Return-Path: Received: from smtp2.osuosl.org (smtp2.osuosl.org [IPv6:2605:bc80:3010::133]) by lists.linuxfoundation.org (Postfix) with ESMTP id 2A291C0DCE for ; Mon, 20 Nov 2023 19:47:26 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id 01FD040A42 for ; Mon, 20 Nov 2023 19:47:26 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org 01FD040A42 Authentication-Results: smtp2.osuosl.org; dkim=pass (1024-bit key) header.d=gazeta.pl header.i=@gazeta.pl header.a=rsa-sha256 header.s=2013 header.b=bZsA6ck1 X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: 0.604 X-Spam-Level: X-Spam-Status: No, score=0.604 tagged_above=-999 required=5 tests=[BAYES_50=0.8, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id e-cgA7XHg-R5 for ; Mon, 20 Nov 2023 19:47:23 +0000 (UTC) Received: from smtpa34.poczta.onet.pl (smtpa34.poczta.onet.pl [213.180.142.34]) by smtp2.osuosl.org (Postfix) with ESMTPS id 3F0B140930 for ; Mon, 20 Nov 2023 19:47:22 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org 3F0B140930 Received: from pmq1v.m5r2.onet (pmq1v.m5r2.onet [10.174.32.67]) by smtp.poczta.onet.pl (Onet) with ESMTP id 4SYyhM1Bjtz1BCT; Mon, 20 Nov 2023 20:47:15 +0100 (CET) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gazeta.pl; s=2013; t=1700509635; bh=tFIZzycw+tFJAUWKxKd2ek7fjvTFqXoVWv5HJEY5Vgo=; h=From:Cc:To:Date:Subject:From; b=bZsA6ck1mhIxyhdMF9vOHcp49UjZ2Yhb6HZHq02AXTMXVuXWsqHAWrxevd4EkRNTD J33/sqJPzeiuMPzxnTj6IoWszMUHuNRr65btOJO+Z4tVtrREcHA7ThatO0DDs7bUD+ oa+BQ9Q0GwmHMxyh/o+XyZ5FEOtgGyEvrcNhuOno= Content-Type: multipart/alternative; boundary="===============4943912933812360673==" MIME-Version: 1.0 Received: from [5.173.240.149] by pmq1v.m5r2.onet via HTTP id ; Mon, 20 Nov 2023 20:47:15 +0100 From: vjudeu@gazeta.pl X-Priority: 3 To: Anthony Towns , Bitcoin Protocol Discussion , Bitcoin Protocol Discussion Date: Mon, 20 Nov 2023 20:47:13 +0100 Message-Id: <196556244-f24094b55827d9a09fa29ca8aa04b163@pmq1v.m5r2.onet> X-Mailer: onet.poczta X-Onet-PMQ: ;5.173.240.149;PL;3 X-Mailman-Approved-At: Mon, 20 Nov 2023 19:51:58 +0000 Cc: Casey Rodarmor Subject: Re: [bitcoin-dev] Purely off-chain coin colouring X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 20 Nov 2023 19:47:26 -0000 This is a multi-part message in MIME format. --===============4943912933812360673== Content-Type: text/plain; charset="utf-8" Content-Transfer-Encoding: quoted-printable > Sign-to-contract looks like: =C2=A0 Nice! I think it should be standardized as some informational BIP. This is = a similar case as with Silent Payments: it is possible to let users make th= eir own commitments as they please, but if it will be officially standardiz= ed, then it will be possible to build more protocols on top of that, in a w= ay which will be understood properly by other nodes. =C2=A0 Before, I thought about interpreting signature R-value just as a Taproot-ba= sed public key, and forming a commitment as a valid input, that would allow= moving coins on such address, but maybe we could standardize it in a simpl= er way than that. In general, if a commitment would allow pushing any data,= it could be always extended when needed, because future commitments could = be always nested in the old ones, 32 bytes is enough to do that. =C2=A0 Also, I thought about including OP_RETURN at the beginning of each commitme= nt, to make sure it will be never pushed on-chain, but only stored and proc= essed off-chain. Another thing is that r-value is always expressed as some = 256-bit number, even in DER encoding, which means we can always assume 02 p= ublic key prefix in all commitments, and simply convert it directly into a = proper Taproot address. --===============4943912933812360673== Content-Type: text/html; charset="utf-8" Content-Transfer-Encoding: quoted-printable
> Sign-to-contract looks like:
 
Nice! I think it should be standardized as some informational BIP. Thi= s is a similar case as with Silent Payments: it is possible to let users ma= ke their own commitments as they please, but if it will be officially stand= ardized, then it will be possible to build more protocols on top of that, i= n a way which will be understood properly by other nodes.
 
Before, I thought about interpreting signature R-value just as a Tapro= ot-based public key, and forming a commitment as a valid input, that would = allow moving coins on such address, but maybe we could standardize it in a = simpler way than that. In general, if a commitment would allow pushing any = data, it could be always extended when needed, because future commitments c= ould be always nested in the old ones, 32 bytes is enough to do that.
 
Also, I thought about including OP_RETURN at the beginning of each com= mitment, to make sure it will be never pushed on-chain, but only stored and= processed off-chain. Another thing is that r-value is always expressed as = some 256-bit number, even in DER encoding, which means we can always assume= 02 public key prefix in all commitments, and simply convert it directly in= to a proper Taproot address.
--===============4943912933812360673==--