Ty Everett ([email protected])
The BRC-9 specification defines a process for Simplified Payment Verification (SPV) that allows payment recipients to verify the validity of a transaction without downloading and verifying the entire blockchain. The process involves verifying the headers and proofs of a BRC-8 Transaction Envelope, ensuring that all SPV proofs link back to the genesis block and the chain with the most proof of-work, and confirming that the transaction is valid according to the rules of Bitcoin. This standard aims to facilitate fast, secure, and efficient payment processing for merchants and users.
The Bitcoin blockchain is a decentralized, distributed ledger that records every transaction on the network. However, downloading and verifying the entire blockchain can be time-consuming and resource-intensive, making it impractical for users who want to make quick, simple transactions. Simplified Payment Verification (SPV) provides a way for payment recipients to verify the validity of a transaction without the need for a full blockchain download. This protocol is essential for enabling fast and efficient payment processing, especially for small, casual transactions.
The steps for verifying the validity of a payment transaction using the BRC-9 SPV protocol are as follows:
- Ensure that the received BRC-8 Envelope is in the correct format
- Add any previously-unknown headers provided in the BRC-8 Envelope to the chain of headers
- Ensure that all SPV proofs link back to the genesis block and the chain with the most proof of-work
- Ensure that all signatures on provided mAPI responses are valid
- Ensure that all specified minerID public keys have endorsed all mAPI responses
- Ensure that, if only confirmed inputs were allowed, every specified input transaction is directly proven with an SPV proof rather than relying on a chain of mAPI responses
- Ensure that the transaction is valid according to the rules of Bitcoin (sum of input amounts is greater than or equal to the sum of output amounts)
- Ensure that the lock time of the transaction is as requested in the invoice
- Ensure that, if the lock time is in the future, all sequence numbers are UINT_MAX, unless you are working with an application that supports continuously-updating payment channel transactions and expect to get another updated transaction later
- Ensure that evaluating the locking scripts from the input transactions and then the unlocking scripts provided in each input is successful, thus ensuring that all inputs were properly spent
- Ensure that the transaction was properly signed
- Ensure that the transaction contains the output scripts and amounts that were requested in the invoice
- Ensure that the transaction pays a sufficient fee according to the rules of the fee model you are using
The above steps ensure that the transaction is valid and secure according to the Bitcoin protocol. Merchants may take additional measures to increase security, such as subscribing to mAPI status updates and double spend notifications, verifying the identity of the sender, waiting for confirmations, or using an escrow service.
Any wallet that has access to a source of block headers is capable of verifying merkle proofs, and any computer with the resources needed to execute the Bitcoin script programs from the chain of spends is capable of verifying the chain of custody. This means that almost any modern digital computer can easily perform Simplified Payment Verification by following the steps outlined in this document.