You make an excellent point. Neither of these proposals impact the
protocol itself. I hadn't considered that. But I think it's a
critically important problem to solve (signature blocks, not so
much, but it could piggy back on the same solution). So the
mailing list is a good place to discuss this, but it maybe it
shouldn't be labeled as a BIP. I'll leave that up to the others
(arguably, the URI scheme is not a protocol change, either, but was
still a BIP).
There is all this fanfare around P2SH and how multi-sig is the
solution to all these security problems, but how the hell do you use
it? I believe that BIP 10 (or successor) is criticalto
the success of multi-sig, because the greatest barrier to using
multi-sig will be the ability to actually execute them in less than
14 steps. And if every client implements it differently, there's
even less chance it will be used (assuming the userbase reaches any
level of client diversity).
I think we need to supply a solution to this existing problem before
everyone starts solving it on their own and fragmenting the market.
No one has to use the solution we come up with -- but I believe it's
a problem for which most developers will take any solution that is
easy to exchange, size-efficient and promised to be interoperable
(if for no other reason than the Satoshi client uses it).
-Alan
On 04/03/2012 07:37 PM, Mike Koss wrote:
Alan, I'm coming in late to the conversation - do I
understand that BIP 010 does not propose any changes to the
protocol - but just an intermediate data format that other clients
might use to collect the need key material to sign a
multi-signature block?
If so - one might ask what the role of BIP's are if they
actually do not impact the protocol?
If there is any encapsulated data format that is expected
to be interpreted by clients - I'd call that a "protocol
change"; but I take it in this instance that you will transmit
these signature block out of band from the client ... yet they
would have to be parsed and converted into a Transaction
Script once collected by SOME client? Would we expect the
standard client do so?
Sorry if this has been discussed before - I'm trying to
understand the proposal.
Just to clarify,
I'm not proposing anything to the protocol itself.
Simply that some applications might benefit from users
being to sign messages with existing Bitcoin identities,
and what can we do to accommodate that (out of band)?
It's not a high priority, but I think it's potentially
useful, and most codebases already have everything they
need in place to implement it.
On 04/03/2012 04:04 PM, Peter Vessenes wrote:
I don't think it's minimally
invasive to layer PGP's web of trust on top of
Bitcoin, in fact, the opposite.
From a certain angle, bitcoin exists as a
sort of answer / alternate solution to the web
of trust. Digital cash with an existing web of
trust in place was a working concept in the
mid-1990s, courtesy of David Chaum, I believe.
I totally agree on the kitchen sink concern;
I would personally like to see something like a
one-year required discussion period on all
non-security changes proposed to the blockchain
protocol. We know almost nothing about how
bitcoin will be used over the next 20 years; I
believe it's a mistake to bulk up the protocol
too rapidly right now.
There's a famous phrase from the founder of
Lotus about Lotus' engineering process: "add
lightness." The equivalent for protocol design
might be "add simplicity." I'd like to see us
adding simplicity for now, getting a core set of
tests together for alternate implementations
like libbitcoin, and thinking hard about the
dangers of cruft over a 10+ year period when it
comes to a technology which will necessarily
include a complete history of every crufty
decision embodied in transaction histories.
Peter
On Tue, Apr 3, 2012 at
1:42 PM, Wladimir <laanwj@gmail.com>
wrote:
On Tue, Apr 3, 2012 at 8:55 PM,
Luke-Jr <luke@dashjr.org>
wrote:
On Tuesday, April 03, 2012
2:46:17 PM Gavin Andresen wrote:
> We should avoid reinventing the
wheel, if we can. I think we should
> extend existing standards
whenever possible.
I wonder if it's possible to make sigs
compatible with PGP/EC ?
Or we could take a step back, further
into "don't reinvent the wheel"
territory. Why not simply make use of
PGP(/EC) to sign and verify messages? It
has many advantages, like an already
existing web-of-trust and keyserver
infrastructure.
I still feel like this is sign message
stuff is dragging the kitchen sink into
Bitcoin. It's fine for logging into a
website, what you use it for, but
anything that approaches signing email
(such as S/MIME implementations and
handling different character encodings)
is going too far IMO.
Wladimir