From: moonsettler <moonsettler@protonmail•com>
To: "bitcoin-dev@lists•linuxfoundation.org"
<bitcoin-dev@lists•linuxfoundation.org>
Subject: [bitcoin-dev] Ark: An Alternative Privacy-preserving Second Layer Solution
Date: Sun, 11 Jun 2023 09:19:18 +0000 [thread overview]
Message-ID: <mZy1LRBcpmxS4m217WThcZnHLH1gq8hrDaSfgqIfwxEqcodVPvcOKWHamj-6obEFXTVVAraN_ACPCDejaH_VY8wBF6cYGwwiKZyC0UGv238=@protonmail.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 1450 bytes --]
Hi All,
I have a question about the often touted statement that "APO can emulate CTV". From what I have found in the specs and the inquisition codebase:
> BIP-118 ANYPREVOUTANYSCRIPT can constrain outputs of a spending transaction by hardcoding a 65-byte signature and a 33-byte unknown public key type in a script. Alternatively, BIP-119 CTV can directly constrain transaction outputs to a template hash.
APO/AS SIGHASH does not commit to the number of inputs (nor obviously the other input outpoints themselves). This has some interesting consequences for Ark, which relies on TXID non-malleability for it's ATLCs.
Either one of these cases seem to be true depending on how the contracts are constructed:
- APO only: Users can double spend the ASP (USER CAN STEAL)
- APO + ASP single sig: ASP can stop users from unilateral exit and sweep funds after 4 weeks (ASP CAN STEAL)
- n-of-n musig on the vTXO tree: trustless, APO however is not needed, full interactivity, analogous to key deletion covenant (NOBODY CAN STEAL)
APO/AS can also not be used for the ATLC itself, as it has to commit to the TX outpoint of the connector transaction.
OP_CTV however commits to the number of inputs explicitly, thus committing to a single input prevents TXID malleability and ensures the ATLC is going to be enforceable.
I would like to ask what the devs who are deeper into covenant research think about this, and if I'm missing something?
- moonsettler
[-- Attachment #2: Type: text/html, Size: 1995 bytes --]
next reply other threads:[~2023-06-11 9:19 UTC|newest]
Thread overview: 19+ messages / expand[flat|nested] mbox.gz Atom feed top
2023-06-11 9:19 moonsettler [this message]
-- strict thread matches above, loose matches on Subject: below --
2023-06-07 18:20 David A. Harding
2023-05-28 6:02 Ali Sherief
2023-05-26 7:33 jk_14
2023-05-25 12:12 Ali Sherief
2023-05-22 7:54 Burak Keceli
2023-05-22 13:03 ` ZmnSCPxj
2023-05-23 4:31 ` Burak Keceli
2023-05-23 22:06 ` G. Andrew Stone
2023-05-24 0:40 ` ZmnSCPxj
2023-05-24 0:45 ` ZmnSCPxj
2023-05-24 7:53 ` Burak Keceli
2023-05-24 6:28 ` Burak Keceli
2023-05-24 20:20 ` adiabat
2023-05-24 23:02 ` David A. Harding
2023-05-26 11:56 ` Burak Keceli
2023-05-27 20:36 ` David A. Harding
2023-06-07 13:30 ` Burak Keceli
2023-08-06 22:43 ` Antoine Riard
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='mZy1LRBcpmxS4m217WThcZnHLH1gq8hrDaSfgqIfwxEqcodVPvcOKWHamj-6obEFXTVVAraN_ACPCDejaH_VY8wBF6cYGwwiKZyC0UGv238=@protonmail.com' \
--to=moonsettler@protonmail$(echo .)com \
--cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox