From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by lists.linuxfoundation.org (Postfix) with ESMTP id 97BB1C000B for ; Wed, 16 Feb 2022 03:45:53 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 9385A4161C for ; Wed, 16 Feb 2022 03:45:53 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -1.652 X-Spam-Level: X-Spam-Status: No, score=-1.652 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HEADER_FROM_DIFFERENT_DOMAINS=0.25, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7qBIvzru57qV for ; Wed, 16 Feb 2022 03:45:52 +0000 (UTC) X-Greylist: delayed 18:59:16 by SQLgrey-1.8.0 Received: from gandalf.ozlabs.org (gandalf.ozlabs.org [150.107.74.76]) by smtp4.osuosl.org (Postfix) with ESMTPS id C707E415E9 for ; Wed, 16 Feb 2022 03:45:51 +0000 (UTC) Received: by gandalf.ozlabs.org (Postfix, from userid 1011) id 4Jz3lF5Mcbz4xmx; Wed, 16 Feb 2022 14:45:45 +1100 (AEDT) From: Rusty Russell To: Jeremy Rubin In-Reply-To: References: <87leymuiu8.fsf@rustcorp.com.au> <87k0dwr015.fsf@rustcorp.com.au> Date: Wed, 16 Feb 2022 12:56:14 +1030 Message-ID: <87a6err1h5.fsf@rustcorp.com.au> MIME-Version: 1.0 Content-Type: text/plain Cc: Bitcoin Protocol Discussion Subject: Re: [bitcoin-dev] TXHASH + CHECKSIGFROMSTACKVERIFY in lieu of CTV and ANYPREVOUT X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 16 Feb 2022 03:45:53 -0000 Jeremy Rubin writes: > Hi Rusty, > > Please see my post in the other email thread > https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-February/019886.html > > The differences in this regard are several, and worth understanding beyond > "you can iterate CTV". I'd note a few clear examples for showing that "CTV > is just as powerful" is not a valid claim: > > 1) CTV requires the contract to be fully enumerated and is non-recursive. > For example, a simple contract that allows n participants to take an action > in any order requires factorially many pre-computations, not just linear or > constant. For reference, 24! is about 2**80. Whereas for a more > interpretive covenant -- which is often introduced with the features for > recursion -- you can compute the programs for these addresses in constant > time. > 2) CTV requires the contract to be fully enumerated: For example, a simple > contract one could write is "Output 0 script matches Output 1", and the set > of outcomes is again unbounded a-priori. With CTV you need to know the set > of pairs you'd like to be able to expand to a-priori > 3) Combining 1 and 2, you could imagine recursing on an open-ended thing > like creating many identical outputs over time but not constraining what > those outputs are. E.g., Output 0 matches Input 0, Output 1 matches Output > 2. Oh agreed. It was distinction of "recursive" vs "not recursive" which was less useful in this context. "limited to complete enumeration" is the more useful distinction: it's a bright line between CTV and TXHASH IMHO. > I'll close by repeating : Whether that [the recursive/open ended > properties] is an issue or not precluding this sort of design or not, I > defer to others. Yeah. There's been some feeling that complex scripting is bad, because people can lose money (see the various attempts to defang SIGHASH_NOINPUT). I reject that; since script exists, we've crossed the Rubicon, so let's make the tools as clean and clear as we can. Cheers! Rusty.