public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Peter Todd <pete@petertodd.org>
To: Gavin <gavinandresen@gmail.com>
Subject: Re: [Bitcoin-development] Proposal: soft-fork to make anyone-can-spend outputs unspendable for 100 blocks
Date: Sun, 2 Jun 2013 02:13:27 -0400	[thread overview]
Message-ID: <20130602061327.GA14148@savin> (raw)
In-Reply-To: <38A06794-B6B4-45F3-99C1-24B08434536D@gmail.com>

[-- Attachment #1: Type: text/plain, Size: 2428 bytes --]

On Sat, Jun 01, 2013 at 10:32:07PM -0400, Gavin wrote:
> Feels like a new opcode might be better.
> 
> Eg  <data> 100 OP_NOP1
> 
> ... Where op_nop1 is redefined to be 'verify depth' ... 

Good idea.

Either way, looks like complex announce-commit logic isn't needed and a
simple txout with one of a few possible forms will work.

I'd say we tell people to sacrifice to (provably) unspendable for now
and do a soft-fork later if there is real demand for this stuff in the
future.

> On Jun 1, 2013, at 3:30 PM, Peter Todd <pete@petertodd.org> wrote:
> 
> > Currently the most compact way (proof-size) to sacrifice Bitcoins that
> > does not involve making them unspendable is to create a anyone-can-spend
> > output as the last txout in the coinbase of a block:
> > 
> > scriptPubKey: <data> OP_TRUE
> > 
> > The proof is then the SHA256 midstate, the txout, and the merkle path to
> > the block header. However this mechanism needs miner support, and it is
> > not possible to pay for such a sacrifice securely, or create an
> > assurance contract to create one.
> > 
> > A anyone-can-spend in a regular txout is another option, but there is no
> > way to prevent a miner from including a transaction spending that txout
> > in the same block. Once that happens, there is no way to prove the miner
> > didn't create both, thus invalidating the sacrifice. The announce-commit
> > protocol solves that problem, but at the cost of a much larger proof,
> > especially if multiple parties want to get together to pay the cost of
> > the sacrifice. (the proof must include the entire tx used to make the
> > sacrifice)
> > 
> > However if we add a rule where txouts ending in OP_TRUE are unspendable
> > for 100 blocks, similar to coinbases, we fix these problems. The rule
> > can be done as a soft-fork with 95% support in the same way the
> > blockheight rule was implemented. Along with that change
> > anyone-can-spend outputs should be make IsStandard() so they will be
> > relayed.
> > 
> > The alternative is sacrifices to unspendable outputs, which is very
> > undesirable compared to sending the money to miners to further
> > strengthen the security of the network.
> > 
> > We should always make it easy for people to write code that does what is
> > best for Bitcoin.

-- 
'peter'[:-1]@petertodd.org
0000000000000092f448c7630e47584650efa7e27604161c0b5984d603d944ea

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 490 bytes --]

  parent reply	other threads:[~2013-06-02 17:15 UTC|newest]

Thread overview: 22+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-06-01 19:30 [Bitcoin-development] Proposal: soft-fork to make anyone-can-spend outputs unspendable for 100 blocks Peter Todd
     [not found] ` <201306012034.31543.luke@dashjr.org>
2013-06-01 20:58   ` Peter Todd
     [not found] ` <38A06794-B6B4-45F3-99C1-24B08434536D@gmail.com>
2013-06-02  6:13   ` Peter Todd [this message]
2013-06-02 17:35     ` Jeff Garzik
2013-06-02 18:41       ` Peter Todd
2013-06-04  0:22     ` Mark Friedenbach
2013-06-02 21:45 ` Adam Back
2013-06-04 14:12   ` Jeff Garzik
2013-06-04 14:55     ` John Dillon
2013-06-04 17:42       ` Jeff Garzik
2013-06-04 18:36         ` Roy Badami
2013-06-04 18:49           ` Jeff Garzik
2013-06-04 20:25             ` Peter Todd
2013-06-03 23:43 ` Melvin Carvalho
2013-06-04  2:26   ` Michael Hendricks
2013-06-06 19:14 Luke-Jr
2013-06-06 19:59 ` Andreas M. Antonopoulos
2013-06-06 20:07   ` Luke-Jr
2013-06-06 20:16     ` Andreas M. Antonopoulos
2013-06-06 21:48       ` Luke-Jr
2013-06-06 22:10         ` Melvin Carvalho
2013-06-06 20:25   ` Melvin Carvalho

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20130602061327.GA14148@savin \
    --to=pete@petertodd.org \
    --cc=gavinandresen@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox