This modifies commits provided by @petertodd to use the terms "pubkey
script" and "signature script" instead of other terms.
* Rename "scriptPubKey" and "output script" to "pubkey script"
(suggested by @luke-jr). We leave a token "scriptPubKey" at the point
where we define pubkey script so that searchers can find it.
* Rename "scriptSig" to "signature script" (suggested by @luke-jr). We
also leave a token "scriptSig" at this definition point.
* Rename "redeemScript" to "redeem script"
* Defined ECDSA on secp256k1 curve as the crypto used in the Transaction
section and added references to secp256k1 private/public keys and
signatures.
* Removed "The Parts Of A Transaction" illustration by commenting it out
in the HTML. Shoehorning the pubkey/signature script terms into this
image was becoming difficult, and I'm not very fond of that
illustration anyway. I'll see if I can think of a nicer replacement
illustration for some point in the future.
* Add a short paraphrased version @petertodd's description of scripts as
generalized crypto.
* Updated all the illustrations which referred to either pubkey scripts
or signature scripts to use these terms.
Several reviewers kindly provided feedback via IRC tonight, resulting in
the following changes:
* Mention that compressed keys are used in the offical secp256k1
documentation with the prefix bytes used by Bitcoin. I could not find
a publicly-available officialish document defining the prefix bytes,
but they're used repeatedly in the offical SECG documentation we
autoxref "secp256k1" to, so I went with that.
* Remove the mention that Bitcoin Core uses OpenSSL. While true, there
is an effort to slowly move away from using OpenSSL for EC in
Bitcoin Core.
* Change the phrasing of the relative curve location for 0x02 & 0x03 to
a form more correct for actuality instead of the illustrated
abstraction.
* Drop quotes around "uncompressed" since that's the term used in the
official secp256k1 docs, not something Bitcoin-specific.
Describe the essential functions of a wallet program and how multiple
programs can work together to fulfill those functions, as in the case of
a signing-only wallet.
Two minor changes suggested by iwilcox on IRC (thanks!):
* s/brute-force find/brute-force/ in HD wallet section
* Correct mistaken assertion that the keypool isn't refreshed until all
keys are used. If the wallet is unencrypted or unlocked, the keypool
is refreshed after each time a key is used.
As suggested by @gmaxwell (thanks!), I tried to make clearer the benefit
of hardened keys:
* Described hardened keys as a solution in the first sentence of the
Hardened Keys subsection.
* Reordered the text so that the problem is described before the
solution, making the presence of a solution clearer.
* Added a prefatory sentence to the description of the two key
derivation formulas again describing the hardened formula as a
solution.
As suggested by @vbuterin (thanks!), I added a paragraph describing that
HD wallets don't use normal derivation on the master key so they don't
have an effective master public key. (See end of the diff.)
This is a fairly large diff because of the reordering, but no new
clauses were added besides those described above.
_includes/guide_wallets.md:
* Fix formula given for normal child key derivation to state that public
keys must also be provided to the HMAC hash function. This required
updating both text and images.
* Add one-paragraph warning about ancestor key compromise when the
ancestor extended public key is compromised along with a descended
private key. Update img/dev/en-hd-private-parent-to-private-child.*
to help illustrate this warning.
en/developer-reference.md:
* Remove %include% of previously-removed file which caused new versions
of Jekyll to die.
Thanks also (in alphabetical order) to @cbeams, @mikehearn, and
@tgeller, among others.
The last pre-squash commit was: c2b8d562aa107c7b68c60946cea14cdccc5159ad
