> What do you gain by making PoPs actually valid transactions? You could for
> example change the signature hashing algorithm (prepend a constant string,
> or add a second hashing step) for signing, rendering the signatures in a PoP
> unusable for actual transaction, while still committing to the same actual
> transaction. That would also remove the need for the OP_RETURN to catch
> fees.

The idea is to simplify implementation. Existing software can be used
as is to sign and validate PoPs. But I do agree that it would be a
cleaner specification if we would make the PoP invalid as a
transaction. I'm open to changes here. I do like the idea to prepend a
constant string. But that would require changes in transaction signing
and validation code, wouldn't it?

> Also, I would call it "proof of transaction intent", as it's a commitment to
> a transaction and proof of its validity, but not a proof that an actual
> transaction took place, nor a means to prevent it from being double spent.


Naming is hard. I think a simpler name that explains what its main
purpose is (prove that you paid for something) is better than a name
that exactly tries to explain what it is.

"Proof of transaction
intent" does not help me understand what this is about. But I would
like to see more name suggestions. The name does not prevent people
from using it for other purposes, ie internet over telephone network.