public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: ZmnSCPxj <ZmnSCPxj@protonmail.com>
To: DA Williamson <damian@willtech.com.au>
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] Taproot NACK
Date: Wed, 17 Mar 2021 04:11:26 +0000	[thread overview]
Message-ID: <4ltFpTt8QxX44nedimzJ7J4F1bIhwxb9rbqf1DeGlYX8W7CduYCy64miuq2IIjee_K5rBV6ofEPzdYQniEq6IR4I7ZO5ENlk9z-mQPs-YZE=@protonmail.com> (raw)
In-Reply-To: <932f2f2866cac087a207f8757c9df4b776ccdb04.camel@willtech.com.au>

Good morning JAMES,

> Good Afternoon,
>
> Verifiable and independantly verifiable are not the same. Independantly
> scrutinable means any public can scrutinise blockchain to determine it
> is honest. It does not rely on involved parties but insistently on the
> data published in the blockchain.

The involved parties ultimately publish the data on the blockchain, and the result is independently validatable.
All that each involved party has to do is validate for itself that it does not lose any funds, and, by the operation of math, the summary result does not result in any loss (or creation) of funds, thus CoinJoin cannot lead to fraud.

I do not see much of a point in your objection here.
For example, in the case of Lightning, the individual payments made by the participants in the channel cannot be verified by anyone else (they can lie about the payments that occurred on their channel).
But both participants in the channel need to agree on a single result, and it is that summary result that is independently verified onchain and published.

Indeed, one major technique for privacy improvement in Bitcoin is the simple technique of creating summaries of multiple actions without revealing details.
Such a general class of techniques works by reducing the data pushed onchain which provides both (a) scale because less data on chain and (b) privacy because less data is analyzable onchain.

Basically ---

1.  The entire point of a public blockchain is to prevent uncontrolled forgery of the coin.
    Only particular rules allow construction of new coins (in Bitcoin, the mining subsidy).
2.  Various techniques can be used to support the above central point.
    * The simplest is to openly publish every amount value in cleartext.
      * However, this is not necessarily the ***only*** acceptable way to achieve the goal!
      * Remember, the point is to prevent uncontrolled forgery.
        The point is **not** mass surveillance.
    * Another method would be to openly publish **summaries** of transactions, such as by Lightning Network summarizing the result of multiple payments.
      * CoinJoin is really just a way to summarize multiple self-payments.
    * Another method would be to use homomorphisms between a cleartext and a ciphertext, and publish only the ciphertext (which can be independently verified as correctly being added together and that inputs equal outputs plus fees).

No privacy technique worth discussing and development in Bitcoin gets around the above point, and thus fraud cannot be achieved with those (at least if we define fraud simply as "those who control the keys control the coins" --- someone stealing a copy of your privkeys is beyond this definition of fraud).
Any privacy improvement Taproot buys (mostly in LN, but also some additional privacy for CoinSwap) will still not allow fraud.

Regards,
ZmnSCPxj


  reply	other threads:[~2021-03-17  4:11 UTC|newest]

Thread overview: 36+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-02-24  3:23 [bitcoin-dev] Taproot NACK LORD HIS EXCELLENCY JAMES HRMH
2021-02-27 16:14 ` Jeremy
2021-02-28 11:36   ` LORD HIS EXCELLENCY JAMES HRMH
2021-02-28 13:07     ` Ariel Lorenzo-Luaces
2021-03-01  1:34       ` LORD HIS EXCELLENCY JAMES HRMH
2021-03-01 22:37         ` Eric Voskuil
2021-03-02  1:16           ` Daniel Edgecumbe
2021-03-03  3:06             ` LORD HIS EXCELLENCY JAMES HRMH
2021-03-03 11:58               ` eric
2021-03-03 16:30                 ` micaroni
2021-03-03 14:49               ` Erik Aronesty
2021-03-04  5:06                 ` LORD HIS EXCELLENCY JAMES HRMH
2021-03-05 14:04                   ` Ryan Grant
2021-03-10  6:34                     ` LORD HIS EXCELLENCY JAMES HRMH
2021-03-11  0:47                       ` Keagan McClelland
2021-03-12 13:04                         ` R E Broadley
2021-03-12 22:30                           ` Eric Voskuil
2021-03-14 10:13                             ` LORD HIS EXCELLENCY JAMES HRMH
2021-03-14 18:41                               ` Aymeric Vitte
2021-03-17  4:19                                 ` ZmnSCPxj
2021-03-17  5:46                                   ` LORD HIS EXCELLENCY JAMES HRMH
2021-03-17  7:14                                     ` Eric Voskuil
2021-03-02 11:56           ` Chris Belcher
2021-03-03 11:22             ` LORD HIS EXCELLENCY JAMES HRMH
2021-03-16  2:11               ` ZmnSCPxj
2021-03-16 11:39                 ` DA Williamson
2021-03-17  4:11                   ` ZmnSCPxj [this message]
2021-03-17  8:13                     ` LORD HIS EXCELLENCY JAMES HRMH
2021-03-17  9:32                       ` ZmnSCPxj
2021-03-18  1:10                         ` DA Williamson
2021-03-03  2:54           ` LORD HIS EXCELLENCY JAMES HRMH
2021-03-03 11:55             ` eric
2021-03-04  4:53               ` LORD HIS EXCELLENCY JAMES HRMH
2021-03-03 14:32             ` Thomas Hartman
2021-03-04  5:05               ` LORD HIS EXCELLENCY JAMES HRMH
     [not found] <SL2P216MB008922741210CC853A51A5A19D979@SL2P216MB0089.KORP216.PROD.OUTLOOK.COM>
2021-03-04  7:46 ` Eric Voskuil

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='4ltFpTt8QxX44nedimzJ7J4F1bIhwxb9rbqf1DeGlYX8W7CduYCy64miuq2IIjee_K5rBV6ofEPzdYQniEq6IR4I7ZO5ENlk9z-mQPs-YZE=@protonmail.com' \
    --to=zmnscpxj@protonmail.com \
    --cc=bitcoin-dev@lists.linuxfoundation.org \
    --cc=damian@willtech.com.au \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox