Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193] helo=mx.sourceforge.net) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1Xc7PO-0005h1-Il for bitcoin-development@lists.sourceforge.net; Thu, 09 Oct 2014 06:41:06 +0000 Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.213.173 as permitted sender) client-ip=209.85.213.173; envelope-from=gmaxwell@gmail.com; helo=mail-ig0-f173.google.com; Received: from mail-ig0-f173.google.com ([209.85.213.173]) by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1Xc7PM-0002aY-Uu for bitcoin-development@lists.sourceforge.net; Thu, 09 Oct 2014 06:41:06 +0000 Received: by mail-ig0-f173.google.com with SMTP id h18so11065640igc.0 for ; Wed, 08 Oct 2014 23:40:59 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.42.20.84 with SMTP id f20mr4793188icb.48.1412836859536; Wed, 08 Oct 2014 23:40:59 -0700 (PDT) Received: by 10.107.168.5 with HTTP; Wed, 8 Oct 2014 23:40:59 -0700 (PDT) In-Reply-To: <20141009063331.GA16898@muck> References: <20141004003850.GA23202@muck> <5435FD3D.40409@gmail.com> <20141009063331.GA16898@muck> Date: Thu, 9 Oct 2014 06:40:59 +0000 Message-ID: From: Gregory Maxwell To: Peter Todd Content-Type: text/plain; charset=UTF-8 X-Spam-Score: -1.6 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (gmaxwell[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1Xc7PM-0002aY-Uu Cc: Bitcoin Dev Subject: Re: [Bitcoin-development] [BIP draft] CHECKLOCKTIMEVERIFY - Prevent a txout from being spent until an expiration time X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Oct 2014 06:41:06 -0000 On Thu, Oct 9, 2014 at 6:33 AM, Peter Todd wrote: > Speaking of, can anyone think of an example of a complex transaction > use-case that is affected by malleability which can't be fixed by > CHECKLOCKTIMEVERIFY? I'm sure they exist, but I'm scratching my head > trying to think of a good example. Yea, no problem since we lack covenants. Or a least no problem making an example, maybe you'll find it too contrived since I'm not sure what would motivate it: You and I put 5 btc each into a kickstarter-escrow to pay Alice+some oracle that decides if alice did her job. But if a timeout expires before alice manages to get the sign off the funds must be returned completely to their original payers. Returning them to in two outputs, one to me, one to you is trivial with a pre-signed refund. You could make there be multiple alice outputs or refund, but then you can't guarantee an atomic reversal (e.g. maybe Alice gets half if we race).