BIP Booby Trapped Wallets - Covenant-Only Taproot Outputs

Authored by Matias Monteagudo, this Bitcoin Improvement Proposal (BIP) suggests an advanced, optional security layer specifically designed for high-value institutional Bitcoin holdings. The core idea revolves around an irreversible wallet-level mechanism that, once activated, disables key-path spending and mandates script-path spending. This setup creates transaction restrictions that remain invisible until an attempt is made to breach them, thereby providing an additional layer of security against unauthorized access while keeping the transaction details private until necessary.

The motivation behind this proposal stems from the growing security challenges faced by prominent Bitcoin holders, particularly institutional entities such as exchanges. Despite existing security measures, attackers with access to private keys can potentially drain wallets, with the current visible security protocols offering little deterrence to sophisticated breaches. The proposed covenant-only mode addresses these vulnerabilities by allowing wallet owners to voluntarily restrict transactions to predefined destinations, automatically redirecting unauthorized transfers to arbitration wallets, thus maintaining the guise of normal operations to deter preemptive attack preparations.

A detailed specification outlines the technical foundation for implementing covenant-only Taproot outputs. It extends the standard Taproot construction by invalidating the internal key, thus making key-path spending impossible and ensuring all transactions adhere to the covenant rules. The specified covenant script enforces destination restrictions through conditional execution and utilizes a Merkle tree for whitelist management. Moreover, the proposal delineates a comprehensive activation and deployment strategy following the BIP 9 framework, requiring broad miner consensus before enforcement.

The proposal ensures full backward compatibility, preserving the functionality of existing Taproot outputs and the operational integrity of non-upgraded nodes and wallets. By building upon the privacy and efficiency features of Taproot, the proposal argues for disabling key-path spending to prevent covenant bypass and introduces an automatic arbitration fallback mechanism to offer recovery options for legitimate users while deterring theft.

Several security considerations are addressed, including cryptographic measures to ensure the unspendability of the internal key, hiding covenant logic to thwart pre-emptive attacks, and leveraging secure Merkle tree proofs for whitelist validation. The economic rationale discourages theft through high-risk arbitration, incentivizes fair arbitrator conduct, and underscores the network-wide benefits of enhanced security without compromising privacy or performance.

The document concludes with reference implementations for core validation logic and wallet integration, alongside test vectors to validate the proposal's efficacy. With a phased approach towards community review, testnet deployment, and potential mainnet activation, this BIP aims to fortify Bitcoin security for institutions requiring elevated protection levels without undermining user privacy or network usability. Acknowledgments are given to the Bitcoin development community and the creators of the Taproot script commitment scheme for laying the groundwork enabling this proposal.