From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1XnwPZ-0002Dp-Cf for bitcoin-development@lists.sourceforge.net; Mon, 10 Nov 2014 21:22:09 +0000 Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.216.49 as permitted sender) client-ip=209.85.216.49; envelope-from=tier.nolan@gmail.com; helo=mail-qa0-f49.google.com; Received: from mail-qa0-f49.google.com ([209.85.216.49]) by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1XnwPU-0002rH-3y for bitcoin-development@lists.sourceforge.net; Mon, 10 Nov 2014 21:22:09 +0000 Received: by mail-qa0-f49.google.com with SMTP id i13so5883005qae.8 for ; Mon, 10 Nov 2014 13:21:58 -0800 (PST) MIME-Version: 1.0 X-Received: by 10.224.130.71 with SMTP id r7mr47152986qas.69.1415654518663; Mon, 10 Nov 2014 13:21:58 -0800 (PST) Received: by 10.140.41.18 with HTTP; Mon, 10 Nov 2014 13:21:58 -0800 (PST) In-Reply-To: References: Date: Mon, 10 Nov 2014 21:21:58 +0000 Message-ID: From: Tier Nolan To: Bitcoin Dev Content-Type: multipart/alternative; boundary=001a1132eb28b5b0cc050787c0a0 X-Spam-Score: -0.6 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (tier.nolan[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 1.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1XnwPU-0002rH-3y Subject: Re: [Bitcoin-development] BIP draft - Auxiliary Header Format X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 10 Nov 2014 21:22:09 -0000 --001a1132eb28b5b0cc050787c0a0 Content-Type: text/plain; charset=UTF-8 I updated the BIP to cover only the specification of the transactions that need to be added. I will create a network BIP tomorrow. On Mon, Nov 10, 2014 at 11:42 AM, Tier Nolan wrote: > The aheaders message is required to make use of the data by SPV clients. > This could be in a separate BIP though. I wanted to show that the merkle > path to the aux-header transaction could be efficiently encoded, but a > reference to the other BIP would be sufficient. > > For the other messages, the problem is that the hash of the aux header is > part of the block, but the aux header itself is not. That means that the > aux header has to be sent for validation of the block. > > I will change it so that the entire aux-header is encoded in the block. I > think encoding the hash in the final transaction and the full aux-header in > the 2nd last one is the best way to do it. This has the added advantage of > reducing the changes to block data storage, since the aux-header doesn't > have to be stored separately. > > > On Mon, Nov 10, 2014 at 12:52 AM, Gregory Maxwell > wrote: > >> Some initial comments... >> >> Tying in the protocol changes is really confusing and the fact that >> they seem to be required out the gates would seemingly make this much >> harder to deploy. Is there a need to do that? Why can't the p2p part >> be entirely separate from the comitted data? >> >> On Mon, Nov 10, 2014 at 12:39 AM, Tier Nolan >> wrote: >> > I made some changes to the draft. The merkleblock now has the auxiliary >> > header information too. >> > >> > There is a tradeoff between overhead and delayed transactions. Is 12.5% >> > transactions being delayed to the next block unacceptable? Would adding >> > padding transactions be an improvement? >> > >> > Creating the "seed" transactions is an implementation headache. >> > >> > Each node needs to have control over an UTXO to create the final >> transaction >> > in the block that has the digest of the auxiliary header. This means >> that >> > it is not possible to simply start a node and have it mine. It has to >> > somehow be given the private key. If two nodes were given the same key >> by >> > accident, then one could end up blocking the other. >> > >> > On one end of the scale is adding a transaction with a few thousand >> outputs >> > into the block chain. The signatures for locktime restricted >> transactions >> > that spend those outputs could be hard-coded into the software. This >> is the >> > easiest to implement, but would mean a large table of signatures. The >> > person who generates the signature list would have to be trusted not to >> > spend the outputs early. >> > >> > The other end of the scale means that mining nodes need to include a >> wallets >> > to manage their UTXO entry. Miners can split a zero value output into >> lots >> > of outputs, if they wish. >> > >> > A middle ground would be for nodes to be able to detect the special >> > transactions and use them. A server could send out timelocked >> transactions >> > that pay to a particular address but the transaction would be >> timelocked. >> > The private key for the output would be known. However, miners who mine >> > version 2 blocks wouldn't be able to spend them early. >> > >> > >> > On Sat, Nov 8, 2014 at 11:45 PM, Tier Nolan >> wrote: >> >> >> >> I created a draft BIP detailing a way to add auxiliary headers to >> Bitcoin >> >> in a bandwidth efficient way. The overhead per auxiliary header is >> only >> >> around 104 bytes per header. This is much smaller than would be >> required by >> >> embedding the hash of the header in the coinbase of the block. >> >> >> >> It is a soft fork and it uses the last transaction in the block to >> store >> >> the hash of the auxiliary header. >> >> >> >> It makes use of the fact that the last transaction in the block has a >> much >> >> less complex Merkle branch than the other transactions. >> >> >> >> >> https://github.com/TierNolan/bips/blob/aux_header/bip-aux-header.mediawiki >> >> >> > >> > >> > >> ------------------------------------------------------------------------------ >> > >> > _______________________________________________ >> > Bitcoin-development mailing list >> > Bitcoin-development@lists.sourceforge.net >> > https://lists.sourceforge.net/lists/listinfo/bitcoin-development >> > >> > > --001a1132eb28b5b0cc050787c0a0 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
I updated the BIP to cover only the specification of the t= ransactions that need to be added.=C2=A0 I will create a network BIP tomorr= ow.

On M= on, Nov 10, 2014 at 11:42 AM, Tier Nolan <tier.nolan@gmail.com><= /span> wrote:
= The aheaders message is required to make use of the data by SPV clients.=C2= =A0 This could be in a separate BIP though.=C2=A0 I wanted to show that the= merkle path to the aux-header transaction could be efficiently encoded, bu= t a reference to the other BIP would be sufficient.

For the ot= her messages, the problem is that the hash of the aux header is part of the= block, but the aux header itself is not.=C2=A0 That means that the aux hea= der has to be sent for validation of the block.

I will change = it so that the entire aux-header is encoded in the block.=C2=A0 I think enc= oding the hash in the final transaction and the full aux-header in the 2nd = last one is the best way to do it.=C2=A0 This has the added advantage of re= ducing the changes to block data storage, since the aux-header doesn't = have to be stored separately.


=
On Mon, Nov 10, = 2014 at 12:52 AM, Gregory Maxwell <gmaxwell@gmail.com> wrot= e:
Some initial comments...

Tying in the protocol changes is really confusing and the fact that
they seem to be required out the gates would seemingly make this much
harder to deploy.=C2=A0 =C2=A0Is there a need to do that? Why can't the= p2p part
be entirely separate from the comitted data?

On Mon, Nov 10, 2014 at 12:39 AM, Tier Nolan <tier.nolan@gmail.com> wrote:
> I made some changes to the draft.=C2=A0 The merkleblock now has the au= xiliary
> header information too.
>
> There is a tradeoff between overhead and delayed transactions.=C2=A0 I= s 12.5%
> transactions being delayed to the next block unacceptable?=C2=A0 Would= adding
> padding transactions be an improvement?
>
> Creating the "seed" transactions is an implementation headac= he.
>
> Each node needs to have control over an UTXO to create the final trans= action
> in the block that has the digest of the auxiliary header.=C2=A0 This m= eans that
> it is not possible to simply start a node and have it mine.=C2=A0 It h= as to
> somehow be given the private key.=C2=A0 If two nodes were given the sa= me key by
> accident, then one could end up blocking the other.
>
> On one end of the scale is adding a transaction with a few thousand ou= tputs
> into the block chain.=C2=A0 The signatures for locktime restricted tra= nsactions
> that spend those outputs could be hard-coded into the software.=C2=A0 = This is the
> easiest to implement, but would mean a large table of signatures.=C2= =A0 The
> person who generates the signature list would have to be trusted not t= o
> spend the outputs early.
>
> The other end of the scale means that mining nodes need to include a w= allets
> to manage their UTXO entry.=C2=A0 Miners can split a zero value output= into lots
> of outputs, if they wish.
>
> A middle ground would be for nodes to be able to detect the special > transactions and use them.=C2=A0 A server could send out timelocked tr= ansactions
> that pay to a particular address but the transaction would be timelock= ed.
> The private key for the output would be known.=C2=A0 However, miners w= ho mine
> version 2 blocks wouldn't be able to spend them early.
>
>
> On Sat, Nov 8, 2014 at 11:45 PM, Tier Nolan <tier.nolan@gmail.com> wrote:
>>
>> I created a draft BIP detailing a way to add auxiliary headers to = Bitcoin
>> in a bandwidth efficient way.=C2=A0 The overhead per auxiliary hea= der is only
>> around 104 bytes per header.=C2=A0 This is much smaller than would= be required by
>> embedding the hash of the header in the coinbase of the block.
>>
>> It is a soft fork and it uses the last transaction in the block to= store
>> the hash of the auxiliary header.
>>
>> It makes use of the fact that the last transaction in the block ha= s a much
>> less complex Merkle branch than the other transactions.
>>
>> https://github.com/TierNolan/bips/bl= ob/aux_header/bip-aux-header.mediawiki
>>
>
>
> ------------------------------------------------= ------------------------------
>
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitco= in-development
>


--001a1132eb28b5b0cc050787c0a0--