* [bitcoin-dev] What has the Taproot Annex ever done for us ?
@ 2022-10-10 6:11 Antoine Riard
0 siblings, 0 replies; only message in thread
From: Antoine Riard @ 2022-10-10 6:11 UTC (permalink / raw)
To: Bitcoin Protocol Discussion
[-- Attachment #1: Type: text/plain, Size: 2953 bytes --]
Hi,
Recent advances in the development of Eltoo Lightning channels have
envisioned the usage of the Taproot annex as a transaction endpoint where
to store specific protocol payload. [0] Further, during the past years,
some use-cases such as SIGHASH_GROUP/SIGHASH_BUNDLE have been proposed that
would require an extension of transaction fields. [1]. While there is
already the nSequence field serving as an endpoint for enforcement of new
consensus
semantics, the 32 bits of space doesn't allow multiple semantics to be
enforced on a transaction in a composable way. [2]
The Taproot softfork paved the way by introducing the annex, a tagged
element part of any SegWit v1 spends: "a reserved space for future
extensions".
This proposal introduces a Type-Length-Value format for the annex field,
motivated by its backward-compatibility and parsing straightforwardness.
There are a WIP implementation and a BIP available:
https://github.com/bitcoin-inquisition/bitcoin/pull/9
https://github.com/bitcoin/bips/pull/1381
For now, the proposal is minimal, seeking feedback in the TLV format is an
interesting direction. More advanced design questions are also open, like
what policy/consensus rules should be envisioned to prevent DoS of any kind
and how to make the annex field accessible to Script programmers (e.g
PUSH_ANNEX_RECORD).
Few use-cases could be served by the annex.
Per-input lock-time: as of today absolute timelocks are enforced at the
transaction level preventing aggregation of timelocked inputs by a
non-coordinating set of signers.
Commitment to historical block hash: signing the block hash could prevent a
transaction to be replayed or fee snipped in case of persistent forks.
Group of inputs/outputs: a group of input-outputs could be bundled and
signed together to enable non-interactive fee-bumping batching of off-chain
protocols.
Vectors of scriptPubkeys/amounts: within an off-chain protocol, a set of
signers can commit a priori to individual withdrawal ability, of which the
aggregation is enforced by the Script interpreter. [3]
The described use-cases are more whiteboard ideas than anything. It would
be interesting to dig in the archives of the ML and other Bitcoin research
venues, if there are forgotten requests of transaction fields extensions.
From my perspective, I would say there are years of R&D work, before the
annex can be considered ready for activation.
Detailing the annex format now could harmonize its usage by application
only leveraging policy-only enforcement of the field, without having
ulterior consensus validation nullifying or interfering with the use.
Cheers,
Antoine
[0]
https://github.com/instagibbs/bolts/blob/eltoo_draft/XX-eltoo-transactions.md
[1]
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2021-July/019243.html
[2] https://github.com/bitcoin/bips/blob/master/bip-0068.mediawiki
[3]
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-February/019926.html
[-- Attachment #2: Type: text/html, Size: 3583 bytes --]
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2022-10-10 6:12 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-10-10 6:11 [bitcoin-dev] What has the Taproot Annex ever done for us ? Antoine Riard
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox