public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Gregory Maxwell <gmaxwell@gmail.com>
To: Tom Harding <tomh@thinlink.com>
Cc: Bitcoin Development <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Address Expiration to Prevent Reuse
Date: Wed, 25 Mar 2015 19:22:58 +0000	[thread overview]
Message-ID: <CAAS2fgQMW+Htqu0wonL7r-ZN_t0evRayDCGRMKYzRUaCm6wxjw@mail.gmail.com> (raw)
In-Reply-To: <551301F0.9020806@thinlink.com>

On Wed, Mar 25, 2015 at 6:44 PM, Tom Harding <tomh@thinlink.com> wrote:
> Is this assuming payment protocol?  A major benefit of address
> expiration, if it works, would be that it works without requiring
> payment protocol.

Not at all.

> Are you suggesting there is no implementation of address expiration that
> wouldn't allow the string to be trivially changed by the sender?

The sender is always able to intentionally hide their payment under a
rock-- There is no encoding that can prevent that.

The defense against that is to not accept payments not made according
to the payees specification.

> I don't understand, explanation would be appreciated.

To reject reused scriptPubKeys you must remember past scriptPubkeys in
order to test against them.

For illustration purposes imagine a bitcoin system where there is only
a single base unit available for trade.

Verification of that chain requires O(1) storage (the identity of the
current chain tip, and the identity of the spendable coin.).
Verification with duplicate elimination requires O(N) storage (with N
being the length of the history), since you need to track all the
duplicates to reject.

(The same is true for actual Bitcoin as well, though the constant
factors make the difference somewhat less stark.)



  reply	other threads:[~2015-03-25 19:23 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-03-25  1:57 [Bitcoin-development] Address Expiration to Prevent Reuse Tom Harding
2015-03-25 10:09 ` Matt Whitlock
2015-03-25 16:34 ` Gregory Maxwell
2015-03-25 18:44   ` Tom Harding
2015-03-25 19:22     ` Gregory Maxwell [this message]
2015-03-26 20:38       ` Tom Harding
2015-03-26 20:42         ` Gregory Maxwell
2015-03-26 21:26           ` Tom Harding
2015-03-26 21:33             ` Peter Todd
2015-03-26 21:44             ` Gregory Maxwell
2015-03-26 22:23               ` Tom Harding
2015-03-26 22:28               ` s7r
2015-03-26 23:00                 ` Gregory Maxwell
2015-06-13  4:52               ` odinn
2015-03-27  1:51 Thy Shizzle
2015-03-27  3:13 ` Gregory Maxwell
2015-03-27  4:31 Thy Shizzle

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAAS2fgQMW+Htqu0wonL7r-ZN_t0evRayDCGRMKYzRUaCm6wxjw@mail.gmail.com \
    --to=gmaxwell@gmail.com \
    --cc=bitcoin-development@lists.sourceforge.net \
    --cc=tomh@thinlink.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox