Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192]
	helo=mx.sourceforge.net)
	by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <pete@petertodd.org>) id 1UirVr-0004hl-3O
	for bitcoin-development@lists.sourceforge.net;
	Sat, 01 Jun 2013 19:30:51 +0000
Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of petertodd.org
	designates 62.13.149.77 as permitted sender)
	client-ip=62.13.149.77; envelope-from=pete@petertodd.org;
	helo=outmail149077.authsmtp.com; 
Received: from outmail149077.authsmtp.com ([62.13.149.77])
	by sog-mx-2.v43.ch3.sourceforge.com with esmtp (Exim 4.76)
	id 1UirVp-0005mv-68 for bitcoin-development@lists.sourceforge.net;
	Sat, 01 Jun 2013 19:30:51 +0000
Received: from mail-c226.authsmtp.com (mail-c226.authsmtp.com [62.13.128.226])
	by punt7.authsmtp.com (8.14.2/8.14.2/Kp) with ESMTP id r51JUhcH032870
	for <bitcoin-development@lists.sourceforge.net>;
	Sat, 1 Jun 2013 20:30:43 +0100 (BST)
Received: from savin (76-10-178-109.dsl.teksavvy.com [76.10.178.109])
	(authenticated bits=128)
	by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id r51JUaCI094160
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO)
	for <bitcoin-development@lists.sourceforge.net>;
	Sat, 1 Jun 2013 20:30:39 +0100 (BST)
Date: Sat, 1 Jun 2013 15:30:36 -0400
From: Peter Todd <pete@petertodd.org>
To: bitcoin-development@lists.sourceforge.net
Message-ID: <20130601193036.GA13873@savin>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature"; boundary="PNTmBPCT7hxwcZjr"
Content-Disposition: inline
User-Agent: Mutt/1.5.21 (2010-09-15)
X-Server-Quench: bdd3b9be-caf1-11e2-98a9-0025907ec6c5
X-AuthReport-Spam: If SPAM / abuse - report it at:
	http://www.authsmtp.com/abuse
X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVJwpGK10IU0Fd
	P1hXKl1LNVAaWXld WiVPGEoXDxgzCjYj NEgGOBsDNw4AXwR1
	Kg0XXVBSFQZ4AxwL BR4UURA8cANYeX5u ZEFqQHFbVVt/fUFi
	QwAWEGx8ADYTEWAW VEFed01ReABIME0R PlMtXSFYfDZWMHt9
	RlY+ZXVgbTwObXwN GFxcdQ0fShgAQygE XRcaGi4mGR9NXCI9
	M1koLUQfVFoWekA7 MlZpUFQJNBkfTwZX GQRWGCJfKxEGWjYz
	EB9BFVMYCyVQRytV CBklahFPGF4aA3IA TEFBTBoMEEsA
X-Authentic-SMTP: 61633532353630.1020:706
X-AuthFastPath: 0 (Was 255)
X-AuthSMTP-Origin: 76.10.178.109/587
X-AuthVirus-Status: No virus detected - but ensure you scan with your own
	anti-virus system.
X-Spam-Score: -1.5 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
	-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
	sender-domain
	-0.0 SPF_PASS               SPF: sender matches SPF record
X-Headers-End: 1UirVp-0005mv-68
Subject: [Bitcoin-development] Proposal: soft-fork to make anyone-can-spend
 outputs unspendable for 100 blocks
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Sat, 01 Jun 2013 19:30:51 -0000


--PNTmBPCT7hxwcZjr
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Currently the most compact way (proof-size) to sacrifice Bitcoins that
does not involve making them unspendable is to create a anyone-can-spend
output as the last txout in the coinbase of a block:

scriptPubKey: <data> OP_TRUE

The proof is then the SHA256 midstate, the txout, and the merkle path to
the block header. However this mechanism needs miner support, and it is
not possible to pay for such a sacrifice securely, or create an
assurance contract to create one.

A anyone-can-spend in a regular txout is another option, but there is no
way to prevent a miner from including a transaction spending that txout
in the same block. Once that happens, there is no way to prove the miner
didn't create both, thus invalidating the sacrifice. The announce-commit
protocol solves that problem, but at the cost of a much larger proof,
especially if multiple parties want to get together to pay the cost of
the sacrifice. (the proof must include the entire tx used to make the
sacrifice)

However if we add a rule where txouts ending in OP_TRUE are unspendable
for 100 blocks, similar to coinbases, we fix these problems. The rule
can be done as a soft-fork with 95% support in the same way the
blockheight rule was implemented. Along with that change
anyone-can-spend outputs should be make IsStandard() so they will be
relayed.

The alternative is sacrifices to unspendable outputs, which is very
undesirable compared to sending the money to miners to further
strengthen the security of the network.

We should always make it easy for people to write code that does what is
best for Bitcoin.

--=20
'peter'[:-1]@petertodd.org
00000000000000ce3427502ee6a254fed27e1cd21a656a335cd2ada79b7b5293

--PNTmBPCT7hxwcZjr
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQEcBAEBCAAGBQJRqkvbAAoJECSBQD2l8JH7YFcH/0AaUxfThHW46BTYFjCEgmzH
8+q7EqQFePWQc6IdcQ4WvN3d9OC8/KQ07fKx7ll2YtFiBakneJwEkJNCaGgO04zn
9oflgenHmbXpwAPWzw6r3GZwHW7WOUS+yn4XcWQbsOxPBgWM8JnI0TtB3jdpfE7/
OYwxFhqau7hOugAhjJEQFUkNzqFyxzjQHqxozEvQ+T4Hum/KdGD/VFZ2aYFPXzI4
8fV0y5JqV6ruVwlcblmAaYQWDTRe2HWQJaLqVKTjDkWy8AxU0vZAFH97pdpJJjT6
0ZoyG/RqJDN9bolMmLMgmQDzqVqHG86NJ3umx7NCOVKwDexf0MZWe4YzsdhA1XU=
=MhoJ
-----END PGP SIGNATURE-----

--PNTmBPCT7hxwcZjr--