From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 60CBB904 for ; Tue, 22 Aug 2017 22:58:57 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-wm0-f43.google.com (mail-wm0-f43.google.com [74.125.82.43]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 1D00016A for ; Tue, 22 Aug 2017 22:58:57 +0000 (UTC) Received: by mail-wm0-f43.google.com with SMTP id l19so3743795wmi.1 for ; Tue, 22 Aug 2017 15:58:56 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:from:date:message-id:subject:to; bh=EifJ+Nxtzd5B5kvVKMkfMg696Rge+T16CTMwMGNkgBY=; b=MEPps1wc5J7Q/Tm7ePfE1qc0e7QmaPShYhFjgiMd23SipSS9krq//IboFnoWxXg7tq aGitZUAaZ07f/t6Jf1zGWpL0EWHEGvbfMfQMhD8mlfcydlS8vERb+PaKjyr8w0ImJNdo Mb72G8VZPWKv1HaWvaUNVHgR1dWgRmLrtb+DstTHz3nIAebqYWLzP1zdrGjo6JU8xp9X RA+eN3mQro0m9CVQjELzQBgJpcqgxaE8uCxodHhl2WjFM+iW6VoRQL6AgiJenFBnHIir etZXS6UbeoBtuQPn/qN5MxH7+BTriUPnMqmLjWI0G1V9tKlGSn6TjBxiLy3aMxagCmW0 0yXg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:from:date:message-id:subject:to; bh=EifJ+Nxtzd5B5kvVKMkfMg696Rge+T16CTMwMGNkgBY=; b=Qt+un3Y8C5y4goyeERJSUUzEQc5b9vD5cyX4pMGT4pzkXNp33VUPTDB2M9Sno8e56V 9UlAjKW2zjBqbeeFvVksjZjFjVAcuqRpmn9eWAqwuCryDIsoZf2ay8VX4U57hABGlkW5 tZ8Aq1qVdKUaYtS9JeCXnfIxKqzeP8GdoDdnPsqVPfJhwAjJcd2bXYU7z5cBCM40/uC1 W/8DqLKLPkUolNU8wwhb1BnljE68seHZSeslUzTwOxooSqzj9t1gJ7nLLCa6hW25yI/h iaM+Rwt3uexVN/+F/FjMVY/ldVkb+N1SnoYJkqim7onImDNpLMCnad/kf3qyluP7Wsh7 56mg== X-Gm-Message-State: AHYfb5iDUSO0Ap9NvV/lNL4kKLb6Zmthsegz9UXujvQocNkaCeP657rN +NBwLwyig5WgH5vWf8yG4cAcIvEk0C5Y7d0= X-Received: by 10.80.149.145 with SMTP id w17mr1370312eda.82.1503442735396; Tue, 22 Aug 2017 15:58:55 -0700 (PDT) MIME-Version: 1.0 Received: by 10.80.143.68 with HTTP; Tue, 22 Aug 2017 15:58:54 -0700 (PDT) From: Rodney Morris Date: Wed, 23 Aug 2017 08:58:54 +1000 Message-ID: To: Bitcoin Protocol Discussion Content-Type: multipart/alternative; boundary="f403045c2c7c2efed205575f8ae2" X-Mailman-Approved-At: Tue, 22 Aug 2017 23:06:00 +0000 Subject: Re: [bitcoin-dev] UTXO growth scaling solution proposal X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Aug 2017 22:58:57 -0000 --f403045c2c7c2efed205575f8ae2 Content-Type: text/plain; charset="UTF-8" Thomas et.al. So, in your minds, anyone who locked up coins using CLTV for their child to receive on their 21st birthday, for the sake of argument, has effectively forfeit those coins after the fact? You are going to force anyone who took coins offline (cryptosteel, paper, doesn't matter) to bring those coins back online, with the inherent security risks? In my mind, the only sane way to even begin discussing an approach implementing such a thing - where coins "expire" after X years - would be to give the entire ecosystem X*N years warning, where N > 1.5. I'd also suggest X would need to be closer to the life span of a human than zero. Mind you, I'd suggest this "feature" would need to be coded and deployed as a future-hard-fork X*N years ahead of time. A-la Satoshi's blog post regarding increasing block size limit, a good enough approximation would be to add a block height check to the code that approximates X*N years, based on 10 minute blocks. The transparency around such a change would need to be radical and absolute. I'd also suggest that, similar to CLTV, it only makes sense to discuss creating a "never expire" transaction output, if such a feature were being seriously considered. If you think discussions around a block size increase were difficult, then we'll need a new word to describe the challenges and vitriol that would arise in arguments that will follow this discussion should it be seriously proposed, IMHO. I also don't think it's reasonable to conflate the discussion herein with discussion about what to do when ECC or SHA256 is broken. The weakening/breaking of ECC poses a real risk to the stability of Bitcoin - the possible release of Satoshi's stash being the most obvious example - and what to do about that will require serious consideration when the time comes. Even if the end result is the same - that coins older than "X" will be invalidated - everything else important about the scenarios are different as far as I can see. Rodney > > > Date: Tue, 22 Aug 2017 13:24:05 -0400 > From: Thomas Guyot-Sionnest > To: Erik Aronesty , Bitcoin Protocol Discussion > , Chris Riley > > Cc: Matthew Beton > Subject: Re: [bitcoin-dev] UTXO growth scaling solution proposal > Message-ID: <4c39bee6-f419-2e36-62a8-d38171b15558@aei.ca> > Content-Type: text/plain; charset="windows-1252" > > In any case when Hal Finney do not wake up from his 200years > cryo-preservation (because unfortunately for him 200 years earlier they > did not know how to preserve a body well enough to resurrect it) he > would find that advance in computer technology made it trivial for > anyone to steal his coins using the long-obsolete secp256k1 ec curve > (which was done long before, as soon as it became profitable to crack > down the huge stash of coins stale in the early blocks) > > I just don't get that argument that you can't be "your own bank". The > only requirement coming from this would be to move your coins about once > every 10 years or so, which you should be able to do if you have your > private keys (you should!). You say it may be something to consider when > computer breakthroughs makes old outputs vulnerable, but I say it's not > "if" but "when" it happens, and by telling firsthand people that their > coins requires moving every once in a long while you ensure they won't > do stupid things or come back 50 years from now and complain their > addresses have been scavenged. > > -- > Thomas > > > --f403045c2c7c2efed205575f8ae2 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Thomas et.al.
=
So, in your minds, anyone who locked up coins using CLTV for= their child to receive on their 21st birthday, for the sake of argument, h= as effectively forfeit those coins after the fact?=C2=A0 You are going to f= orce anyone who took coins offline (cryptosteel, paper, doesn't matter)= to bring those coins back online, with the inherent security risks?
<= div>
In my mind, the only sane way to even begin discussing a= n approach implementing such a thing - where coins "expire" after= X years - would be to give the entire ecosystem X*N years warning, where N= > 1.5.=C2=A0 I'd also suggest X would need to be closer to the life= span of a human than zero.=C2=A0 Mind you, I'd suggest this "feat= ure" would need to be coded and deployed as a future-hard-fork X*N yea= rs ahead of time.=C2=A0 A-la Satoshi's blog post regarding increasing b= lock size limit, a good enough approximation would be to add a block height= check to the code that approximates X*N years, based on 10 minute blocks.= =C2=A0 The transparency around such a change would need to be radical and a= bsolute.

I'd also suggest that, similar to CLT= V, it only makes sense to discuss creating a "never expire" trans= action output, if such a feature were being seriously considered.

If you think discussions around a block size increase were = difficult, then we'll need a new word to describe the challenges and vi= triol that would arise in arguments that will follow this discussion should= it be seriously proposed, IMHO.

I also don't = think it's reasonable to conflate the discussion herein with discussion= about what to do when ECC or SHA256 is broken.=C2=A0 The weakening/breakin= g of ECC poses a real risk to the stability of Bitcoin - the possible relea= se of Satoshi's stash being the most obvious example - and what to do a= bout that will require serious consideration when the time comes.=C2=A0 Eve= n if the end result is the same - that coins older than "X" will = be invalidated - everything else important about the scenarios are differen= t as far as I can see.

Rodney





Date: Tue, 22 Aug 2017 13:24:05 -0400
From: Thomas Guyot-Sionnest <dermoth@a= ei.ca>
To: Erik Aronesty <erik@q32.com>,= =C2=A0 =C2=A0 =C2=A0 =C2=A0Bitcoin Protocol Discussion
=C2=A0 =C2=A0 =C2=A0 =C2=A0 <bitcoin-dev@lists.linuxfoundation.org>,=C2=A0 =C2= =A0 =C2=A0 =C2=A0 Chris Riley
=C2=A0 =C2=A0 =C2=A0 =C2=A0 <criley@= gmail.com>
Cc: Matthew Beton <matthew.be= ton@gmail.com>
Subject: Re: [bitcoin-dev] UTXO growth scaling solution proposal
Message-ID: <4c39bee6-f419-2e36-62a8-d38171b15558@aei.ca>
Content-Type: text/plain; charset=3D"windows-1252"

In any case when Hal Finney do not wake up from his 200years
cryo-preservation (because unfortunately for him 200 years earlier they
did not know how to preserve a body well enough to resurrect it) he
would find that advance in computer technology made it trivial for
anyone to steal his coins using the long-obsolete secp256k1 ec curve
(which was done long before, as soon as it became profitable to crack
down the huge stash of coins stale in the early blocks)

I just don't get that argument that you can't be "your own ban= k". The
only requirement coming from this would be to move your coins about once every 10 years or so, which you should be able to do if you have your
private keys (you should!). You say it may be something to consider when computer breakthroughs makes old outputs vulnerable, but I say it's not=
"if" but "when" it happens, and by telling firsthand pe= ople that their
coins requires moving every once in a long while you ensure they won't<= br> do stupid things or come back 50 years from now and complain their
addresses have been scavenged.

--
Thomas



--f403045c2c7c2efed205575f8ae2--