Return-Path: Received: from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by lists.linuxfoundation.org (Postfix) with ESMTP id 77AAEC002D for ; Tue, 9 Aug 2022 13:09:34 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id B0991817AC for ; Tue, 9 Aug 2022 13:09:33 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org B0991817AC Authentication-Results: smtp1.osuosl.org; dkim=pass (2048-bit key, unprotected) header.d=notatether.com header.i=@notatether.com header.a=rsa-sha256 header.s=protonmail header.b=TX0LGdqa X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -2.1 X-Spam-Level: X-Spam-Status: No, score=-2.1 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mmhpqsEapgne for ; Tue, 9 Aug 2022 13:09:31 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.8.0 DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org 002958176B Received: from mail-4022.proton.ch (mail-4022.proton.ch [185.70.40.22]) by smtp1.osuosl.org (Postfix) with ESMTPS id 002958176B for ; Tue, 9 Aug 2022 13:09:29 +0000 (UTC) Date: Tue, 09 Aug 2022 13:09:13 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=notatether.com; s=protonmail; t=1660050567; x=1660309767; bh=QrGRU4UgtpOKhfPseY+Y4pkHZnTVW2oDKBGFC6rE2yc=; h=Date:To:From:Reply-To:Subject:Message-ID:Feedback-ID:From:To:Cc: Date:Subject:Reply-To:Feedback-ID:Message-ID; b=TX0LGdqaKJxbtF3Rq3H5HVS7Ybl+nHcigWnjH80G6nHxN4+UmbLZzR21QR1XFIx2N 07M16mvrhaA2Oq3wj50k1u3Z1Aee7Noo4fDmaddUCxhZXfGqZAWjAaPoIrcyiCefBq b6Kn1t6qnrHSePgMP//N7g75yvmRPcLEjPiEC1iuJgGSvQ40n1tJORIH2V7coP7C9l f99mNqPSRNN48oDIZkUeqLo7o8Wd6Kpp7+/fBJil+qubS512YJoaKmTKSWI9XsinhY k+6+VtJd/RUPVjDHb/P8faYtLMR5Hzoub2IeQiZho0C5TGoW4vkrglkVRLsg+V5Ehl dHpEfnh1SxF4w== To: bitcoin-dev@lists.linuxfoundation.org From: Ali Sherief Reply-To: Ali Sherief Message-ID: <20220809130908.yykum37tre7um4j3@artanis> Feedback-ID: 34210769:user:proton MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable X-Mailman-Approved-At: Tue, 09 Aug 2022 20:45:59 +0000 Subject: [bitcoin-dev] Regarding BIP322 edge cases X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 09 Aug 2022 13:09:34 -0000 Although there is a Github issue/PR at https://github.com/bitcoin/bips/pull= /1347 for addressing all the TODO items of BIP322, I decided to throw it in= the mailing list again to see if anyone else has suggestions for dealing w= ith them. So in an older copy of the draft at https://github.com/bitcoin/bips/blob/b6= b0126e2d04793ba52a40f05d24538fa3f2c9ad/bip-0322.mediawiki , I found the som= e TODO items, and I will copy-paste the ones in the Specification section (= for full proofs) here: > TODO: How does this interact with as-of-yet-unspecified "Silent Transacti= ons"? > TODO: Some invalid opcode to allow only in various proof types? > TODO: A way for the initial signer to delegate to another scriptPubKey; n= eeded for better privacy and CoinJoin/Lightning compatibility So to start with, I believe it will be very helpful to limit what opcodes s= criptPubKeys to be elligible to sign from them. The specification already d= oes so to a point, but in order for these to be recognizable, it's my opini= on that one of the NOPs should be placed at the beginning of the script to = activate proof parsing mode. Of course, an opcode is not necessary at all, if the program is able to inf= er from context where the proof is coming from. After all, since they canno= t be broadcasted, they can't be mined in blocks, so will never be encounter= ed in a full node's usual verifier. I'm not sure what is to be gained from = adding an opcode - the only source for real transactions is from P2P-obtain= ed blocks, so when a human inputs a signature to be verified, it can check = that a real transaction is not being inserted by looking for the invalid in= put. For Silent Transactions, I have already given my suggestion in the PR, that= some subsection can be made saying that it can operate with them by using = its scriptPubKey (and other stuff that may be necessary - I am not excatly = sure what goes inside the Witness stack of message_signature). In the case of the last TODO, related to delegation to another scriptPubKey= , I am not quite sure at the moment what to do about it - perhaps you guys = can place a MAST (two Merkle branches, to be specific) - the first branch h= as the original signer's scriptPubKey, the second branch contains the deleg= ated signer's scriptPubKey. - Ali