TYPE 0x0701 · COMPOUND FAMILY
TIMELOCKED_SIG
Signature verification combined with a relative timelock (CSV) in a single block. Collapses the common SIG + CSV two-block pattern, saving 8 bytes on wire.
Compound Non-InvertibleLadder Diagram
Fields
| Field | Data Type | Size | Side | Description |
|---|---|---|---|---|
| scheme | SCHEME | 1 B | Conditions | Signature scheme identifier (0x01 = Schnorr, 0x02 = ECDSA). Routes to post-quantum verifier when PQ scheme set. |
| timelock | NUMERIC | 1-4 B | Conditions | Relative timelock in blocks (BIP 68 sequence value) |
| pubkey | PUBKEY | 32-33 B | Witness | Public key (x-only 32B or compressed 33B) |
| signature | SIGNATURE | 64-65 B | Witness | Schnorr signature (64B) or with sighash byte (65B) |
Public key folded into Merkle leaf via merkle_pub_key (PubkeyCountForBlock = 1). No key field in conditions.
Wire Format Breakdown
Conditions side (committed in the rung leaf):
0x0701
0
2
SCHEME · 1B
NUMERIC · 3B
≈ 11 bytes
Witness side (in input witness):
0x0701
0
2
PUBKEY · 32B
SIGNATURE · 64B
= 104 bytes
Total (conditions + witness)
150 bytes
Compared to separate SIG + CSV blocks: 157 bytes → 149 bytes (saves 8B / 5.1%)
Evaluation Logic
1.
Locate the witness PUBKEY, SIGNATURE, and conditions NUMERIC (
timelock); any missing → ERROR. PUBKEY identity is bound at MLSC-proof level via merkle_pub_key — no leaf check here.
2.
Read the optional SCHEME conditions field; if absent, default to Schnorr.
3.
Dispatch VerifySigWithScheme(PUBKEY, SIGNATURE, scheme, ...). Sig size checks fire here (Schnorr 64-65 B, ECDSA 8-72 B, PQ scheme-specific). Invalid → the underlying result (UNSATISFIED for verification failure, ERROR for malformed inputs).
4.
Then run the CSV check (mirroring CSV block): ReadNumeric the timelock; undecodable → ERROR
5.
If SEQUENCE_LOCKTIME_DISABLE_FLAG (bit 31) is set in
timelock → SATISFIED immediately (no further check).
6.
Range guard:
timelock < 0 or > 0xFFFFFFFF → UNSATISFIED (protects the narrowing cast).
7.
CheckSequence(uint32_t(timelock)); fails → UNSATISFIED; passes → SATISFIED
Return Values
| Condition | Result |
|---|---|
| PUBKEY, SIGNATURE, or NUMERIC missing | ERROR |
| Signature size out of range for the resolved scheme | ERROR |
| Timelock NUMERIC undecodable | ERROR |
| Signature verification fails | UNSATISFIED |
| SEQUENCE_LOCKTIME_DISABLE_FLAG set after a valid signature | SATISFIED |
Timelock out of uint32 range, or CheckSequence fails | UNSATISFIED |
| Signature valid AND timelock satisfied | SATISFIED |
JSON Wire Format
Conditions (committed in the rung leaf)
{
"type": "TIMELOCKED_SIG",
"inverted": false,
"fields": [
{ "type": "SCHEME", "hex": "01" },
{ "type": "NUMERIC", "value": 144 }
]
}Witness (input)
{
"type": "TIMELOCKED_SIG",
"inverted": false,
"fields": [
{ "type": "PUBKEY", "hex": "02abc1...33 bytes" },
{ "type": "SIGNATURE", "hex": "30440...64 bytes" }
]
}The timelock NUMERIC lives in conditions only — it is not duplicated in the witness. After MergeConditionsAndWitness the evaluator sees SCHEME, NUMERIC, PUBKEY, SIGNATURE in a single merged block.
Use Cases
Lightning Channel Force Close
The to_local output in a commitment transaction requires the broadcaster's signature after a CSV delay. TIMELOCKED_SIG encodes this in one block instead of two, reducing witness overhead across all commitment transactions.
Vault Recovery Path
Hot wallet spending with mandatory cooling-off period. The hot key can sign, but the transaction is only valid after N blocks have passed since the UTXO was confirmed.
Inheritance Planning
Beneficiary can claim funds after an extended CSV delay (e.g., 26,280 blocks / ~6 months), proving liveness-failure of the original owner.