Re: [bitcoin-dev] CoinPool, exploring generic payment pools for Fun and Privacy

author: ZmnSCPxj <ZmnSCPxj@protonmail.com> 2020-06-13 01:20:16 +0000
committer: bitcoindev <bitcoindev@gnusha.org> 2020-06-13 01:20:28 +0000
commit: 8915f92f30623b6a4aaf48359fbcf6b2e66a7eec (patch)
tree: af76d61f539981efa36cdcc4e7d706175a6e654f
parent: e5ee277eb9f5179c0a6fff6bd71e186cc202f6c7 (diff)
download: pi-bitcoindev-8915f92f30623b6a4aaf48359fbcf6b2e66a7eec.tar.gz
pi-bitcoindev-8915f92f30623b6a4aaf48359fbcf6b2e66a7eec.zip
1 files changed, 117 insertions, 0 deletions
diff --git a/6b/2c5034a0df857aa1b6c2127a13be5f36366630 b/6b/2c5034a0df857aa1b6c2127a13be5f36366630
new file mode 100644
index 000000000..7124f4c4e
--- /dev/null
+++ b/6b/2c5034a0df857aa1b6c2127a13be5f36366630
@@ -0,0 +1,117 @@
+Return-Path: <ZmnSCPxj@protonmail.com>
+Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138])
+ by lists.linuxfoundation.org (Postfix) with ESMTP id 8636CC016F
+ for <bitcoin-dev@lists.linuxfoundation.org>;
+ Sat, 13 Jun 2020 01:20:28 +0000 (UTC)
+Received: from localhost (localhost [127.0.0.1])
+ by whitealder.osuosl.org (Postfix) with ESMTP id 6F40687FAF
+ for <bitcoin-dev@lists.linuxfoundation.org>;
+ Sat, 13 Jun 2020 01:20:28 +0000 (UTC)
+X-Virus-Scanned: amavisd-new at osuosl.org
+Received: from whitealder.osuosl.org ([127.0.0.1])
+ by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
+ with ESMTP id tvsM0bsM4MNE
+ for <bitcoin-dev@lists.linuxfoundation.org>;
+ Sat, 13 Jun 2020 01:20:26 +0000 (UTC)
+X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
+Received: from mail4.protonmail.ch (mail4.protonmail.ch [185.70.40.27])
+ by whitealder.osuosl.org (Postfix) with ESMTPS id 6146287FA1
+ for <bitcoin-dev@lists.linuxfoundation.org>;
+ Sat, 13 Jun 2020 01:20:26 +0000 (UTC)
+Date: Sat, 13 Jun 2020 01:20:16 +0000
+DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com;
+ s=protonmail; t=1592011224;
+ bh=SzwR6pYxJFnPjMAIRfPUqYk0PdR11SleqX0LDDHHEF4=;
+ h=Date:To:From:Cc:Reply-To:Subject:In-Reply-To:References:From;
+ b=qufFtNv+Td8bSue1x9BBfqYNPlrYzmipm/03CX7lIVBJfe75IHg9D+GTseLqi5vGq
+ 70REeqL9Y2Uu3dOF3L3ov76jniNSSZVpP1CiCEO4sUI7ecp6k4Qjkt44P8Jxu9P+oI
+ xe91whgeU6KVJ//RyMhHZNylGH5k/eOGZjVAwP3k=
+To: ZmnSCPxj <ZmnSCPxj@protonmail.com>,
+ Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
+From: ZmnSCPxj <ZmnSCPxj@protonmail.com>
+Reply-To: ZmnSCPxj <ZmnSCPxj@protonmail.com>
+Message-ID: <7BPgx65Eh5HE5wLIqeG9G-bdsxxkDJJIzcyOJvS6_FIxXfA10sbFe5dfwQDNiEOExZ9Y72lHq88lKzcBRIFnYGFY5I2vwk6Dg7BcCMjmS2Y=@protonmail.com>
+In-Reply-To: <m-yAKsQ52s-bYOrtEXVwETAcJ8sSbJt0k9WDN1ueidJ01IaEHRJtq9Odffmz_2utLxPfmI418x58aFc3vKBpOD2FKqgeCUAn1mvI1OSyGRY=@protonmail.com>
+References: <CALZpt+FqAWCAqCLF2HsajL84sOvst_X9_34bb_tvUxLFw=HTAA@mail.gmail.com>
+ <7cWQJzkWNEZCI2fYYrJCFxrmGfDGFAtsOyGpXRmB-g4Qhm2jzhyxLtuOIpJAr2CMJjAjri12lmR-h96ev3NWqaTgDtc_NN0yhyVxuIlBuzU=@protonmail.com>
+ <CALZpt+EsACbq1QM9MFkC63_gDXW0vHfeTjXc7C9r4+2-1WKAJw@mail.gmail.com>
+ <m-yAKsQ52s-bYOrtEXVwETAcJ8sSbJt0k9WDN1ueidJ01IaEHRJtq9Odffmz_2utLxPfmI418x58aFc3vKBpOD2FKqgeCUAn1mvI1OSyGRY=@protonmail.com>
+MIME-Version: 1.0
+Content-Type: text/plain; charset=utf-8
+Content-Transfer-Encoding: quoted-printable
+Subject: Re: [bitcoin-dev] CoinPool,
+	exploring generic payment pools for Fun and Privacy
+X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
+X-Mailman-Version: 2.1.15
+Precedence: list
+List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
+List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>, 
+ <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
+List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
+List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
+List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
+List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>, 
+ <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
+X-List-Received-Date: Sat, 13 Jun 2020 01:20:28 -0000
+
+Good morning Antoine,
+
+By dropping the requirement that a participant can seamlessly leave the Coi=
+nPool, it allows participants to split up their coins among new aliases and=
+ to use a different identity for later claiming coins.
+With WabiSabi, none of the other participants can get a mapping between cur=
+rent-state aliases and the actual participants.
+
+Now, in order to authorize moving coins from an output on the current state=
+ to a new output on the next state, obviously the pool needs to get a signa=
+ture from its current owner.
+Ideally, we would not want to have to implement SCRIPT inside the CoinPool =
+software.
+
+And with Taproot, a pubkey can hide one or more SCRIPTs.
+If we use pubkeys as the identities of owners of coins, then it allows an a=
+lias to encode a SCRIPT.
+
+With the combination of both features, we can instantiate HTLCs (or, with `=
+SIGHASH_ANYPREVOUT`, PTLCs) inside a CoinPool "alias" pubkey identity, allo=
+wing for interoperation with LN.
+
+Now suppose I have 1.0 BTC in a CoinPool.
+I want to make an HTLC with you (hashlocked to you, timelocked to me), for =
+0.5 BTC.
+
+I encode the HTLC SCRIPT, and put it into a Taproot whose internal pubkey i=
+s a MuSig of fresh identities of mine and yours.
+
+Then, inside the CoinPool, I split my 1.0BTC to a 0.5BTC coin to a fresh id=
+entity of mine, and 0.5BTC to our HTLC Taproot.
+
+If you can acquire the hash, you give it to me, and I am supposed to hand y=
+ou a partial signature share to the HTLC Taproot that you can later complet=
+e and present to the CoinPool in the next update round in order to get the =
+HTLC value.
+If I do not hand you the signature share even after you hand the hash, you =
+just drop the entire CoinPool onchain, instantiating the HTLC Taproot outpu=
+t onchain, and using the SCRIPT branch to claim using the hash you know.
+
+If the timelock expires, I ask you to hand over your partial signature to t=
+he HTLC Taproot that I can later complete and present to the CoinPool in th=
+e next update round to recover the HTLC value.
+If you do not hand over the signature share, I drop the CoinPool onchain, w=
+hich instantiates the HTLC Taproot output onchain, and use the SCRIPT branc=
+h to claim using the timelock branch.
+
+You can also ask to abort the HTLC "early", before the timelock expires, by=
+ handing over your partial signature to the HTLC Taproot, which I can later=
+ complete and present to the CoinPool in the next update round.
+This is equivalent to `update_fail_htlc` in the current LN BOLT spec.
+
+This allows operation of any SCRIPT, incidentally, without requiring that C=
+oinPool software include a SCRIPT interpreter, only signature validation.
+Any time an output absolutely needs a SCRIPT, we just drop the CoinPool onc=
+hain and let onchain handle the SCRIPT interpretation.
+
+Regards,
+ZmnSCPxj
+
+
author	ZmnSCPxj <ZmnSCPxj@protonmail.com>	2020-06-13 01:20:16 +0000
committer	bitcoindev <bitcoindev@gnusha.org>	2020-06-13 01:20:28 +0000
commit	8915f92f30623b6a4aaf48359fbcf6b2e66a7eec (patch)
tree	af76d61f539981efa36cdcc4e7d706175a6e654f
parent	e5ee277eb9f5179c0a6fff6bd71e186cc202f6c7 (diff)
download	pi-bitcoindev-8915f92f30623b6a4aaf48359fbcf6b2e66a7eec.tar.gz pi-bitcoindev-8915f92f30623b6a4aaf48359fbcf6b2e66a7eec.zip