From: ZmnSCPxj <ZmnSCPxj@protonmail•com>
To: Jeremy <jlrubin@mit•edu>,
Bitcoin Protocol Discussion
<bitcoin-dev@lists•linuxfoundation.org>
Subject: Re: [bitcoin-dev] [Bitcoin Advent Calendar] Oracles, Bonds, and Attestation Chains
Date: Sat, 18 Dec 2021 01:00:14 +0000 [thread overview]
Message-ID: <BPaAFvgTqtCsxcAr1W_jlvWkHOaRi41GCfdHsblFGmqBVKR20qC18xk89Wh28Cmaf2YGUlN_N9_g9S_ij3bZbhsD_0qaDMcvqV1GdScVoTs=@protonmail.com> (raw)
In-Reply-To: <CAD5xwhjDBD38Xt=p=AW7XU3OCh0_9nb=-7neXuLcd-VAXJBE-Q@mail.gmail.com>
Good morning Jeremy,
> Today's post is pretty cool: it details how covenants like CTV can be used to improve on-chain bitcoin signing oracles by solving the timeout/rollover issue and solving the miner/oracle collusion issue on punishment. This issue is similar to the Blockstream Liquid Custody Federation rollover bug from a while back (which this type of design also helps to fix).
>
> https://rubin.io/bitcoin/2021/12/17/advent-20/
>
> It also describes:
> - how a protocol on top can make 'branch free' attestation chains where if you equivocate your funds get burned.
> - lightly, various uses for these chained attestations
>
> In addition, Robin Linus has a great whitepaper he put out getting much more in the weeds on the concepts described in the post, it's linked in the first bit of the post.
Nice, bonds are significantly better if you can ensure that the bonder cannot recover their funds.
Without a covenant the best you could do would be to have the bonder risk loss of funds on equivocation, not have the bonder actually definitely lose funds.
We should note that "equivocate" is not "lie".
An oracle can still lie, it just needs to consistently lie (i.e. not equivocate).
As an example, if the oracle is a signer for a federated sidechain, it could still sign an invalid sidechain block that inflates the sidecoin supply.
It is simply prevented from later denying this by signing an alternative valid sidechain block and acting as if it never signed the invalid sidechain block.
But if it sticks to its guns, then the sidechain simply stops operation with everyone owning sidecoins losing their funds (and if the oracle already exited the sidechain, its bond remains safe, as it did not equivocate, it only lied).
Regards,
ZmnSCPxj
next prev parent reply other threads:[~2021-12-18 1:00 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-12-17 18:24 Jeremy
2021-12-18 1:00 ` ZmnSCPxj [this message]
2021-12-18 2:00 ` Jeremy
2021-12-18 3:49 ` ZmnSCPxj
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='BPaAFvgTqtCsxcAr1W_jlvWkHOaRi41GCfdHsblFGmqBVKR20qC18xk89Wh28Cmaf2YGUlN_N9_g9S_ij3bZbhsD_0qaDMcvqV1GdScVoTs=@protonmail.com' \
--to=zmnscpxj@protonmail$(echo .)com \
--cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
--cc=jlrubin@mit$(echo .)edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox