Table of Content


This document introduces a lock script on Nervos CKB that implements composable open transactions. It is updated from the previous RFC: Composable Open Transaction Lock Script, without virtual machine design.

This lock can be implemented based on Omnilock, with modification of message generated by hashing method. The signature part in witness also needs update accordingly.

The main topic in this RFC is about how a signing message is generated. All the data which will be listed later are concatenated one by one into a single data entry. Then the data entry is hashed via blake2b algorithm. The result hash is used as the signing message for the signature verification phase.

Data Structure

Signature Input List

We add a new signature input data structure before the signature used by the composable open transaction lock script. The signature input list contains a list of signature input like following:

| NAME | Command | Arg1 | Arg2 |
| BITS | 8       | 12   | 12   |

A signature input contains 3 items of 32 bits(4 bytes) long. The signature input list requires no length field at the beginning, a special command will mark the termination of the signature input list . The purpose is to feed a blake2b hash function with data. The resulting hash from the hash function will be used as signing message for the signature.

To save cycles, the size of signature input in signature input list can’t be larger than 1024. We believe this limitation is considered reasonable for all scenarios.

The memory layout of signature input can be described by following simple C function:

uint32_t combine(uint32_t command, uint32_t arg1, uint32_t arg2) {
    return (command & 0xFF) | (arg1 & 0xFFF) << 8 | (arg2 & 0xFFF) << 20;