So at the low level, how does a "proof of payment" differ from just proving that a given transaction is in a given block (what SPV nodes take as proof of payment today)? On Apr 27, 2015 2:42 PM, "Kalle Rosenbaum" wrote: > "Or a really high lock_time, but it would not make it invalid, just > delayed." > > Ok, this was a bad idea, since nodes would have to keep it in memory. > Please disregard that idea... > > Kalle > > Den 27 apr 2015 14:35 skrev "Kalle Rosenbaum" : > > > > > > > > Some more use cases might be: > > > Waiting in comfort: > > > - Send a payment ahead of time, then wander over and collect the goods > > > after X confirmations. > > > > > > Authorized pickup : > > > - Hot wallet software used by related people could facilitate the use > > > of 1 of N multisig funds. Any one of the N wallets could collect goods > > > and services purchased by any of the others. > > > > I like this one, because it shows the power of reusing the transaction > data structure. > > > > > > > > Non-monetary gifts: > > > - Sender exports spent keys to a beneficiary, enabling PoP to work as > a > > > gift claim > > > > > > Contingent services: > > > - Without Bob's permission, a 3rd party conditions action on a payment > > > made from Alice to Bob. For example, if you donated at least .02 BTC > to > > > Dorian, you (or combining scenarios, any of your N authorized family > > > members), can come to my dinner party. > > > > This is an interesting one. > > > > > > > > I tried out your demo wallet and service and it worked as advertised. > > > > > > Could the same standard also be used to prove that a transaction COULD > > > BE created? To generalize the concept beyond actual payments, you > could > > > call it something like proof of payment potential. > > > > I guess it's possible, but we'd have to remove the txid from the output, > since there is none. This is a way of saying "I'm in control of these > addresses". The other party/parties can then verify the funds on the > blockchain and watch those addresses for changes. Maybe there are some > interesting use cases here. Ideas? > > > > > > > > Why not make these proofs permanently INVALID transactions, to remove > > > any possibility of their being mined and spending everything to fees > > > when used in this way, and also in cases involving reorganizations? > > > > Yes. Initially I thought it would be enough that the funds are already > spent, but I think you're right here. Reorgs could be a problem. Worse, you > also might want to prove 0-confirmation transactions, in which case it's a > huge security problem. Someone might intercept the PoP and publish it on > the bitcoin network, spending all the funds. But I still would like wallets > to be able to build/verify PoPs with little or no modifications. Could we > possibly change the version number on the PoP to something other than 1? > Maybe 2^4-1? Or a really high lock_time, but it would not make it invalid, > just delayed. Any suggestions here? > > > > > > > > I agree that PoP seems complementary to BIP70. > > > > > > > > > > Thank you very much for your comments! > > > > /Kalle > > > ------------------------------------------------------------------------------ > One dashboard for servers and applications across Physical-Virtual-Cloud > Widest out-of-the-box monitoring support with 50+ applications > Performance metrics, stats and reports that give you Actionable Insights > Deep dive visibility with transaction tracing using APM Insight. > http://ad.doubleclick.net/ddm/clk/290420510;117567292;y > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > >