Return-Path: <jacob.swambo@kcl.ac.uk> Received: from smtp3.osuosl.org (smtp3.osuosl.org [140.211.166.136]) by lists.linuxfoundation.org (Postfix) with ESMTP id D95CEC002D for <bitcoin-dev@lists.linuxfoundation.org>; Fri, 29 Apr 2022 13:22:20 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id C10EC60E9E for <bitcoin-dev@lists.linuxfoundation.org>; Fri, 29 Apr 2022 13:22:20 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -2.102 X-Spam-Level: X-Spam-Status: No, score=-2.102 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIMWL_WL_MED=-0.001, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, HTML_MESSAGE=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: smtp3.osuosl.org (amavisd-new); dkim=pass (1024-bit key) header.d=kcl.ac.uk Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id ObF4rDcPrCVj for <bitcoin-dev@lists.linuxfoundation.org>; Fri, 29 Apr 2022 13:22:19 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 Received: from EUR05-DB8-obe.outbound.protection.outlook.com (mail-db8eur05on20710.outbound.protection.outlook.com [IPv6:2a01:111:f400:7e1a::710]) by smtp3.osuosl.org (Postfix) with ESMTPS id CABA860C24 for <bitcoin-dev@lists.linuxfoundation.org>; Fri, 29 Apr 2022 13:22:18 +0000 (UTC) ARC-Seal: i=1; a=rsa-sha256; s=arcselector9901; d=microsoft.com; cv=none; b=YpA3Z2OP0VYN/I7it85vE8dqrXGnDzFZYkxYxi4xsqAKIQsXwCIn0OvonZm8ojvGtMVsmv5VfFoAAzUsV0QJM3Pvca/KIGEqfaL+C0XDErRnwwaAfLwglwMJI49bu5WPQGUWLKGi7SRkRxRnD6oQjG79M1f/gcAQ3u8KYzgUP4VGgSqs80oZTipBW7AfyghidudELEHh/to1LppE9fIS1kUwV3fQ0r86VhW9RSQHmpdGfjo154Ak6XJfHHtwn+jVKqUTOd+ZOXmnMWlWNOU/y05OeipJDY6U2TTN/wygmIH/kyPQBXNN/9aOQd7NO8TYDEEASP42zPcSJO+HHIdLFQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector9901; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=rwzp7pK5yt8kQ2m01bNRvhvFugH8JhCp4RG5wr/jMek=; b=dI00q0Q8ZUD8kyTCPo5tXjEvXRNh8BdY08g8vBDfIh9EFiISstJugj99xCy5PKBEhpszpI1XlVohQd3HGH0CFmtCjr3ESS/HqR0Tdaw10ExIBnhJNE0NAuoo0feyA0YKg5zB1sLF4S3QJ/LoAQNz8LcmJp/aFq7DaDfK77ltL+XkcoesBr9J8LzRw/Jo/IwpBfKGGVyyp4eYCU8suGEkXbur2Yn3Y4mfy9ABVtpPZzdzuqXTY+yTdclYITgWWoK9uI2Ef4AI+mWef08MJo5yksVUS63sjZ9nRCdIfQ5HVmZEwxkSGwoIEMPxxD+FM9ZoRhyaprUQBjiGedZy+3LyRA== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=kcl.ac.uk; dmarc=pass action=none header.from=kcl.ac.uk; dkim=pass header.d=kcl.ac.uk; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=kcl.ac.uk; s=selector2; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=rwzp7pK5yt8kQ2m01bNRvhvFugH8JhCp4RG5wr/jMek=; b=erNFQRg8RJ7g+RA2TcTXls6iVoZW3qgiBBG6ecHB7Vn9CzZqAzVuAUIWBTS/Qj8E8tP5liseXnTafbjt2YknDvyJxi0Xh10ytMqt9OuOfBoSA7jTgJslQFVQ6Qjkbexov9QaxAnhtGCX8xMm2U/XTM9wd2g9MtjLyHkyKwiSeC0= Received: from VI1PR03MB5103.eurprd03.prod.outlook.com (2603:10a6:803:b6::30) by VI1PR0302MB2589.eurprd03.prod.outlook.com (2603:10a6:800:df::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.5206.13; Fri, 29 Apr 2022 13:22:14 +0000 Received: from VI1PR03MB5103.eurprd03.prod.outlook.com ([fe80::c95d:a320:c15e:e62c]) by VI1PR03MB5103.eurprd03.prod.outlook.com ([fe80::c95d:a320:c15e:e62c%7]) with mapi id 15.20.5206.013; Fri, 29 Apr 2022 13:22:14 +0000 From: "Swambo, Jacob" <jacob.swambo@kcl.ac.uk> To: "bitcoin-dev@lists.linuxfoundation.org" <bitcoin-dev@lists.linuxfoundation.org> Thread-Topic: ANYPREVOUT in place of CTV Thread-Index: AQHYW8tdARvP2FleBkG9x4CUtBW6Kw== Date: Fri, 29 Apr 2022 13:22:14 +0000 Message-ID: <VI1PR03MB5103AF9CB4D99A32F88B4BF6CCFC9@VI1PR03MB5103.eurprd03.prod.outlook.com> Accept-Language: en-GB, en-US Content-Language: en-GB X-MS-Has-Attach: X-MS-TNEF-Correlator: authentication-results: dkim=none (message not signed) header.d=none;dmarc=none action=none header.from=kcl.ac.uk; x-ms-publictraffictype: Email x-ms-office365-filtering-correlation-id: d45709c1-f23f-402d-6a6c-08da29e3467e x-ms-traffictypediagnostic: VI1PR0302MB2589:EE_ x-microsoft-antispam-prvs: <VI1PR0302MB258912CF0CC2110B0E09AD73CCFC9@VI1PR0302MB2589.eurprd03.prod.outlook.com> x-ms-exchange-senderadcheck: 1 x-ms-exchange-antispam-relay: 0 x-microsoft-antispam: BCL:0; x-microsoft-antispam-message-info: vDVIOQxsa9dcpE6LTcdfCpKUVu/jYLR4ZXjIbBdfJn5Ekic9J7G70aIXfCs7DUCUUYAnoNgvuKRNVCr4h+5TsjMcRYZDCM68uPicM5R9AWFo+W/p0HEf4NYMwl8u/Wom4+ZaZgCD7euDqGGhDpUuQMVejnSs4LnQcR76u+KhNN8sHHWv5uSQP27FdhXAfcUUATDl61bnO5ZAyGpoi3I4oUqnkiDwYz0NJMQMrZlvjOa9wPJte63cLV0m3j8Msc5ZOA5LBUDAQ8L6V2xbPGiFzEBBRrMVtMAZ4gdqFbVJFWxBXnB7xiM4EeP7dqq+AGGEK/K0qnlOv0FyKG8HYH/SzhKGlj8+zEXftXqaqdIDbbSU+JT0jsm0EWAt7m8Cs6Fh2VFy7eu25Hnf5zhyOuykD6Io/Rk3SqtmkuwN/hB604hSPfKHs4nR2871PkD9SKjjn6fbhiAzh350gpacVgKDx1vqBiNk19Nf4trAcGI93f/7m2mCtAFWVDWT//Ya+lakLX5Nlvpu4ne0/6mzmX3ky49R97QMQQdixCzrfSPeHSQrNo+QVDToyo+wu5O+St+XKAjNxaaB9cZkn9BLHfNyrZxZyNeJa4638eWvFBSVn324BDcMt3j1ZRrIclJjBw+q1tULqfwfcvmnokTc5uhFqlfOZjhIc0iAT0jeKEz2AQEt1w30uq4aUD7LKGQKJK+bYqrTZfRFL0wyJjdw0cIxzA== x-forefront-antispam-report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:VI1PR03MB5103.eurprd03.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230001)(4636009)(366004)(186003)(7696005)(66556008)(5660300002)(2906002)(66946007)(76116006)(55016003)(786003)(91956017)(66476007)(316002)(33656002)(52536014)(6916009)(83380400001)(8676002)(66446008)(64756008)(8936002)(71200400001)(508600001)(86362001)(38100700002)(38070700005)(122000001)(26005)(9686003)(6506007); DIR:OUT; SFP:1102; x-ms-exchange-antispam-messagedata-chunkcount: 1 x-ms-exchange-antispam-messagedata-0: =?us-ascii?Q?8Vm76W+qXmp2aoMnhNbIRfPkLiWnlQ+ztqoOFp9QmTeyeARMX3zbm4vBJ+R7?= =?us-ascii?Q?ZtkzHvD1iPEnoGawZwo9ej8/hTzA5Ulvdza9OV7nv6t0PBnUGIWaQQ9e9tcL?= =?us-ascii?Q?S/xaqFV1M4OqLChQxCft4wQ+bDXi9joU2dlGLD8HO/h4POfdINUfThiAqwRL?= =?us-ascii?Q?0/c/nPGHB75ueRoMpr5+l9BUt7aH9hfKMw68MtO4Rmd9WdrBGdFXBpx7Rles?= =?us-ascii?Q?tEIAM6LeD0SwiPOkSvkT9GSPfTAc+tdKz+9vsgji77g7DR5iE4BarryCQKvs?= =?us-ascii?Q?KwC2sNaD9nr7L5u0mUhJjEKV9ZywekIYC2EIEGy7TXiO6b3xK1j3hqDxf27b?= =?us-ascii?Q?Wrr4QgyS85Tn265d/xzYFUmvib+PJ8evRyFFOXtwCLBdNObNn+gGuN7ij10M?= =?us-ascii?Q?STgyHLq4Vb+tn4eoySh7EbbsbJiximY3yi12Bv5rYc8ybx450ldNejmlbrhJ?= =?us-ascii?Q?h/yNTBQ5Z+I5cktUJY1upcWQIRLpA2PTdCGQUzK/qz+3PHCz8DdnCty0JquW?= =?us-ascii?Q?i7/G7kRo1Duz4at3xRDlPbSdsQjViizCge/43mkwgoTt93aWU09tsi0NEauz?= =?us-ascii?Q?l5NqY8egxtRC6vbQCpVi2rMYrDa+C8LbOMAo6Ovx6wmMGRbERJDKYdgRZpv3?= =?us-ascii?Q?T7e0sB1+4Yj+rlUr7IraaqkFPCjbghewtWHIUGXTHEgXIiZjMTjpNysyaRa/?= =?us-ascii?Q?5KN2cI5T4O0sr92g4hI44LaGB+vEyJZnczgoyXe3aBuvDLsKpmC0te+ij5q+?= =?us-ascii?Q?14ZKJMXyC3ZG92Urtf0DI/U52xMZKU//YNPL06t7re6994AD/eDrlsd2Ug62?= =?us-ascii?Q?DUstlNuFGumKVinfCA6LKN7a/JMTzD0Qh9yYorU20a43DseMXmB1EXASnvXY?= =?us-ascii?Q?O3Nd0urT5P+a7MOB3umPy6iON5kFiBeLUEaBOMYEYBM4RnBsoGm0un0OCCSl?= =?us-ascii?Q?aNcmSaxCpK295te8acXrvktuBQ6J0hx4CLH+jDAVNdS+Rsdmgtmlw9JafW7w?= =?us-ascii?Q?YoUZFulWYkPKAFVlbgAdW4EFYmASNCZl5mitgYqrWXAj1K/WUk79qknTQ8Q9?= =?us-ascii?Q?15rBNTyMrjtMrGtCC41l9Wz94NeboA6SACGJRbJK/SrXswTWxrPl6t7ie7hH?= =?us-ascii?Q?KWqjJ/Ogkg4K74B0H27DgRM5P1cVR+jZD9H2Pb56yCZIiuAI6EDMYgzGK9ga?= =?us-ascii?Q?zp7xY8brrZlcDITSBv1ERjjNzu9hacSE4woxBygmCo80JcWoFA3/+Z6mCbZs?= =?us-ascii?Q?/wvYzBC9YBWgrUahIFXwW/wEvFEUfM3jFy1X+VUA30rXujwasMlq4gYW7aj4?= =?us-ascii?Q?68J01pYQ7SwG7WC8O2rgeV+4RSADhak2iO90TeVBLBAOR2rpQODqOFIS1uEC?= =?us-ascii?Q?avTzQkADPDzWNjVTmE7T8hL3o4L7w0A8aHO5lp7O+A67djDN9mopeW5jVzLU?= =?us-ascii?Q?+68tHZJtobbIt20P42cbfOf8MXVMJg86ii2AWZOU+PVJS8Fy96nt53eFG7Dq?= =?us-ascii?Q?qTMetb76d0lz/h1GLz2JJ6dPJLKu1lntDJ+gE2Mfl3QqKPFO1ro+1cKAIDzN?= =?us-ascii?Q?Jx3A6+7epiBk7o0FL891vJGtjdVrP3HD5gzvhyxD8AoaWXKbVSsEWCBYxG97?= =?us-ascii?Q?wh/qSsKLWdY/h3BcuduFMnzaq8WV+oGYZEySGIhwsAqg4d45ybxW6713XqdO?= =?us-ascii?Q?0yXrBzObvlL1l0B0uXAQ5oKQpFfVZPN8PDOzxV9XjY3DdvcT5PtgHblahvHS?= =?us-ascii?Q?y9Oax9OECC0NLOJbOfXko/v5vcaWGi0=3D?= Content-Type: multipart/alternative; boundary="_000_VI1PR03MB5103AF9CB4D99A32F88B4BF6CCFC9VI1PR03MB5103eurp_" MIME-Version: 1.0 X-OriginatorOrg: kcl.ac.uk X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-AuthSource: VI1PR03MB5103.eurprd03.prod.outlook.com X-MS-Exchange-CrossTenant-Network-Message-Id: d45709c1-f23f-402d-6a6c-08da29e3467e X-MS-Exchange-CrossTenant-originalarrivaltime: 29 Apr 2022 13:22:14.3195 (UTC) X-MS-Exchange-CrossTenant-fromentityheader: Hosted X-MS-Exchange-CrossTenant-id: 8370cf14-16f3-4c16-b83c-724071654356 X-MS-Exchange-CrossTenant-mailboxtype: HOSTED X-MS-Exchange-CrossTenant-userprincipalname: ZSAPxrvgFLl4JXtgCGCZst4efXuOG1iVQyWd8dxeHtysUCsXahDopFBsYxHTJ+7gBXFBq0X8UlW8EYkbunQYKA== X-MS-Exchange-Transport-CrossTenantHeadersStamped: VI1PR0302MB2589 X-Mailman-Approved-At: Fri, 29 Apr 2022 13:25:19 +0000 Subject: Re: [bitcoin-dev] ANYPREVOUT in place of CTV X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org> List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>, <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe> List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/> List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org> List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help> List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>, <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe> X-List-Received-Date: Fri, 29 Apr 2022 13:22:20 -0000 --_000_VI1PR03MB5103AF9CB4D99A32F88B4BF6CCFC9VI1PR03MB5103eurp_ Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable Hi, While I agree with the arguments in favour of (optional ANYONECANPAY) APOAS= in lieu of CTV in the short-term (given the additional benefit of enabling= Eltoo), there's a point to add in favour of CTV (or similar) in the long-t= erm beyond as an optimisation. With APOAS-based covenants, the signature message algorithm is tied to both= the covenant commitment and transaction validation. Coupling these things = introduces a trade-off between safety and flexibility with covenant-based a= pplications. E.g. the maximally safe and restricted covenant commits to all= inputs and outputs of the transaction (using SIGHASH ALL). However, a less= restricted covenant commits to, for example, a single input and a single o= utput (using ANYONECANPAY|SINGLE) but opens itself up to attacks making use= of transaction malleability and signature replay. If instead we separate t= he covenant commitment from the signatures to validate transactions (as wit= h CTV and TXHASH + CHECKSIGFROMSTACK) then we by-pass this trade-off. The f= lexibility of additional templates with new CTV versions or with the TXHASH= primitive seems to me to enable significantly more utility for covenant-ba= sed applications. Best regards, Jacob Swambo --_000_VI1PR03MB5103AF9CB4D99A32F88B4BF6CCFC9VI1PR03MB5103eurp_ Content-Type: text/html; charset="us-ascii" Content-Transfer-Encoding: quoted-printable <html> <head> <meta http-equiv=3D"Content-Type" content=3D"text/html; charset=3Dus-ascii"= > </head> <body> Hi, <div dir=3D"auto"><br> </div> <div dir=3D"auto">While I agree with the arguments in favour of (optional A= NYONECANPAY) APOAS in lieu of CTV in the short-term (given the additional b= enefit of enabling Eltoo), there's a point to add in favour of CTV (or simi= lar) in the long-term beyond as an optimisation. </div> <div dir=3D"auto"><br> </div> <div dir=3D"auto">With APOAS-based covenants, the signature message algorit= hm is tied to both the covenant commitment and transaction validation. Coup= ling these things introduces a trade-off between safety and flexibility wit= h covenant-based applications. E.g. the maximally safe and restricted covenant commits to all inputs and outpu= ts of the transaction (using SIGHASH ALL). However, a less restricted coven= ant commits to, for example, a single input and a single output (using ANYO= NECANPAY|SINGLE) but opens itself up to attacks making use of transaction malleability and signature replay.= If instead we separate the covenant commitment from the signatures to vali= date transactions (as with CTV and TXHASH + CHECKSIGFROMSTACK) then we by-p= ass this trade-off. The flexibility of additional templates with new CTV versions or with the TXHASH primitive= seems to me to enable significantly more utility for covenant-based applic= ations.</div> <div dir=3D"auto"><br> </div> <div dir=3D"auto">Best regards,</div> <div dir=3D"auto"><br> </div> <div dir=3D"auto">Jacob Swambo</div> </body> </html> --_000_VI1PR03MB5103AF9CB4D99A32F88B4BF6CCFC9VI1PR03MB5103eurp_--