Bitcoin Segregated Witness (Segwit) is cool, but is it not a short-term solution?

Pieter Wuille gave a great introductory talk in Hong Kong about Segregated Witness (segwit), which is a great idea that should be implemented into the Bitcoin software as soon as possible and safely. It is a fundamental idea that will be of great benefit to the future of Bitcoin. It also needs a better name ("Segregation has all sorts of negative connotations...")

You should check out Pieter’s talk where I’ll give you a different explanation of it (I know I often need to explain something multiple different ways before I really understand it).

So… sending bitcoin to a segregate witness-locked output is a bit of a weird little beast for today’s blockchain explorers, it looks like anyone can spend the transaction with a scriptPubKey of:

 PUSHDATA [version_byte + validation_script]

The spending of the isolated witness locked output does not require the use of a script signature ( scriptSig ).

You might say, isn't this crazy? No, because the actual script signature of the transaction will be placed in a separate, new data structure, and the wallets and miners doing the verification work will use the new data structure to ensure that the signature of the transaction is valid.

This data structure will be a merkle tree tree reflecting these transactions, and for each transaction with a segwit input, there will be an entry in the second merkle tree with the signature data (plus 10 or so extra bytes per input to allow for fraud proofs).

The best design would be to merge the transaction and segwit merkle trees into the same tree, with the transaction data on the left and the segwit data on the right. The merkle root in the block header would be this merged tree. It should be done with a hard fork (which it should be, in my opinion), but Pieter proposed a soft fork that puts the segwit merkle root in the first (coinbase) transaction of each block, which would be more complicated and less elegant, but would mean it would only require a soft fork.

Regardless of how it is implemented, it will be a smooth transition solution for wallets and most end users, and if you don’t want to use fancy new Segwit transactions, you don’t have to use them. Paying someone using these fancy new transactions is just like paying someone using a fancy new multi-signature wallet (a BIP13 Bitcoin address that starts with 3****).

This does not require wallets to be upgraded, but anyone generating a lot of transactions will have a strong incentive to generate segwit transactions (Pieter suggests giving these segwit transactions some sort of fee discount).

So…how will this SegWit solution help with the 1MB block size limit?

OK, once all the details are worked out, and the soft or hard fork is implemented, and a significant minority of transactions use segwit locked outputs… more transactions will fit into the 1MB hard-coded block limit. For example, the simplest one-input , one-input segwit transaction will have 90字节of transaction data, plus 80个or so bytes of signature data, but only those 90 bytes need to fit into the 1MB block, not 170 bytes. More complex multi-signature transactions will save even more space.

So once everyone uses SegWit to lock outputs, and all transactions are SegWit transactions, 2-3 times more transactions can be squeezed into a 1MB block.

Segregated witness transactions will not help the current scaling bottleneck, and the propagation of 1MB 'block' messages across the network will take up the same bandwidth as before. There are several projects currently underway to address this problem (including IBLTs, weak blocks, thin blocks, a "blocktorrent" protocol), and one that is already being deployed that allows 1MB block messages to propagate much faster than they would otherwise (Matt Corallo's fast relay network).

I think it’s wise to design for success. Segregated Witness is cool, but it’s not a short-term solution (6-12 months), and we’ve already seen the problems with the 1MB block limit.

Original article: http://gavinandresen.ninja/segregated-witness-is-cool
By GAVIN ANDRESEN
Translation: Free and easy
Source (translation): Babbitt Information (http://www.8btc.com/segregated-witness-is-cool)