From: ZmnSCPxj <ZmnSCPxj@protonmail•com>
To: Erik Aronesty <erik@q32•com>
Cc: Bitcoin Protocol Discussion
<bitcoin-dev@lists•linuxfoundation.org>,
Anthony Towns <aj@erisian•com.au>
Subject: Re: [bitcoin-dev] `OP_EVICT`: An Alternative to `OP_TAPLEAFUPDATEVERIFY`
Date: Fri, 18 Feb 2022 16:06:39 +0000 [thread overview]
Message-ID: <3YGc8zgpxTXfmj09vOFSHiGqubBn5Tb6PefbEje8vbSvcKt3wWlf2Ue1VCS33WFygsLq5Rvdv9FW8SCvoDqGNUVYT7gAa2z4NSdu5GHqkHc=@protonmail.com> (raw)
In-Reply-To: <CAJowKgKEAptvQnOSKc7W=FDtf6DRchaBUyx3QWeHbCN_89w2zQ@mail.gmail.com>
Good morning Erik,
> > As I understand your counterproposal, it would require publishing one transaction per evicted participant.
>
> if you also pre-sign (N-2, N-3, etc), you can avoid this
It also increases the combinatorial explosion.
> > In addition, each participant has to store `N!` possible orderings in which participants can be evicted, as you cannot predict the future and cannot predict which partiicpants will go offline first.
>
> why would the ordering matter? these are unordered pre commitments to move funds, right? you agree post the one that represents "everyone that's offline"
Suppose `B` is offline first, then the remaining `A` `C` and `D` publish the eviction transaction that evicts only `B`.
What happens if `C` then goes offline?
We need to prepare for that case (and other cases where the participants go offline at arbitrary orders) and pre-sign a spend from the `ACD` set and evicts `C` as well, increasing combinatorial explosion.
And so on.
We *could* use multiple Tapleaves, of the form `<A> OP_CHECKSIG <BCD> OP_CHECKSIG` for each participant.
Then the per-participant `<A>` signature is signed with `SIGHASH_SINGLE|SIGHASH_ANYONECANPAY` and is pre-signed, while the remainder is signed by `<BCD>` with default `SIGHASH_ALL`.
Then if one participant `B` is offline they can evict `B` and then the change is put into a new UTXO with a similar pre-signed scheme `<A> OP_CHECKSIG <CD> OP_CHECKSIG`.
This technique precludes pre-signing multiple evictions.
>
> > But yes, certainly that can work, just as pre-signed transactions can be used instead of `OP_CTV`
>
> i don't see how multiple users can securely share a channel (allowing massive additional scaling with lighting) without op_ctv
They can, they just pre-sign, like you pointed out.
The same technique works --- `OP_CTV` just avoids having ridiculous amounts of combinatorial explosion and just requires `O(log n)` per eviction.
Remember, this proposal can be used for channel factories just as well, as pointed out, so any objection to this proposal also applies to `OP_CTV`.
Regards,
ZmnSCPxj
next prev parent reply other threads:[~2022-02-18 16:06 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-02-18 2:45 ZmnSCPxj
2022-02-18 13:53 ` Erik Aronesty
2022-02-18 14:48 ` ZmnSCPxj
2022-02-18 15:50 ` Erik Aronesty
2022-02-18 16:06 ` ZmnSCPxj [this message]
2022-02-18 13:55 ` Jonas Nick
2022-02-18 18:09 ` Antoine Riard
2022-02-18 23:39 ` ZmnSCPxj
2022-02-19 0:56 ` Jeremy Rubin
2022-02-19 1:17 ` ZmnSCPxj
2022-02-19 1:46 ` Greg Sanders
2022-02-19 7:21 ` Billy Tetrud
2022-02-19 11:41 ` ZmnSCPxj
2022-02-19 21:59 ` Billy Tetrud
2022-02-22 0:17 ` Antoine Riard
2022-02-23 11:42 ` ZmnSCPxj
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='3YGc8zgpxTXfmj09vOFSHiGqubBn5Tb6PefbEje8vbSvcKt3wWlf2Ue1VCS33WFygsLq5Rvdv9FW8SCvoDqGNUVYT7gAa2z4NSdu5GHqkHc=@protonmail.com' \
--to=zmnscpxj@protonmail$(echo .)com \
--cc=aj@erisian$(echo .)com.au \
--cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
--cc=erik@q32$(echo .)com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox