How does Kaspa's KIP-0020 attach a covenant to a transaction output?
In Kaspa's KIP-0020, each transaction output can optionally carry a covenant binding — a small data structure that declares which covenant governs the output and which transaction input authorized its creation. The binding consists of two fields: a `covenant_id`, which is a 32-byte hash uniquely identifying the covenant contract, and an `authorizing_input`, which is an index pointing to the specific input in the same transaction that vouched for this output being created. If the `covenant` field is absent, the output is a plain, unrestricted output with no covenant rules attached. Knowing this structure matters for developers building on Kaspa because it is the on-chain record that links a coin to its governing contract — without it, there is no way for the network to enforce covenant rules at spend time.