Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1XuKHG-0001n1-CB for bitcoin-development@lists.sourceforge.net; Fri, 28 Nov 2014 12:03:58 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.213.171 as permitted sender) client-ip=209.85.213.171; envelope-from=gmaxwell@gmail.com; helo=mail-ig0-f171.google.com; Received: from mail-ig0-f171.google.com ([209.85.213.171]) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1XuKHF-0003Tu-JU for bitcoin-development@lists.sourceforge.net; Fri, 28 Nov 2014 12:03:58 +0000 Received: by mail-ig0-f171.google.com with SMTP id z20so5750664igj.16 for ; Fri, 28 Nov 2014 04:03:52 -0800 (PST) MIME-Version: 1.0 X-Received: by 10.50.18.102 with SMTP id v6mr33055615igd.40.1417176232335; Fri, 28 Nov 2014 04:03:52 -0800 (PST) Received: by 10.107.18.65 with HTTP; Fri, 28 Nov 2014 04:03:52 -0800 (PST) In-Reply-To: References: <63C13C3D-5333-4DEA-A42F-A4685DDE09DA@ricmoo.com> <3A394B8C-FD24-4134-A8B8-CCAF63ECB5B0@petertodd.org> Date: Fri, 28 Nov 2014 12:03:52 +0000 Message-ID: From: Gregory Maxwell To: Flavien Charlon Content-Type: text/plain; charset=UTF-8 X-Spam-Score: -1.6 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (gmaxwell[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1XuKHF-0003Tu-JU Cc: Bitcoin Dev Subject: Re: [Bitcoin-development] BIP 65 and OP_CHECKLOCKTIMEVERIFY inquiry... X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 28 Nov 2014 12:03:58 -0000 On Fri, Nov 28, 2014 at 11:45 AM, Flavien Charlon wrote: >> This breaks existing invariants and would make the coins potentially less >> fungible because they wouldn't be reorg safe. > > I'm not sure coins are ever reorg safe. All it takes is a double spend in > the history of your coins for them to become invalid after a reorg. Because > of that, there are already less fungible coins. This is why we recommend 6 > confirmations for important payments. I used the word 'less' intentionally. A double spend requires an active action. Roughly 1% of blocks are lost to reorganizations by chance, longer otherwise harmless reorgs as we've had in the past could forever destroy large chunks of coins if descendants had the unwelcome properties of having additional constraints on them. Past instances where the network had a dozen block reorganization which were harmless and simply confirmed the same transactions likely would have caused substantial losses if it reorganizations precluded the recovery of many transactions which were valid when placed earlier in the chain. Additionally your '6 confirmations' is a uniform rule. The recommendation is just a count, it's tidy. It's not a "traverse the recent history of each coin you receive to determine if its script conditions make it unusually fragile and subject to irrecoverable loss", which is the space you can get into with layering violations and transaction validity depending on arbitrary block data.