more technical review items

Author: jimmysong

all.asciidoc

@@ -1,7 +1,7 @@
 = Programming Bitcoin
 Jimmy Song
 v2.0, 2018-12-03
-:imagesdir: images
+:imagesdir: .
 :doctype: book
 
 include::preface.asciidoc[]

ch01.asciidoc

@@ -43,7 +43,7 @@ This is what we call the _additive inverse_.
 5. If _a_ is in the set and is not 0, __a^–1^__ is in the set, which is defined as the value that makes __a ⋅ a^–1^ = 1__.
 This is what we call the _multiplicative inverse_.
 
-Let's unpack each of the following.
+Let's unpack each of the above.
 
 We have a set of numbers that's finite.
 Because the set is finite, we can designate a number _p_, which is how big the set is.
@@ -108,11 +108,11 @@ A Finite Field of order 17 looks like this:
 </ul>
 ++++
 
-A Finite Field of order 981 looks like this:
+A Finite Field of order 983 looks like this:
 
 ++++
 <ul class="simplelist">
-<li>F<sub>981</sub>= {0, 1, 2, ... 980}</li>
+<li>F<sub>983</sub>= {0, 1, 2, ... 982}</li>
 </ul>
 ++++
 
@@ -134,7 +134,7 @@ The bare bones of the class look like this:
 include::code-ch01/ecc.py[tag=source1]
 ----
 <1> We first check that `num` is between `0` and `prime-1` inclusive.
-If not, we have an invalid Field Element and we raise a `ValueError`, which is what we should raise when we get an inappropriate value.
+If not, we get an invalid Field Element and we raise a `ValueError`, which is what we should raise when we get an inappropriate value.
 <2> The rest of the `__init__` method assigns the initialization values to the object.
 <3> The `__eq__` method checks if two objects of class `FieldElement` are equal.
 This is only true when the `num` and `prime` properties are equal.
@@ -506,7 +506,7 @@ include::code-ch01/answers.py[tag=exercise6,indent=0]
 ==== Coding Exponentiation in Python
 
 We need to define the exponentiation for `FieldElement`, which in Python can be defined with the `__pow__` method, overriding the `**` operator.
-The difference here is that the exponent is _not_ a `FieldElement`, so has to be treated a bit differently.
+The difference here is that the exponent is _not_ a `FieldElement`, so it has to be treated a bit differently.
 We want something like this to work:
 
 [source,python]
@@ -747,7 +747,7 @@ class FieldElement:
 ...
 include::code-ch01/ecc.py[tag=source3]
 ----
-<1> Make the exponent into something within the 0 to p–1 range.
+<1> Make the exponent into something within the 0 to p-2 range, inclusive.
 
 === Conclusion
 

ch02.asciidoc

@@ -290,7 +290,7 @@ Note that the next +if+ statement will fail if we don't return here.
 <2> We overload the `+` operator here
 <3> `self.x` being `None` means that `self` is the point at infinity, or the additive identity.
 Thus, we return `other`.
-<4> `self.x` being `None` means that `other` is the point at infinity, or the additive identity.
+<4> `other.x` being `None` means that `other` is the point at infinity, or the additive identity.
 Thus, we return `self`.
 
 include::code-ch02/answers.py[tag=exercise3,indent=0]
@@ -338,7 +338,7 @@ Using this formula and plugging it into the Elliptic Curve equation, we get:
 
 Gathering all the terms, we have this polynomial equation:
 
-* __x__^3^ – __s__^2^x^2^ + (__a__ + 2__s__^2^__x__~1~ – 2__sy__~1~)__x__ + __b__ – __x__~1~^2^ + 2__sx__~1~__y__~1~ – __y__~1~^2^ = 0
+* __x__^3^ – __s__^2^x^2^ + (__a__ + 2__s__^2^__x__~1~ – 2__sy__~1~)__x__ + __b__ – __s__^2^__x__~1~^2^ + 2__sx__~1~__y__~1~ – __y__~1~^2^ = 0
 
 We also know that __x__~1~, __x__~2~, and __x__~3~ are solutions to this equation, thus:
 
@@ -347,7 +347,7 @@ We also know that __x__~1~, __x__~2~, and __x__~3~ are solutions to this equatio
 
 From earlier, we know that:
 
-* __x__^3^ – __s__^2^x^2^ + (__a__ + 2__s__^2^__x__~1~ – 2__sy__~1~)__x__ + __b__ – __x__~1~^2^ + 2__sx__~1~__y__~1~ – __y__~1~^2^ = 0
+* __x__^3^ – __s__^2^x^2^ + (__a__ + 2__s__^2^__x__~1~ – 2__sy__~1~)__x__ + __b__ – __s__^2^__x__~1~^2^ + 2__sx__~1~__y__~1~ – __y__~1~^2^ = 0
 
 There's a result from what's called the https://en.wikipedia.org/wiki/Vieta%27s_formulas[Vieta's Formula], which states that the coefficients have to equal each other if the roots are the same.
 The first coefficient that's interesting is the coefficient in front of __x__^2^:

ch04.asciidoc

@@ -370,7 +370,6 @@ We can do steps 4 and 5 in one go this way:
 ----
 include::code-ch04/helper.py[tag=source3]
 ----
-<1> Note that the `.decode('ascii')` part is necessary to convert from Python 3 bytes to a Python 3 string.
 
 [NOTE]
 .What Is Testnet?

ch05.asciidoc

@@ -305,13 +305,19 @@ include::code-ch05/answers.py[tag=exercise3,indent=0]
 === Locktime
 
 Locktime is a way to time-delay a transaction.
-A transaction with a Locktime of 600,000 cannot go into the blockchain until block 600,000.
+A transaction with a Locktime of 600,000 cannot go into the blockchain until block 600,001.
 This was originally construed as a way to do "high-frequency trades" (see _Sequence and Locktime_), which turned out to be insecure.
 If the Locktime is greater than or equal to 500,000,000, Locktime is a UNIX timestamp.
 If Locktime is less than 500,000,000, it is a block number.
 This way, transactions can be signed, but unspendable until a certain point in UNIX time or block height.
 
-The serialization is in Little-Endian and is 4 bytes long (<<locktime>>).
+.When Locktime is Ignored
+[WARNING]
+====
+Note that Locktime is ignored if the sequence numbers for every input is `ffffffff`.
+====
+
+The serialization is in Little-Endian and 4-bytes (<<locktime>>).
 
 [[locktime]]
 .Locktime

ch06.asciidoc

@@ -150,7 +150,7 @@ Here are some operations and their byte codes:
 * `0x00` - `OP_0`
 * `0x51` - `OP_1`
 * `0x60` - `OP_16`
-* `0x75` - `OP_DUP`
+* `0x76` - `OP_DUP`
 * `0x93` - `OP_ADD`
 * `0xa9` - `OP_HASH160`
 * `0xac` - `OP_CHECKSIG`
@@ -284,7 +284,7 @@ Note the `OP_CHECKSIG`, as that will be very important.
 The ScriptSig is the part that unlocks the received bitcoins.
 The pubkey can be compressed or uncompressed, though early on in Bitcoin's history when p2pk was more prominent, uncompressed was the only one being used (see <<chapter_serialization>>).
 
-For p2pk, the ScriptSig required to unlock the corresponding ScriptPubKey is just the signature as shown in <<pay_to_pubkey_p2pk_scriptsig>>.
+For p2pk, the ScriptSig required to unlock the corresponding ScriptPubKey is the signature followed by a single sighash byte as shown in <<pay_to_pubkey_p2pk_scriptsig>>:
 
 [[pay_to_pubkey_p2pk_scriptsig]]
 .Pay-to-pubkey (p2pk) ScriptSig

ch09.asciidoc

@@ -247,7 +247,7 @@ To find a proof-of-work, the miners on the Bitcoin network have to churn through
 Like gold, verifying proof-of-work is much cheaper than actually finding it.
 
