From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp2.osuosl.org (smtp2.osuosl.org [IPv6:2605:bc80:3010::133]) by lists.linuxfoundation.org (Postfix) with ESMTP id DF9A8C0037 for ; Sun, 31 Dec 2023 19:33:30 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id C0B61400F3 for ; Sun, 31 Dec 2023 19:33:30 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org C0B61400F3 X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -1.902 X-Spam-Level: X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id cL-hYIAwEnrj for ; Sun, 31 Dec 2023 19:33:29 +0000 (UTC) Received: from smtpauth.rollernet.us (smtpauth.rollernet.us [IPv6:2607:fe70:0:3::d]) by smtp2.osuosl.org (Postfix) with ESMTPS id B531A400C1 for ; Sun, 31 Dec 2023 19:33:29 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org B531A400C1 Received: from smtpauth.rollernet.us (localhost [127.0.0.1]) by smtpauth.rollernet.us (Postfix) with ESMTP id 3532D2800C09; Sun, 31 Dec 2023 11:33:26 -0800 (PST) Received: from webmail.rollernet.us (webmail.rollernet.us [IPv6:2607:fe70:0:14::a]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256) (Client did not present a certificate) by smtpauth.rollernet.us (Postfix) with ESMTPSA; Sun, 31 Dec 2023 11:33:25 -0800 (PST) MIME-Version: 1.0 Date: Sun, 31 Dec 2023 09:33:24 -1000 From: "David A. Harding" To: yurisvb@pm.me, Bitcoin Protocol Discussion In-Reply-To: References: User-Agent: Roundcube Webmail/1.4.15 Message-ID: <6068d3536339704f3621894b2ba0daa8@dtrt.org> X-Sender: dave@dtrt.org Content-Type: text/plain; charset=US-ASCII; format=flowed Content-Transfer-Encoding: 7bit X-Rollernet-Abuse: Contact abuse@rollernet.us to report. Abuse policy: http://www.rollernet.us/policy X-Rollernet-Submit: Submit ID 4a99.6591c205.228e.0 Subject: Re: [bitcoin-dev] Lamport scheme (not signature) to economize on L1 X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 31 Dec 2023 19:33:31 -0000 Hi Yuri, I think it's worth noting that for transactions with an equal number of P2TR keypath spends (inputs) and P2TR outputs, the amount of space used in a transaction by the serialization of the signature itself (16 vbytes per input) ranges from a bit over 14% of transaction size (1-input, 1-output) to a bit less than 16% (10,000-in, 10,000-out; a ~1 MvB tx). I infer that to mean that the absolute best a signature replacement scheme can do is free up 16% of block space. An extra 16% of block space is significant, but the advantage of that savings needs to be compared to the challenge of creating a highly peer reviewed implementation of the new signature scheme and then convincing a very large number of Bitcoin users to accept it. A soft fork proposal that introduces new-to-Bitcoin cryptography (such as a different hash function) will likely need to be studied for a prolonged period by many experts before Bitcoin users become confident enough in it to trust their bitcoins to it. A hard fork proposal has the same challenges as a soft fork, plus likely a large delay before it can go into effect, and it also needs to be weighed against the much easier process it would be for experts and users to review a hard fork that increased block capacity by 16% directly. I haven't fully studied your proposal (as I understand you're working on an improved version), but I wanted to put my gut feeling about it into words to offer feedback (hopefully of the constructive kind): I think the savings in block space might not be worth the cost in expert review and user consensus building. That said, I love innovative ideas about Bitcoin and this is one I will remember. If you continue working on it, I very much look forward to seeing what you come up with. If you don't continue working on it, I believe you're likely to think of something else that will be just as exciting, if not more so. Thanks for innovating!, -Dave