Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 889D3EED for ; Thu, 24 May 2018 09:32:38 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-wm0-f48.google.com (mail-wm0-f48.google.com [74.125.82.48]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 2D7006DB for ; Thu, 24 May 2018 09:32:37 +0000 (UTC) Received: by mail-wm0-f48.google.com with SMTP id j5-v6so3238202wme.5 for ; Thu, 24 May 2018 02:32:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=xWF2heBxKpqIW9QKb5IEqNb5AFUu67SCn4eMAeHllhQ=; b=k9QKXDfSBngAxlr4lKfkHdBxVyv0wJ8M8DYQoelmbYqedyZPHOFjTCNthWEJCYLGEL yndodS4ciVdlKf3o6NaPJVfTphBHqAHQNcmcOCRVF2XIK2fGIIB88M1B8rZosFR9MOpt u2DdQzUgW3FYm8t2miJOl/PbXWy+W90zxOcIRMH8LFOx84/uGPxzOP9tNWginpkTWCVy Al5ulr/g5dkAXWmi/Ac2KQMPWnSrlH6QtfLqlxiGYByhqxfWd5hdh32Udasdk1ExOAtU R/03zYbC9IY5n6Nns0eeuhAjV0TIF+TS98mmG7sC1sTrxBVu2L5KgtyXGhqQ9TanYIfn XJEg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=xWF2heBxKpqIW9QKb5IEqNb5AFUu67SCn4eMAeHllhQ=; b=odTTRQuoFxgSUo3nQya8yLEJGVUNt/K9zt3UipzFWrlU/Om11u0hbPTweOon0fXPE7 P+xBiHhyHWelAJ/xhj1/IWcSVEMSDKQGEKjxkSlPqBGyF4Vfs6hhYLgzXld8fTY5HOjg z77NXL+ARFIyZuz62hOTqHMvxzPcxe0TKFi5c+Mqtf6V0/B0mu3MrTEhMCXlxN4BcVNz ij8REbODMStdE+gYg1AdJlVuXwD3hv3S3WhhiUkypG0KHZ83k8xB3WcOj8lc1VZuu8tB lpw2StZz3jRxCWwekkFBKDwpRNXmO8fsPTcH0GQB6/UC8YnW8Ccpty0D2n4kKMBOdxf/ c6ww== X-Gm-Message-State: ALKqPwfDhTOv/RoCJhvfIDZptOUFu6IAoAnkTXab2PNFBikUaF4jeyvb Hm2zgfMb9ty35BZg2/MldtH2zyDQcUOydseJSVk= X-Google-Smtp-Source: AB8JxZomNeaAfLbIBQD3ANlhe9Cn+z5lEIpH3I3GQd6HvsZSLerZQheo5zk8ih/G1bt+XeVTYZXcazHJjcim/j8Siv4= X-Received: by 2002:a50:cb01:: with SMTP id g1-v6mr11192814edi.81.1527154355764; Thu, 24 May 2018 02:32:35 -0700 (PDT) MIME-Version: 1.0 References: In-Reply-To: From: Natanael Date: Thu, 24 May 2018 11:32:23 +0200 Message-ID: To: Gregory Maxwell Content-Type: multipart/alternative; boundary="000000000000e4820c056cf05471" X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, HTML_MESSAGE, RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Cc: Bitcoin Dev Subject: Re: [bitcoin-dev] Should Graftroot be optional? X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 24 May 2018 09:32:38 -0000 --000000000000e4820c056cf05471 Content-Type: text/plain; charset="UTF-8" Den tor 24 maj 2018 01:45Gregory Maxwell skrev: > I am having a bit of difficulty understanding your example. > > If graftroot were possible it would mean that the funds were paid to a > public key. That holder(s) of the corresponding private key could > sign without constraint, and so the accoutability you're expecting > wouldn't exist there regardless of graftroot. > > I think maybe your example is only making the case that it should be > possible to send funds constrained by a script without a public key > ever existing at all. If so, I agree-- but that wasn't the question > here as I understood it. > I have to admit I not an expert on this field, so some of my concerns might not be relevant. However, I think Wuille understood my points and his reply answered my concerns quite well. I'm only asking for the optional ability to prove you're not using these constructions (because some uses requires committing to an immutable script), and that already seems to exist. So for the future implementations I only ask that this ability is preserved. I think such a proof don't need to be public (making such a proof in private is probably often better), although optionally it might be. A private contract wouldn't publish these details, while a public commitment would do so. > --000000000000e4820c056cf05471 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable


= Den tor 24 maj 2018 01:45Gregory Maxwell <greg@xiph.org> skrev:
I am having a bit of difficulty understanding your example.

If graftroot were possible it would mean that the funds were paid to a
public key.=C2=A0 That holder(s) of the corresponding private key could
sign without constraint, and so the accoutability you're expecting
wouldn't exist there regardless of graftroot.

I think maybe your example is only making the case that it should be
possible to send funds constrained by a script without a public key
ever existing at all.=C2=A0 If so, I agree-- but that wasn't the questi= on
here as I understood it.

=
I have to admit I not an expert on this field, so s= ome of my concerns might not be relevant. However, I think Wuille understoo= d my points and his reply answered my concerns quite well. I'm only ask= ing for the optional ability to prove you're not using these constructi= ons (because some uses requires committing to an immutable script), and tha= t already seems to exist. So for the future implementations I only ask that= this ability is preserved.=C2=A0

I think such a proof don't need to be public (making such a p= roof in private is probably often better), although optionally it might be.= A private contract wouldn't publish these details, while a public comm= itment would do so.=C2=A0
--000000000000e4820c056cf05471--