A few more points: * I've just happened to talk to a lawyer and he confirmed that a) merely having illegal content as a part of the chain is not illegal, at least not as long as it's not possible to trivially open it with general-purpose software b) images that are illegal with a bunch of red dots would still be illegal * That being said, confusing scanning tools is somewhat interesting but solved by xoring. Being able to xor without redownloading is already possible with an external tool. It'd be nice to have it integrated but I think the people who want it should make the PR (or finance it) * Funnily enough, my first Bitcoin project ever involved hiding data into bitcoin addresses by grinding: https://github.com/Kixunil/btcsteg so it's accessible to anyone who can google (disclaimer: I've never actually sent anything into the chain using it; also please don't send any tips to that address) * There was an argument, that doing the red dot thing is difficult for non-technical people. That's nonsense, I literally used ChatGPT to write the code because I was lazy. It spit out perfectly working code on first attempt. * I'm writing a (Slovak) article about this and one of the points I made is requiring signatures to prove dlog knowledge for non-p2tr outputs would require more than double the size of current OP_RETURN limit per typical transaction. IOW, if today every single transaction added a maximum standard OP_RETURN it'd still be less data than trying to prevent it. And that's just data size. Signature verification is MUCH more costly than processing of OP_RETURN and whatnot. * Requiring signatures and preimages for Taproot would destroy protocols relying on NUMS and also completely remove all the benefits of Taproot. So yeah, I don't see this ever being implemented. It's also quite ironic that attempts to fight spam would make it much worse. Dňa pi 2. 5. 2025, 21:00 Greg Maxwell napísal(a): > On Friday, May 2, 2025 at 10:23:45 PM UTC Peter Todd wrote: > > # _Uninterrupted_ Illicit Data > > > To refine that, _illicit data_ is a problem and encryption at rest does > not address particularly in so far as possession of some data is a strict > liability crime. > > Uninterrupted however means that it's more likely to get caught by random > scanning tools and whatnot -- and the encryption does that and probably > eliminates most of difference between interrupted and not, which is Peter > Todd's point. > > But I heard someone last night say that encryption solves the illicit data > issue and it absolutely doesn't. It solves a particular unexciting but more > immediate sub part of the problem which is stuff like AV scanners. But I > think that issue is orthogonal to this proposed change. > > Aside, I'd been thinking there was a consensus limit on output sizes of > 10kb but now I'm remembering that it's just at spend time and so obviously > wouldn't be relevant here. > > > to make data publication somewhat more expensive with consensus changes. > Gregory Maxwell outlined how to do so on this mailing list years ago > > > A point of clarification, that's really a scheme to keep arbitrary data > out of unprunable data. The proofs that the values in question are what > they're supposed to be are themselves arbitrary data channels. But these > proofs are prunable. > > It's true that they they only need to be carried near the tip, so you > could even consider them *super prunable*. And while perhaps you can get > many existing transaction patterns into that model, I'm pretty confident > you can't eliminate high bandwidth channels in script without massively > hobbling Bitcoin overall. (Though hey, there are a lot of people out there > these days who would like to hobble bitcoin, so ::shrugs::) > > Even if the functionality reduction were worth it, I dunno that the gain > between prunable (where most data storage stuff is) and super-prunable is > that interesting, particularly since you're looking at on the order of a > 20%-30% increase of bandwidth for transactions and blocks to carry those > proofs. Though for context I then eventually most nodes will sync through > some kind of utxo fast forward, just due to practical considerations, and > w/ that the difference in prunability degree is diminished further. > > It might make sense for just *outputs* if data stuffing into the UTXO set > continues to be a problem as I think it can be done for just outputs > without huge functionality loss... though even so the disruption and > overheads yuck. But before even considering such a disruptive change you'd > want to be really user everything was done to get the storage out of the > unprunable data first, e.g. by getting rid of limits on op_return size. > > have an overhead of about 6.6x. Existing data encoders have been happy > to pay even more money than that in terms of increased fees during fee > spikes; the difference in cost between witness space and txout space is > already 4x, and some are happy to publish data that way anyway. > > > A point I raised on bitcointalk: If you work out how much it costs to > store data on S3 (by far not the cheapest internet data storage) for > *forever* you end up with a rate that is less than a hundred thousandth the > current Bitcoin minimum fee rate-- maybe way less if you also factor in the > cost of storage decreasing, but I didn't. Data stuffers are not > particularly price sensitive, if they were they wouldn't be using Bitcoin > at all. Schemes to discourage them by causing them increased costs (e.g. > by forcing them to encode in ways that use more block capacity) shouldn't > be expected to work. > > And to the extent that what many of these things have been doing is trying > to profit off seigniorage-- creating a rare 'asset' to sell to some greater > fool and profit off the difference-- further restricting them could > increase their volume because the resource they need has been made more > rare. For the vast majority of users the ire comes about this stuff from > the fact that they've driven up fees at times, but that is dependent on > what they're willing to spend, which is likely not particularly related to > the marginal data rates. (And one could always embed smaller jpegs, > compress them better, or not use raw json instead of an efficient encoding > if they cared.. which they clearly don't.) > > -- > You received this message because you are subscribed to the Google Groups > "Bitcoin Development Mailing List" group. > To unsubscribe from this group and stop receiving emails from it, send an > email to bitcoindev+unsubscribe@googlegroups.com. > To view this discussion visit > https://groups.google.com/d/msgid/bitcoindev/16f3af30-985f-40b7-afc3-9faae892d824n%40googlegroups.com > > . > -- You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group. To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/CALkkCJZM4xpzKu6tb1J0YHtp-SxrFmHazetZJ7fUOj53Z2%2BwFA%40mail.gmail.com.