From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by lists.linuxfoundation.org (Postfix) with ESMTP id 83AADC0001 for ; Wed, 17 Mar 2021 08:13:50 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id 7216442C2A for ; Wed, 17 Mar 2021 08:13:50 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -1.901 X-Spam-Level: X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, HTML_MESSAGE=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id uY3sviCMWNmS for ; Wed, 17 Mar 2021 08:13:48 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 Received: from APC01-SG2-obe.outbound.protection.outlook.com (mail-sg2apc01olkn081f.outbound.protection.outlook.com [IPv6:2a01:111:f400:febd::81f]) by smtp2.osuosl.org (Postfix) with ESMTPS id A9AE940172 for ; Wed, 17 Mar 2021 08:13:47 +0000 (UTC) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=nctTbxw0Td3tkADY0WMMPorZjPDqh5Y5R3r1D6ZhRSG7SO2aNMTBxD+dq5kcvy2coSfMui1C0GmoAbkONiuIRh3Q2Z4/cLXYRSWPl2JTPnMBJwfDLly2v2zKO4N8OqI5AUNPM8JtH/2YRhn+peyzeNnJNbXEVxjdFcV9YXcnTxmuPTgjughG1ylXXobzbG/uhuJzyMiOAUzF2VhxcPaXsP/yXegZ5aNh82ew/gVVWK1dt/xZmihYe0Ri3MkRMPVqEjTjlQSLsKxyJFt2RpWQyscP0NzqRScrJ5ON2IItb9Kd91NL2M7w3bJfdKdMmzlvfLjMiR7PxQm3QL1bgSXIOA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=/zijv4hdeguPhB1+uQ5vB27YdWyg+xgJjfnyIppMlX8=; b=JScplyoDrWqXxqkstGwKNl/PYMl6bv1Uu/Lm6Thtdytp/pbT/po1rou3EfUwU0ZfQJAJ41AA0vhkPKFktqRaPSoVdQ429YYP3hTuB778YLa4vzYmJoS7o4T49izm28X/NmRYLgoX1YHZsA2VAphXxHyM7fJqqx1/3Uw0Qmp6+JgaT6nZP0cbJ4+pG9mYywggWwnkf7qKEbM0DEOo3+AdMFA2v1wo7XB/bXLL0Uxup1ZI7GR+B8QzmPHV+P5Bg1HfJVipygmPk9RXPlcTIcwXrC0dObtzISBUP0mPX8MiYjKWFDtius0uNGEXylokMCDk+pIVabApeuV/C73eU8LdOg== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=none; dmarc=none; dkim=none; arc=none Received: from PU1APC01FT007.eop-APC01.prod.protection.outlook.com (2a01:111:e400:7ebe::53) by PU1APC01HT086.eop-APC01.prod.protection.outlook.com (2a01:111:e400:7ebe::387) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3933.31; Wed, 17 Mar 2021 08:13:36 +0000 Received: from PS2P216MB0914.KORP216.PROD.OUTLOOK.COM (2a01:111:e400:7ebe::52) by PU1APC01FT007.mail.protection.outlook.com (2a01:111:e400:7ebe::99) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.3955.18 via Frontend Transport; Wed, 17 Mar 2021 08:13:36 +0000 Received: from PS2P216MB0914.KORP216.PROD.OUTLOOK.COM ([fe80::dd49:6c2d:8e1e:f4a8]) by PS2P216MB0914.KORP216.PROD.OUTLOOK.COM ([fe80::dd49:6c2d:8e1e:f4a8%2]) with mapi id 15.20.3933.033; Wed, 17 Mar 2021 08:13:36 +0000 From: LORD HIS EXCELLENCY JAMES HRMH To: DA Williamson , ZmnSCPxj Thread-Topic: [bitcoin-dev] Taproot NACK Thread-Index: AQHXClsrfqw3JMU0H0Sw+d7oy0zq2KpsMoeAgAFEgSuAABmNgIAAwa8kgAFwAQCAAN8YgIABhuXegBPWUICAAJ7ZgIABFRAAgABCKZk= Date: Wed, 17 Mar 2021 08:13:36 +0000 Message-ID: References: <170b27c0-436f-c440-e3c3-f9577b764972@riseup.net> <932f2f2866cac087a207f8757c9df4b776ccdb04.camel@willtech.com.au>, <4ltFpTt8QxX44nedimzJ7J4F1bIhwxb9rbqf1DeGlYX8W7CduYCy64miuq2IIjee_K5rBV6ofEPzdYQniEq6IR4I7ZO5ENlk9z-mQPs-YZE=@protonmail.com> In-Reply-To: <4ltFpTt8QxX44nedimzJ7J4F1bIhwxb9rbqf1DeGlYX8W7CduYCy64miuq2IIjee_K5rBV6ofEPzdYQniEq6IR4I7ZO5ENlk9z-mQPs-YZE=@protonmail.com> Accept-Language: en-AU, en-US Content-Language: en-AU X-MS-Has-Attach: X-MS-TNEF-Correlator: x-incomingtopheadermarker: OriginalChecksum:04BFD776216879DB8A7660C49900285C5015BC4B1CAFB816823251C385762121; UpperCasedChecksum:EC840E27F8C26905D8DF3627772216DB9A9D24E3DCAC3D5BA6DB180D8B16A4C1; SizeAsReceived:7583; Count:45 x-ms-exchange-messagesentrepresentingtype: 1 x-tmn: [lBLMLEdZ24J0D4sentLkrfRTHB7H187i] x-ms-publictraffictype: Email x-incomingheadercount: 45 x-eopattributedmessage: 0 x-ms-office365-filtering-correlation-id: f5e83d55-66fa-4919-29ea-08d8e91c90b5 x-ms-traffictypediagnostic: PU1APC01HT086: x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: mWt9B0s5g4hap7w1Vyxd2o7YHJgqd4tblIyUxTCOtJfLKFp4dWoS1gfHg+ka3GVLFYCPEcMjs/U1UX/8+m/HgO2FOko3zTnBmSjR/1ySCkQ9PG+5l0lDjH4OCdE35MntfjaOvUlUHrLUHU0i/PSnyTCzqeXee+vuAdc6Awb5KVWZIEFbA2/7OYF952mItgf46Xss7fvfHzIXP2nrXG+UOX+ll++E7ItdLeF3xwQGQzwKVUHtXPwFMWpnQdoHl6KfTn3fCJXDf92QAgEWLrOYglPr8DzXeidKzZeQ8L5CD0kJRt8HYAoXgw7hxeBJ8dsDiZ2Co/Kx1aY49WfRsFMkp0eXETh03dsDBuPReEejCgPlp1B0bJFMshvOT1hfXbtiMlx8SOiKvOwvJDd7W/asPLiu0VWmkXAFS0egO3yANUC2Wn01B1PLI/RMis+vrqPO x-ms-exchange-antispam-messagedata: ufX7B03e4LLzjqqQk16HjT2S99tEXHuITMOmGq4MZH5wVoleTTIjWUSkX28ojjItKpVwIz2HJaMQTirMNTXH5Z9+YY4AjChgq1msqjCKkGBuoz0XikAmFI2Al/u9lUAyet7vOShIyGFN7rb2CdInHQ== x-ms-exchange-transport-forked: True Content-Type: multipart/alternative; boundary="_000_PS2P216MB09140E189C0873B4232F54359D6A9PS2P216MB0914KORP_" MIME-Version: 1.0 X-OriginatorOrg: outlook.com X-MS-Exchange-CrossTenant-AuthAs: Anonymous X-MS-Exchange-CrossTenant-AuthSource: PU1APC01FT007.eop-APC01.prod.protection.outlook.com X-MS-Exchange-CrossTenant-RMS-PersistedConsumerOrg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-CrossTenant-Network-Message-Id: f5e83d55-66fa-4919-29ea-08d8e91c90b5 X-MS-Exchange-CrossTenant-originalarrivaltime: 17 Mar 2021 08:13:36.8373 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Internet X-MS-Exchange-CrossTenant-id: 84df9e7f-e9f6-40af-b435-aaaaaaaaaaaa X-MS-Exchange-CrossTenant-rms-persistedconsumerorg: 00000000-0000-0000-0000-000000000000 X-MS-Exchange-Transport-CrossTenantHeadersStamped: PU1APC01HT086 X-Mailman-Approved-At: Wed, 17 Mar 2021 19:17:46 +0000 Cc: Bitcoin Protocol Discussion Subject: Re: [bitcoin-dev] Taproot NACK X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 17 Mar 2021 08:13:50 -0000 --_000_PS2P216MB09140E189C0873B4232F54359D6A9PS2P216MB0914KORP_ Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Good afternoon, That is not desirable since yourself and I cannot prove the property of the= UTXO when it is further spent unless we can ourselves scrutinize it. We have had this conversation before where you approach your reply to resol= ve that I have offered disagreement and I try to explain I am not disagreei= ng and yet there should be found some common ground. Can this improve? KING JAMES HRMH Great British Empire Regards, The Australian LORD HIS EXCELLENCY JAMES HRMH (& HMRH) of Hougun Manor & Glencoe & British Empire MR. Damian A. James Williamson Wills et al. Willtech www.willtech.com.au www.go-overt.com and other projects earn.com/willtech linkedin.com/in/damianwilliamson m. 0487135719 f. +61261470192 This email does not constitute a general advice. Please disregard this emai= l if misdelivered. ________________________________ From: ZmnSCPxj Sent: Wednesday, 17 March 2021 3:11 PM To: DA Williamson Cc: Bitcoin Protocol Discussion ; LO= RD HIS EXCELLENCY JAMES HRMH Subject: Re: [bitcoin-dev] Taproot NACK Good morning JAMES, > Good Afternoon, > > Verifiable and independantly verifiable are not the same. Independantly > scrutinable means any public can scrutinise blockchain to determine it > is honest. It does not rely on involved parties but insistently on the > data published in the blockchain. The involved parties ultimately publish the data on the blockchain, and the= result is independently validatable. All that each involved party has to do is validate for itself that it does = not lose any funds, and, by the operation of math, the summary result does = not result in any loss (or creation) of funds, thus CoinJoin cannot lead to= fraud. I do not see much of a point in your objection here. For example, in the case of Lightning, the individual payments made by the = participants in the channel cannot be verified by anyone else (they can lie= about the payments that occurred on their channel). But both participants in the channel need to agree on a single result, and = it is that summary result that is independently verified onchain and publis= hed. Indeed, one major technique for privacy improvement in Bitcoin is the simpl= e technique of creating summaries of multiple actions without revealing det= ails. Such a general class of techniques works by reducing the data pushed onchai= n which provides both (a) scale because less data on chain and (b) privacy = because less data is analyzable onchain. Basically --- 1. The entire point of a public blockchain is to prevent uncontrolled forg= ery of the coin. Only particular rules allow construction of new coins (in Bitcoin, the = mining subsidy). 2. Various techniques can be used to support the above central point. * The simplest is to openly publish every amount value in cleartext. * However, this is not necessarily the ***only*** acceptable way to a= chieve the goal! * Remember, the point is to prevent uncontrolled forgery. The point is **not** mass surveillance. * Another method would be to openly publish **summaries** of transactio= ns, such as by Lightning Network summarizing the result of multiple payment= s. * CoinJoin is really just a way to summarize multiple self-payments. * Another method would be to use homomorphisms between a cleartext and = a ciphertext, and publish only the ciphertext (which can be independently v= erified as correctly being added together and that inputs equal outputs plu= s fees). No privacy technique worth discussing and development in Bitcoin gets aroun= d the above point, and thus fraud cannot be achieved with those (at least i= f we define fraud simply as "those who control the keys control the coins" = --- someone stealing a copy of your privkeys is beyond this definition of f= raud). Any privacy improvement Taproot buys (mostly in LN, but also some additiona= l privacy for CoinSwap) will still not allow fraud. Regards, ZmnSCPxj --_000_PS2P216MB09140E189C0873B4232F54359D6A9PS2P216MB0914KORP_ Content-Type: text/html; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable
Good afternoon,

That is not desirable since yourself and I cannot prove the property of the= UTXO when it is further spent unless we can ourselves scrutinize it.

We have had this conversation before where you approach your reply to resol= ve that I have offered disagreement and I try to explain I am not disagreei= ng and yet there should be found some common ground. Can this improve?

KING JAMES HRMH
Great British Empire

Regards,
The Australian
LORD HIS EXCELLENCY JAMES HRMH (& HMRH)
of Hougun Manor & Glencoe & British Empire
MR. Damian A. James Williamson
Wills

et al.

 
Willtech
www.willtech.com.au
www.go-overt.com
and other projects
 
earn.com/willtech
linkedin.com/in/damianwilliamson


m. 0487135719
f. +61261470192


This email does not constitute a general a= dvice. Please disregard this email if misdelivered.

From: ZmnSCPxj <ZmnSCP= xj@protonmail.com>
Sent: Wednesday, 17 March 2021 3:11 PM
To: DA Williamson <damian@willtech.com.au>
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundatio= n.org>; LORD HIS EXCELLENCY JAMES HRMH <willtech@live.com.au>
Subject: Re: [bitcoin-dev] Taproot NACK
 
Good morning JAMES,

> Good Afternoon,
>
> Verifiable and independantly verifiable are not the same. Independantl= y
> scrutinable means any public can scrutinise blockchain to determine it=
> is honest. It does not rely on involved parties but insistently on the=
> data published in the blockchain.

The involved parties ultimately publish the data on the blockchain, and the= result is independently validatable.
All that each involved party has to do is validate for itself that it does = not lose any funds, and, by the operation of math, the summary result does = not result in any loss (or creation) of funds, thus CoinJoin cannot lead to= fraud.

I do not see much of a point in your objection here.
For example, in the case of Lightning, the individual payments made by the = participants in the channel cannot be verified by anyone else (they can lie= about the payments that occurred on their channel).
But both participants in the channel need to agree on a single result, and = it is that summary result that is independently verified onchain and publis= hed.

Indeed, one major technique for privacy improvement in Bitcoin is the simpl= e technique of creating summaries of multiple actions without revealing det= ails.
Such a general class of techniques works by reducing the data pushed onchai= n which provides both (a) scale because less data on chain and (b) privacy = because less data is analyzable onchain.

Basically ---

1.  The entire point of a public blockchain is to prevent uncontrolled= forgery of the coin.
    Only particular rules allow construction of new coins (i= n Bitcoin, the mining subsidy).
2.  Various techniques can be used to support the above central point.=
    * The simplest is to openly publish every amount value i= n cleartext.
      * However, this is not necessarily the ***on= ly*** acceptable way to achieve the goal!
      * Remember, the point is to prevent uncontro= lled forgery.
        The point is **not** mass survei= llance.
    * Another method would be to openly publish **summaries*= * of transactions, such as by Lightning Network summarizing the result of m= ultiple payments.
      * CoinJoin is really just a way to summarize= multiple self-payments.
    * Another method would be to use homomorphisms between a= cleartext and a ciphertext, and publish only the ciphertext (which can be = independently verified as correctly being added together and that inputs eq= ual outputs plus fees).

No privacy technique worth discussing and development in Bitcoin gets aroun= d the above point, and thus fraud cannot be achieved with those (at least i= f we define fraud simply as "those who control the keys control the co= ins" --- someone stealing a copy of your privkeys is beyond this definition of fraud).
Any privacy improvement Taproot buys (mostly in LN, but also some additiona= l privacy for CoinSwap) will still not allow fraud.

Regards,
ZmnSCPxj
--_000_PS2P216MB09140E189C0873B4232F54359D6A9PS2P216MB0914KORP_--