* [Bitcoin-development] one-show signatures (Re: The relationship between Proof-of-Publication and Anti-Replay Oracles)
@ 2014-12-21 18:10 Adam Back
2014-12-21 18:51 ` Peter Todd
0 siblings, 1 reply; 3+ messages in thread
From: Adam Back @ 2014-12-21 18:10 UTC (permalink / raw)
To: Peter Todd; +Cc: Bitcoin Dev
Yes you could for example define a new rule that two signatures
(double-spend) authorises something - eg miners to take funds. (And
this would work with existing ECDSA addresses & unrestricted R-value
choices).
I wasnt really making a point other than an aside that it maybe is
sort-of possible to do with math what you said was not possible where
you said "This [preventing signing more than one message] is
impossible to implement with math alone".
Adam
On 21 December 2014 at 15:29, Peter Todd <pete@petertodd•org>
> There's no need to get into the specifics of crypto math so early; you
> can just as easily and only slightly less efficiently obtain the same
> result with a few extensions to the Bitcoin scripting system to verify
> ECDSA signatures directly.
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Bitcoin-development] one-show signatures (Re: The relationship between Proof-of-Publication and Anti-Replay Oracles)
2014-12-21 18:10 [Bitcoin-development] one-show signatures (Re: The relationship between Proof-of-Publication and Anti-Replay Oracles) Adam Back
@ 2014-12-21 18:51 ` Peter Todd
2014-12-22 0:56 ` paul snow
0 siblings, 1 reply; 3+ messages in thread
From: Peter Todd @ 2014-12-21 18:51 UTC (permalink / raw)
To: Adam Back; +Cc: Bitcoin Dev
[-- Attachment #1: Type: text/plain, Size: 1028 bytes --]
On Sun, Dec 21, 2014 at 06:10:47PM +0000, Adam Back wrote:
> Yes you could for example define a new rule that two signatures
> (double-spend) authorises something - eg miners to take funds. (And
> this would work with existing ECDSA addresses & unrestricted R-value
> choices).
>
> I wasnt really making a point other than an aside that it maybe is
> sort-of possible to do with math what you said was not possible where
> you said "This [preventing signing more than one message] is
> impossible to implement with math alone".
Introducing a bunch of clever ECDSA math doesn't change the fact that
the clever math isn't what is preventing double-spending, clever
economics is. Just like Bitcoin itself.
No sense getting people potentially confused by a bunch of complex
equations that aren't relevant to the more fundemental and much more
important principle that math alone can't prevent double-spending.
--
'peter'[:-1]@petertodd.org
00000000000000001bc21486eb6e305efc085daa6b9acd37305feba64327342e
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 650 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [Bitcoin-development] one-show signatures (Re: The relationship between Proof-of-Publication and Anti-Replay Oracles)
2014-12-21 18:51 ` Peter Todd
@ 2014-12-22 0:56 ` paul snow
0 siblings, 0 replies; 3+ messages in thread
From: paul snow @ 2014-12-22 0:56 UTC (permalink / raw)
To: Peter Todd; +Cc: Bitcoin Dev
[-- Attachment #1: Type: text/plain, Size: 1210 bytes --]
On Sun, Dec 21, 2014 at 12:51 PM, Peter Todd <pete@petertodd•org> wrote:
> On Sun, Dec 21, 2014 at 06:10:47PM +0000, Adam Back wrote:
> > Yes you could for example define a new rule that two signatures
> > (double-spend) authorises something - eg miners to take funds. (And
> > this would work with existing ECDSA addresses & unrestricted R-value
> > choices).
> >
> > I wasnt really making a point other than an aside that it maybe is
> > sort-of possible to do with math what you said was not possible where
> > you said "This [preventing signing more than one message] is
> > impossible to implement with math alone".
>
> Introducing a bunch of clever ECDSA math doesn't change the fact that
> the clever math isn't what is preventing double-spending, clever
> economics is. Just like Bitcoin itself.
>
> No sense getting people potentially confused by a bunch of complex
> equations that aren't relevant to the more fundemental and much more
> important principle that math alone can't prevent double-spending.
Math alone describes all of Bitcoin's structure; as math is a way to model
reality, it has no limits. Saying Math can't prevent double-spending is
near equivalent to saying it cannot be done.
[-- Attachment #2: Type: text/html, Size: 1651 bytes --]
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2014-12-22 0:57 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2014-12-21 18:10 [Bitcoin-development] one-show signatures (Re: The relationship between Proof-of-Publication and Anti-Replay Oracles) Adam Back
2014-12-21 18:51 ` Peter Todd
2014-12-22 0:56 ` paul snow
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox