Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 01682CC6 for ; Fri, 1 Jun 2018 00:25:06 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-oi0-f50.google.com (mail-oi0-f50.google.com [209.85.218.50]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 9AFD06BA for ; Fri, 1 Jun 2018 00:25:05 +0000 (UTC) Received: by mail-oi0-f50.google.com with SMTP id c128-v6so11838475oig.11 for ; Thu, 31 May 2018 17:25:05 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=d5EH0JD/MtaTFRYhzM2sWwcg09dcPyNfSIULLUGaw/A=; b=qd+B7bvqOGGtI2M2I0xxX4KyaATHzMTRr/U6nRZtgK/PJgOg2+lO0u401Sny3VXiiX SBNDjlrz7nf7RVq+W7scY8YMzy9i9c0MmfSXKF3DitRsMsihUHuZXQsaLa/Alzfo9Z8v UuzzGjV3Brmydim6s9iqCpKFdZwHRd1ykWO8O/mN/y4cfWeH/VwaHbbTPC9s21G/xLFj JfDOMLAXS1SmmjhspiyazPTDM0DfaI7ErdEqZNpySMKbtc5p76eqHEyGz4nJhmVaafxi b/iGeBnzOSlBs7zau9kM+k1RoVN8qswupWUarvg6BUMd2rtBgzQXemHym+JC7rrql1PM ECwg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=d5EH0JD/MtaTFRYhzM2sWwcg09dcPyNfSIULLUGaw/A=; b=Ghp0UgTDN+X5F54E/XLx6lhPtv+rkDZzbBXGrCL7/KEPxWxf86N4G7JMo5FymOw+Ed aBvxYyopOoB4o0cT3Iepj9i622iuU5JavJGJiEs91XY+KPM9AUpOUAqJDQXj+tnPgZy0 rJp/ye0iTDZJpWyUIAtLqCsoDXw4lQ768juOQCYnOM0ystFHgt1GsklS3GlP1uZ5XH8V TB2l3i+0GAg23fm8ZsTCTRfryZJS9KvZYHJx8cZjJ/k0cAEYVlq9vl/KwIDQz0wDNuB6 JBxNkA2dpFw/s2rY5CWWWxkn13QYEVKcjX3knyP/HkomqcQzrUgBIochuVs7a9oYtA0H LC7g== X-Gm-Message-State: ALKqPweVeUMAYcQMtfgbxd/3XzGm3EUCCwCxcRmhawI5whciqqwwPhfZ ljnCl4dVpFSsMoD5l26S4k9TLTgqMazmtsz8KJzxO7b0 X-Google-Smtp-Source: ADUXVKKpEXJQ5y9AYZ2cfYv7Oej49NxfpgqUp/hyWDucRDQYj1uvVU/uDUsSuMk1sPuUI1elYq7NQ5RPUcaOMQdrc6U= X-Received: by 2002:aca:4146:: with SMTP id o67-v6mr4845522oia.172.1527812704767; Thu, 31 May 2018 17:25:04 -0700 (PDT) MIME-Version: 1.0 Received: by 2002:a4a:6ac8:0:0:0:0:0 with HTTP; Thu, 31 May 2018 17:25:04 -0700 (PDT) In-Reply-To: References: From: Pieter Wuille Date: Thu, 31 May 2018 17:25:04 -0700 Message-ID: To: Johnson Lau Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Cc: bitcoin-dev Subject: Re: [bitcoin-dev] Should Graftroot be optional? X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 01 Jun 2018 00:25:06 -0000 On Fri, May 25, 2018 at 3:14 AM, Johnson Lau wrote: > A graftroot design like this is a strict subset of existing signature checking rules. If this is dangerous, the existing signature checking rules must be dangerous. While you may be right in this situation, I'm not sure that conclusion follows from your argument. Whether or not a construction is safe does not just depend on the consensus rules, but also on how it is used. Otherwise you could as well argue that since OP_TRUE is possible right now which is obviously insecure, nothing more dangerous can be accomplished through any soft fork. The best argument for why Graftroot does not need to be optional I think was how Greg put it: "since the signer(s) could have signed an arbitrary transaction instead, being able to delegate is strictly less powerful.". Cheers, -- Pieter