 So what is proof-of-work?
-Let's look at the hash256 of the block we saw before to find out:
+Let's look at the hash256 of the block header we saw before to find out:
 
 ```
 020000208ec39428b17323fa0ddec8e887b4a7c53b8c0a0a220cfd000000000000000000
@@ -290,7 +290,7 @@ The mechanics of how the Merkle Root changes whenever any transaction in the blo
 
 ==== Target
 
-Proof-of-work is the requirement that every block in Bitcoin must be below a certain target.
+Proof-of-work is the requirement that the hash of every block header in Bitcoin must be below a certain target.
 _Target_ is a 256-bit number that is computed directly from the bits field.
 The target is very small compared to an average 256-bit number.
 
@@ -320,12 +320,12 @@ include::code-ch09/examples.py[tag=example6]
 ----
 <1> We are purposefully printing this number as 64 hexadecimal digits to show how small the number is in 256-bit terms.
 
-A valid proof-of-work is a hash of the block that, when interpreted as a Little-Endian integer, is below the target number.
+A valid proof-of-work is a hash of the block header that, when interpreted as a Little-Endian integer, is below the target number.
 Proof-of-work hashes are exceedingly rare and the process of mining is the process of finding one of these hashes.
 To find a single proof-of-work with the above target, the network as a whole must calculate 3.8 &#215; 10^21^ hashes, which, when this block was found, was roughly every 10 minutes.
 To give this number some context, the best GPU miner in the world would need to run for 50,000 years on average to find a single proof-of-work below this target.
 
-We can check that this block's hash satisfies the proof-of-work:
+We can check that this block header's hash satisfies the proof-of-work:
 
 [source,python]
 ----

ch10.asciidoc

@@ -73,7 +73,7 @@ The timestamp field is 8 bytes (as opposed to 4 bytes in the block header) and i
 
 IP addresses can be IPv6, IPv4, or OnionCat (a mapping of TOR's `.onion` addresses to IPv6).
 If IPv4, the first 12 bytes are `00000000000000000000ffff` and the last 4 bytes are the IP.
-The port is 2 bytes Little-Endian. The default on mainnet is 8333, which maps to `208d` in Little-Endian hex.
+The port is 2 bytes Little-Endian. The default on mainnet is 8333, which maps to `8d20` in Little-Endian hex.
 
 A nonce is a number used by a node to detect a connection to itself.
 User Agent identifies the software being run.

ch12.asciidoc

@@ -157,7 +157,7 @@ include::code-ch12/answers.py[tag=exercise3,indent=0]
 === Loading a Bloom Filter
 
 Once a light client has created a Bloom Filter, it needs to let the full node know the details of the filter so the full node can send Proofs of Inclusion.
-The first thing a light client must do is set the optional relay flag in the version message (see <<chapter_networking>>) to 1.
+The first thing a light client must do is set the optional relay flag in the version message (see <<chapter_networking>>) to 0.
 This tells the full node not to send transaction messages unless they match a Bloom Filter or they have been specifically requested.
 After the relay flag, a light client then communicates to the full node the Bloom Filter itself.
 The command to set the Bloom Filter is called `filterload`.

ch13.asciidoc

@@ -143,7 +143,7 @@ Software that understands how to validate Segwit Version X will validate such tr
 === p2sh-p2wpkh
 
 p2wpkh is great, but unfortunately, this is a new type of Script and older wallets cannot send Bitcoins to p2wpkh ScriptPubKeys.
-p2wpkh uses a new address format called bech32, whose ScriptPubKeys older wallets don't know how to create.
+p2wpkh uses a new address format called bech32, defined in BIP173, whose ScriptPubKeys older wallets don't know how to create.
 
 The Segwit authors found an ingenious way to make Segwit backward compatible by using p2sh.
 We can "wrap" p2wpkh inside a p2sh.

code-ch02/answers.py

@@ -42,7 +42,7 @@
 # tag::exercise6[]
 ==== Exercise 6
 
-For the curve __y__^2^ = __x__^3^ + 5__x__ + 7, what is (2,5) + (–1,–1)?
+For the curve __y__^2^ = __x__^3^ + 5__x__ + 7, what is (-1,1) + (–1,-1)?
 # end::exercise6[]
 # tag::answer6[]
 >>> a, x1, y1 = 5, -1, 1

code-ch03/answers.py

@@ -48,18 +48,15 @@
 >>> p1 = Point(FieldElement(170, prime), FieldElement(142, prime), a, b)
 >>> p2 = Point(FieldElement(60, prime), FieldElement(139, prime), a, b)
 >>> print(p1+p2)
-Point(FieldElement_223(220),FieldElement_223(181))_FieldElement_223(0)_
-  FieldElement_223(7)
+Point(220,181)_0_7 FieldElement(223)
 >>> p1 = Point(FieldElement(47, prime), FieldElement(71, prime), a, b)
 >>> p2 = Point(FieldElement(17, prime), FieldElement(56, prime), a, b)
 >>> print(p1+p2)
-Point(FieldElement_223(215),FieldElement_223(68))_FieldElement_223(0)_
-  FieldElement_223(7)
+Point(215,68)_0_7 FieldElement(223)
 >>> p1 = Point(FieldElement(143, prime), FieldElement(98, prime), a, b)
 >>> p2 = Point(FieldElement(76, prime), FieldElement(66, prime), a, b)
 >>> print(p1+p2)
-Point(FieldElement_223(47),FieldElement_223(71))_FieldElement_223(0)_
-  FieldElement_223(7)
+Point(47,71)_0_7 FieldElement(223)
 
 # end::answer2[]
 # tag::exercise4[]
@@ -83,26 +80,21 @@
 >>> y1 = FieldElement(num=105, prime=prime)
 >>> p = Point(x1,y1,a,b)
 >>> print(p+p)
-Point(FieldElement_223(49),FieldElement_223(71))_FieldElement_223(0)_
-  FieldElement_223(7)
+Point(49,71)_0_7 FieldElement(223)
 >>> x1 = FieldElement(num=143, prime=prime)
 >>> y1 = FieldElement(num=98, prime=prime)
 >>> p = Point(x1,y1,a,b)
 >>> print(p+p)
-Point(FieldElement_223(64),FieldElement_223(168))_FieldElement_223(0)_
-  FieldElement_223(7)
+Point(64,168)_0_7 FieldElement(223)
 >>> x1 = FieldElement(num=47, prime=prime)
 >>> y1 = FieldElement(num=71, prime=prime)
 >>> p = Point(x1,y1,a,b)
 >>> print(p+p)
-Point(FieldElement_223(36),FieldElement_223(111))_FieldElement_223(0)_
-  FieldElement_223(7)
+Point(36,111)_0_7 FieldElement(223)
 >>> print(p+p+p+p)
-Point(FieldElement_223(194),FieldElement_223(51))_FieldElement_223(0)_
-  FieldElement_223(7)
+Point(194,51)_0_7 FieldElement(223)
 >>> print(p+p+p+p+p+p+p+p)
-Point(FieldElement_223(116),FieldElement_223(55))_FieldElement_223(0)_
-  FieldElement_223(7)
+Point(116,55)_0_7 FieldElement(223)
 >>> print(p+p+p+p+p+p+p+p+p+p+p+p+p+p+p+p+p+p+p+p+p)
 Point(infinity)
 

code-ch03/ecc.py

@@ -156,6 +156,9 @@ def __ne__(self, other):
     def __repr__(self):
         if self.x is None:
             return 'Point(infinity)'
+        elif isinstance(self.x, FieldElement):
+            return 'Point({},{})_{}_{} FieldElement({})'.format(
+                self.x.num, self.y.num, self.a.num, self.b.num, self.x.prime)
         else:
             return 'Point({},{})_{}_{}'.format(self.x, self.y, self.a, self.b)
 
@@ -212,8 +215,8 @@ def __rmul__(self, coefficient):
             if coef & 1:  # <3>
                 result += current
             current += current  # <4>
-            coef >>= 1
-        return result  # <5>
+            coef >>= 1  # <5>
+        return result
     # end::source3[]
 
 

code-ch03/examples.py

@@ -7,7 +7,7 @@
 >>> y = FieldElement(num=105, prime=223)
 >>> p1 = Point(x, y, a, b)
 >>> print(p1)
-Point(FieldElement_223(192),FieldElement_223(105))_FieldElement_223(0)_FieldElement_223(7)
+Point(192,105)_0_7 FieldElement(223)
 
 # end::example1[]
 # tag::example3[]
@@ -22,8 +22,7 @@
 >>> p1 = Point(x1, y1, a, b)
 >>> p2 = Point(x2, y2, a, b)
 >>> print(p1+p2)
-Point(FieldElement_223(170),FieldElement_223(142))_FieldElement_223(0)_
-FieldElement_223(7)
+Point(170,142)_0_7 FieldElement(223)
 
 # end::example3[]
 # tag::example4[]

code-ch04/answers.py

@@ -77,13 +77,13 @@
 # tag::answer4[]
 >>> from helper import encode_base58
 >>> h = '7c076ff316692a3d7eb3c3bb0f8b1488cf72e1afcd929e29307032997a838a3d'
->>> print(encode_base58(bytes.fromhex(h)).decode('ascii'))
+>>> print(encode_base58(bytes.fromhex(h)))
 9MA8fRQrT4u8Zj8ZRd6MAiiyaxb2Y1CMpvVkHQu5hVM6
 >>> h = 'eff69ef2b1bd93a66ed5219add4fb51e11a840f404876325a1e8ffe0529a2c'
->>> print(encode_base58(bytes.fromhex(h)).decode('ascii'))
+>>> print(encode_base58(bytes.fromhex(h)))
 4fE3H2E6XMp4SsxtwinF7w9a34ooUrwWe4WsW1458Pd
 >>> h = 'c7207fee197d27c618aea621406f6bf5ef6fca38681d82b2f06fddbdce6feab6'
->>> print(encode_base58(bytes.fromhex(h)).decode('ascii'))
+>>> print(encode_base58(bytes.fromhex(h)))
 EQJsjkd6JaGwxrjEhfeqPenqHwrBmPQZjJGNSCHBkcF7
 
 # end::answer4[]

code-ch04/ecc.py

@@ -163,6 +163,9 @@ def __ne__(self, other):
     def __repr__(self):
         if self.x is None:
             return 'Point(infinity)'
+        elif isinstance(self.x, FieldElement):
+            return 'Point({},{})_{}_{} FieldElement({})'.format(
+                self.x.num, self.y.num, self.a.num, self.b.num, self.x.prime)
         else:
             return 'Point({},{})_{}_{}'.format(self.x, self.y, self.a, self.b)
 

code-ch04/helper.py

@@ -4,7 +4,7 @@
 
 
 # tag::source1[]
-BASE58_ALPHABET = b'123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz'
+BASE58_ALPHABET = '123456789ABCDEFGHJKLMNPQRSTUVWXYZabcdefghijkmnopqrstuvwxyz'
 # end::source1[]
 
 
@@ -34,25 +34,25 @@ def encode_base58(s):
             count += 1
         else:
             break
-    prefix = b'1' * count
     num = int.from_bytes(s, 'big')
-    result = bytearray()
+    prefix = '1' * count
+    result = ''
     while num > 0:  # <2>
         num, mod = divmod(num, 58)
-        result.insert(0, BASE58_ALPHABET[mod])
-    return prefix + bytes(result)  # <3>
+        result = BASE58_ALPHABET[mod] + result
+    return prefix + result  # <3>
 # end::source2[]
 
 
 # tag::source3[]
-def encode_base58_checksum(s):
-    return encode_base58(s + hash256(s)[:4]).decode('ascii')  # <1>
+def encode_base58_checksum(b):
+    return encode_base58(b + hash256(b)[:4])
 # end::source3[]
 
 
 def decode_base58(s):
     num = 0
-    for c in s.encode('ascii'):
+    for c in s:
         num *= 58
         num += BASE58_ALPHABET.index(c)
     combined = num.to_bytes(25, byteorder='big')

code-ch05/ecc.py

@@ -163,6 +163,9 @@ def __ne__(self, other):
     def __repr__(self):
         if self.x is None:
             return 'Point(infinity)'
+        elif isinstance(self.x, FieldElement):
+            return 'Point({},{})_{}_{} FieldElement({})'.format(
+                self.x.num, self.y.num, self.a.num, self.b.num, self.x.prime)
         else:
             return 'Point({},{})_{}_{}'.format(self.x, self.y, self.a, self.b)