Please remove me from the mailing list 2015-05-27 3:50 GMT+02:00 Mark Friedenbach : > Sequence numbers appear to have been originally intended as a mechanism > for transaction replacement within the context of multi-party transaction > construction, e.g. a micropayment channel. The idea is that a participant > can sign successive versions of a transaction, each time incrementing the > sequence field by some amount. Relay nodes perform transaction replacement > according to some policy rule making use of the sequence numbers, e.g. > requiring sequence numbers in a replacement to be monotonically increasing. > > As it happens, this cannot be made safe in the bitcoin protocol as > deployed today, as there is no enforcement of the rule that miners include > the most recent transaction in their blocks. As such, any protocol relying > on a transaction replacement policy can be defeated by miners choosing not > to follow that policy, which they may even be incentivised to do so (if > older transactions provide higher fee per byte, for example). Transaction > replacement is presently disabled in Bitcoin Core. > > These shortcomings can be fixed in an elegant way by giving sequence > numbers new consensus-enforced semantics as a relative lock-time: if a > sequence number is non-final (MAX_INT), its bitwise inverse is interpreted > as either a relative height or time delta which is added to the height or > median time of the block containing the output being spent to form a > per-input lock-time. The lock-time of each input constructed in this manor, > plus the nLockTime of the transaction itself if any input is non-final must > be satisfied for a transaction to be valid. > > For example, a transaction with an txin.nSequence set to 0xffffff9b [== > ~(uint32_t)100] is prevented by consensus rule from being selected for > inclusion in a block until the 100th block following the one including the > parent transaction referenced by that input. > > In this way one may construct, for example, a bidirectional micropayment > channel where each change of direction increments sequence numbers to make > the transaction become valid prior to any of the previously exchanged > transactions. > > This also enables the discussed relative-form of CHECKLOCKTIMEVERIFY to be > implemented in the same way: by checking transaction data only and not > requiring contextual information like the block height or timestamp. > > An example implementation of this concept, as a policy change to the > mempool processing of Bitcoin Core is available on github: > > https://github.com/maaku/bitcoin/tree/sequencenumbers > > > ------------------------------------------------------------------------------ > > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > >