip-0021.mediawiki
Outdated
@@ -39,7 +39,7 @@ Elements of the query component may contain characters outside the valid range. | |||
|
|||
(See also [[#Simpler syntax|a simpler representation of syntax]]) | |||
|
|||
bitcoinurn = "bitcoin:" bitcoinaddress [ "?" bitcoinparams ] | |||
bitcoinurn = "bitcoin:" [ bitcoinaddress ] [ "?" bitcoinparams ] |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I have not been following, but did you consider rejecting empty string after colon, and removing unnecessary interrogation character?
bitcoinurn = "bitcoin:" [ bitcoinaddress ] [ "?" bitcoinparams ] | |
bitcoinurn = "bitcoin:" ( bitcoinaddress [ "?" bitcoinparams ] | bitcoinparams ) |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I’m a bit on the fence regarding this PR. There clearly exists a divergence of the practical use from the specification, and it makes sense to address this and make them line up better. On the other hand, it generally seems counterproductive to ship a new version of a spec under the same label.
I would at least request that the changes are discussed on the mailing list and a Change Log section be added to document when and how the spec was amended. Perhaps it would be better to place these changes into an Appendix that comments on the practical use today and proposes these amendments.
Overall I would prefer a new BIP over changes to a final BIP.
bip-0021.mediawiki
Outdated
*lno: Lightning BOLT12 offers | ||
*sp: Silent Payment addresses | ||
|
||
New payment instructions using bech32 encodings SHOULD reuse their address format's Human Readable Part as the parameter key. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
New payment instructions using bech32 encodings SHOULD reuse their address format's Human Readable Part as the parameter key. | |
New payment instructions using bech32m as address encoding SHOULD reuse their address format's Human Readable Part as the parameter key. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
They aren't always addresses.
Yea, I see that its a bit weird to update something "final", but I think there's also tremendous value in being able to update something so that people aren't led to something that is stale, which would almost certainly happen given the number of existing links and references to "BIP 21". I would also be fine copying + pasting BIP 21 to a new BIP number if we update the headers with a "Superseded: See BIP XXXX" header, however, if we really don't want to update it. I'll wait to address feedback until we have clarity on the forward direction. |
039f1e7
to
76c8049
Compare
It might be useful to posit this amendment idea to the mailing list in order to get more input on the forward direction. |
106b136
to
fedb378
Compare
Done |
I think there's a lot of advantage to updating even final BIPs with information about how those specifications are being widely used in practice, i.e. I don't like adding proposed new features to a final BIP, i.e. defining new keys that haven't be used in practice (like I'd prefer to see this PR revised to only document how BIP21 is used in practice today, with any new proposals placed in a new BIP (which can, of course, be a 99% copy of the existing text). |
The point of the proposed change isn't to define 'sp' specifically but to define the rules for new formats going forward.
I don't think this is a fair characterization. There was a lot of back-and-forth and my understanding is we got to a common ground (or at least equivalent suggestions where it didn't matter all that much where to go). If @josibake still has a different view I'm more than happy to amend the proposal here to make sure we're on the same page. Rather, the back-and-forth there is a great example of why defining some new BIP just to suggest where to put new payment instructions in BIP 21s is going to lead to further fragmentation - lots of people have strong opinions about lots of equivalent naming schemes.
This would be pretty confusing, IMO, since we'd then specify "lighting" as a URI parameter here (since it's already in broad use) and then say "oh, but that's kinda a weird name, in the future please do something different and use the HRP instead" in a different doc. IMO that's likely to lead to a continued proliferation of unrelated keys which is less useful going forward. |
Thinking on this more, I think a policy of "we can update a final BIP to describe what is actually happening in practice but not to give forward guidance on how to do things people are going to do" is inconsistent. This results in a neverending stream of changes to add query parameters that are being used in practice, but we can't add guidance for what query parameters to use to avoid that. |
If there's a reasonable difference of opinion, each person should have equal access to the process for advocating for their position. Each person creating a new BIP is equal access IMO. One person being able to update a final BIP that is already widely deployed and referenced, while other parties can only create a new BIP and try to build support for it, is inequitable IMO. |
Right, I believe my above claim is that there isn't any (more) difference of opinion :). Still, more generally I'm not at all convinced that "access to a document" is somehow privileged, or at least its very explicitly not supposed to be - BIPs are author documents - they aren't somehow blessed and implementers can do whatever they want, as evidenced by the fact that no one complies with BIP 21 given BIP 21 currently doesn't allow bech32[m] payments :) As I mentioned above I'm okay with just saying "no changes at all", but I think your position that we can make some changes (to describe reality) but not others (to provide forward-looking guidance) results in a pretty bad outcome. |
I don't see the resolution to the discussion about bare keys vs key/values above, so it seems open to me, but perhaps you and @josibake hashed it out somewhere else (or I'm just misreading). If it was resolved somewhere else public, I'd appreciate a link, as I was favoring several of Josie's proposals and I'd like to see what persuaded him to accept the full k/v approach.
BIPs in the draft and proposed stage are author documents for sure, but it doesn't seem clear to me that they should remain author documents once they enter the final state. If people implement a supposedly final specification and then the specification changes, that may unnecessarily lead to miscommunication. @ajtowns dealt with this problem in BINANAs by giving them revision numbers, so e.g. if I want to reference that a particular implementation of
I'm also ok with "no changes at all". That said, I think describing reality, especially if it's made clear that it differs from the original specification, is very advantageous to later implementers and those attempting to understand how their modern software works. Not providing post-final forward-looking guidance in the updated BIP doesn't mean that we can't provide that guidance elsewhere, such as a new BIP or a link to a wiki page (in BIP125, I included a link to a wiki page to help foster collaboration among implementers and provide a source of living documentation). I do want to mention that none of the above is a hill I care to die on; it's just my opinion about editing final BIPs. If nobody else thinks this is a problem, I'm ok with this PR being merged as-is. |
The point of a BIP is to have the information people need to implement it in one convenient place. That includes guidance for how to do the things people want to do. Updating to say "btw, people put BOLT11s in the
As long as the BIP gets marked "superseded" with a big link to some new BIP I'm happy with that. Just providing a link in a footnote also does not accomplish this, though, because people will just miss it. |
That's certainly ideal. However, I think in the case of final BIPs, that ideal conflicts with the ideal of not giving anyone unnecessarily privileged access to the specification process. If there is more than one reasonable way to do something, I don't think the author of a long-adopted spec should be able to use that spec to favor their preferred choices. Which ideal is more important, better documentation or less privilege? I don't know, which is why I'm ok with this PR being merged even if I'd prefer to see it reduced to only describing how current widely adopted behavior differs from the original spec. |
I'll be honest, I'd never considered that an ideal of the BIP process, including the reason for final BIPs. Of course no one should have some kind of priviledged access to changing Bitcoin, but the BIP process hasn't historically been the gate for that. Admittedly I'm not quite sure what ideal/goal we seek to meet with having a "final" state - I'd always considered it to exist because we don't have a concept of an "accepted" BIP (because the BIP process isn't for "accepting" ideas), but we still need some way to mark something as different from "draft"/proposed. In that context, the "final" concept only really makes any sense for consensus change BIPs. You could argue that a BIP in sufficient adoption is "final" in that future changes don't make sense as they invalidate existing implementations which makes no sense, but that doesn't really answer what to do about forward guidance as is proposed here (presumably it's fine?) |
Just one note regarding updating a final BIP: there's a huge difference between documenting which parameters people use (the spec specifically allows using custom parameters) and documenting that everyone actually ignores the specification in regard to bech32. It also looks to me that the requirement to use base58 was a mistake. I think it'd make sense to amend that part and that part only. Use a new BIP for everything else. |
In addition to a BOLT12
with more explanation later on....
|
BOLT 12 invoice_requests are not intended to be published. What you're looking for are BOLT 12 refunds. You are right that this could include refunds explicitly, however there's no reason to - it specifies that new types should simply use the bech32 HRP as the key. |
Not sure how you can say Are you saying that the key |
I believe its just a stale line that has slipped in. There is now a dedicated "refund" type which addresses that use-case. Thanks for reporting lightning/bolts#798 (comment)
Yep! |
Looking at @rustyrussell's reply, it seems as there is no explicit refund workflow, it is instead just a modified use case of the offer workflow that can use used for refunds if you want to. So, in that use case, yes, I do think that
Great, what is cool about this once this is supported by wallets, you can basically make QR code and a paper note with this standard and pass that around to people similar to a paper check, redeemable instantly from your lightning node! This is a great way to make backup in case your phone gets smashed before going on a trip. You can make notes in many denominations and destroy them whenever you want. |
BIP-0353 uses this BIP (even though it says it uses BIP-0021). This BIP (and BIP-21) result in long URI. This presents a problem for QR code encoding and just simple writing of them in messages, etc. Wondering if we can have another URI form that will resolve a BIP-0353 address? For example, encoding something such as Possibly this discussion is about BIP-0353 and not a replacement to BIP-0021, but I'm not sure of the latest discussion area for BIP-353 since it is already issued and it doesn't really pertain to URI prefixes that trigger applications from the operating system, only how wallet applications should behave inside themselves. |
Haven't read the entire discussion here, but skimmed the proposed changes. FWIW, we're thinking of using BIP-21 for Ark addressing so that we can support bolt12 fallback easily. Also it gives flexibility to Ark implementations to support different arguments in a flexible key-value fashion. The most important change (probably even only) to BIP21 that we need is to make the address part optional. I see that is already being proposed here. The URIs would then look something like this:
Note that a wallet that doesn't support Ark can just read the bolt12 argument and deliver over lightning, while an Ark wallet can attempt to deliver straight over Ark. Also, could this simply be an amendment to BIP21? Instead of getting a new number assigned? |
In generally you should strongly prefer not to do this. BIP 353 even says so explicitly, saying
This is because if at all possible we should strongly prefer to avoid trusting the entire DNS+domain infrastructure - if there's a communication channel between the sender and recipient, that should be used to exchange cryptographic keys directly, rather than introducing an entire centralized stack as a trusted third party. Addressing QR code size is something individual protocols should do on their own (eg BOLT 12 in the lightning world has very small "offers" by just communicating what's required to fetch further payment instructions.
Nice!
It would be kinda nice to stick with the recommendations here of using bech32 HRPs as the keys in the query parameters. I assume you'll want some kind of bech32 string to communicate ark recipient info anyway (yay checksums), so might as well use it as-is here?
Heh, lots of back-and-forth on that...BIP 21 is pretty ancient, so might as well just say we're replacing it and mark it DEPRECATED in bold at the top 🤷♂️ |
Yea, sadly BOLT12 seeks to have privacy through blinded paths, but receivers who struggle to fit things in QR codes can opt to reduce size by trading off privacy. Also note that if you're putting a bech32 string in a QR code you really need to uppercase the entire thing, which makes things much less dense. For people who want tons of options for payments in QR codes, we really should be thinking about something other than BIP 353 - we could publish full payment info in nostr or some other trivial bulletin board (in some kind of encrypted + blinded form where each fresh QR code leads to new payment details to avoid correlation), etc. |
This seems to me a bit like it is getting back to a heavy software stack, but maybe it is unavoidable. I like to sticking to DNS as the datastore because it is fairly low on the software stack. Wondering if we can in any way to make a more compact URI that includes |
Signing the DNS content via a direct key is great, but you start hitting censorship risk. Just telling people a nameserver IP doesn't really solve it, either, because in most cases people are trusting a third party to host that who can then censor them. You really just don't want to use DNS for this. |
Responded to some of the feedback, but still need to answer more. Since I'm writing a new BIP I'm gonna take this opportunity to define a new callback scheme which allows for wallets to return proof of payment to the initiating application. This is critical for lightning payments initiated by one app if the app itself isn't the recipient of the payment. |
Okay, I believe I've addressed all the comments here. |
bip-XXXX.mediawiki
Outdated
|
||
The URI MAY include a "pop" (or "req-pop") parameter who's value can be used to build a URI which the wallet application can, after payment completes, "open" to provide proof the payment was completed or other information about the payment. | ||
|
||
The value of a "pop" (or "req-pop") parameter shall be a percent-encoded (per RFC 3986 section 2.1) URI prefix. The wallet application, if it supports providing payment information SHOULD percent-decode the provided URI once then append the Payment Information to the resulting URI and open it with the default system handler for the given URI. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why did you choose to directly append instead of providing the pop
as a query param? It feels easier to parse to me if the wallet adds the pop as one or multiple query params added to the provided URI, for example:
- for on-chain payments:
txid=<tx_id>&tx=<hex_encoded_tx>
- for bolt 11 payments:
preimage=<hex_encoded_payment_preimage>
- for bolt 12 payments:
preimage=<hex_encoded_payment_preimage>&invoice=lni...
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Why did you choose to directly append instead of providing the pop as a query param?
I originally had it this way, but decide its more generic to have the initiating wallet specify the URI how they want, as they can always specify a URI that ends in ?pop=
and go from there.
multiple query params
Mmm, good point, I was thinking looking at something else that, duh, we need a way to expose which payment parameter was used...How about just doing payment arg=pop
(with a special onchain
arg if the address was in the uri body). So like it'd be onchain=hexencodedtx
or lightning=preimage
or lno=preimage_and_invoice
(or whatever format we use for standardized bolt 12 pops)? That way its still clear what the PoP came from, it reuses the keys from the original bitcoin URI so its well known where they're gonna be (and we don't have to worry about defining them going forward and making sure things dont conflict) and the initiator can even pass &pop=
at the end cause pop=lightning=preimage
is a perfectly valid parameter!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Good idea, that sounds good to me!
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
ACK d7c021a
@dpad85 @robbiehanson what do you think of this? It would be useful to have a prototype implementation of this in Phoenix.
|
||
The value of a "pop" (or "req-pop") parameter shall be a percent-encoded (per RFC 3986 section 2.1) URI prefix. The wallet application, if it supports providing payment information SHOULD percent-decode the provided URI once, append the query parameter key from which the payment instructions used were read, append a single =, and finally append the Payment Information to the resulting URI and open it with the default system handler for the URI. For payment instructions read from the body of the URI, "onchain" SHALL be used in place of the key. | ||
|
||
A wallet MUST validate that the provided URI's scheme is not (case-insensitive) "http", "https", "file", "javascript", "mailto" or any other scheme which will open in a web browser prior to opening it. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
I want to get feedback on this line. My thinking here is that there may be some link to a bitcoin: URI in, eg, a social media site or some other context where the user might click it, pay, but then doesn't want the callback to open a random website that then will reveal the sender's IP. However, it does limit the utility somewhat. Specifically web apps will be unable to get callbacks directly without registering a URI handler.
I'm curious if/on what platforms registering a URI handler for a web app is annoying to deal with, and if the tradeoff here makes sense. I strongly dont want to introduce an IP leak because of this, but also there may be some platforms where we really have to.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
If IP address leak is the only concern, "http" and "https" could be allowed with .onion and .i2p hostnames as exception.
As Bitcoin has grown, the introduction of new address formats describing new forms of payment instructions has become increasingly fraught with compatibility issues. Not only does there exist traditional on-chain addresses, but some recipients wish to receive Lightning (when the sender supports it) or newer formats such as Silent Payments.
This has led to increasing use of the BIP 21 query parameters to encode further optional payment instructions.
Looking forward, as new payment instructions get adopted, it makes much more sense to include them in query parameters rather than replace the existing address field, ensuring compatibility with senders and recipients who may or may not be upgraded to support all the latest payment instructions.
This updates BIP 21 to suggest that future address formats do this.
Further, it updates BIP 21 to allow an empty bitcoin address in cases where new payment instructions have moved to becoming mandatory. This isn't a backwards-incompatible change any more than switching to a new address format is, so doesn't impact existing BIP 21 implementations in a new way, however provides a nice conclusion to the query-parameter-based upgrade path - once a form of payment instructions has broad adoption, senders can simply drop the existing address field, keeping their existing query parameter encoding, rather than replace the existing address field. It also addresses the question of what to do if a wallet no longer wishes to receive some legacy on-chain address, but has multiple payment instruction formats that they wish to include - deciding which one to place in the address field would be a difficult task.