summaryrefslogtreecommitdiff
path: root/66/cfd9b89246b4060f73ac228911ab5e1cf4f614
blob: a3e7289568f318dc6c08c5377c20f99b7f71c09f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
Delivery-date: Fri, 15 Nov 2024 02:36:09 -0800
Received: from mail-ua1-f64.google.com ([209.85.222.64])
	by mail.fairlystable.org with esmtps  (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
	(Exim 4.94.2)
	(envelope-from <bitcoindev+bncBAABBD6I3S4QMGQEJR6AHQQ@googlegroups.com>)
	id 1tBtgO-0005qj-FJ
	for bitcoindev@gnusha.org; Fri, 15 Nov 2024 02:36:08 -0800
Received: by mail-ua1-f64.google.com with SMTP id a1e0cc1a2514c-855c41b9f27sf642174241.1
        for <bitcoindev@gnusha.org>; Fri, 15 Nov 2024 02:36:07 -0800 (PST)
ARC-Seal: i=2; a=rsa-sha256; t=1731666962; cv=pass;
        d=google.com; s=arc-20240605;
        b=NNYXAScN6Xf5nKIdYpSlXrddhOCht2DwF1V5RHPjPcwRVNOsFrZKVFdl9c7yXLRwez
         YefltBooZ/87DyHgyNu8LLfmghbH/gmwNhAA+N5kRobnfo9MY0kqA8GVEvTLwHc19AJD
         dT+POAElHTAPqaDsnxQFjEiyNOerIN8VVY0xUwn3BirmprMJmbKzZr6D2QMn/i9ogZrM
         B/87pK1n90/IbFiX0Idg8djWonVXIgOM8vvEnYrIMl4nfctRdUdne/T1edxVQAsjpXMf
         mfXjIMwNrsaqylzfDuA98QUtTFdywfZdCso8gvswnHkY4grAp7CqbQ8q9wwu2ENasM3l
         KwnQ==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:reply-to:mime-version:feedback-id
         :references:in-reply-to:message-id:subject:cc:from:to:date
         :dkim-signature;
        bh=l7fMhKvocDRNG9iOzV4S6paBTFUNIQHE+w8b1Dli7oY=;
        fh=847mV6iNg9X1/ZWsb2i5HtuZJNhTK/vHhkX4xAEga20=;
        b=Zup0VSSnM2V07Tk7uHsebH4TJaW6ih7z6r8xsG8GBi5VKZPdfuMN5raUiJJ3Ccf8z8
         oxnvpmk9aha/f9yeuyycQevUw5TWqRviCI0Bid6nbfnKjqsvMoYN0d4hhDP1x4oKYimx
         zCL9LbvcHeK7I6QaqcrrePmIctGrJV8cd6XkfngV8HPqW344PXdk0i7DmPiTdz0wX3u5
         EweTC2WDuWR60XhLmFgj2yl2xS0mQRutTjT7N4e3gdMkyuQuoc2KnopINxPRD8tfGK+S
         +pkpmZqWoLFRCTy9trt47viICeg6HOTY9U7UBBzO7WMEnY3kQWDz58CkoocbpIXYvZN6
         TYkg==;
        darn=gnusha.org
ARC-Authentication-Results: i=2; gmr-mx.google.com;
       dkim=pass header.i=@protonmail.com header.s=protonmail3 header.b=zEbFwHVV;
       spf=pass (google.com: domain of moonsettler@protonmail.com designates 185.70.40.135 as permitted sender) smtp.mailfrom=moonsettler@protonmail.com;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=protonmail.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=googlegroups.com; s=20230601; t=1731666962; x=1732271762; darn=gnusha.org;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:reply-to
         :x-original-authentication-results:x-original-sender:mime-version
         :feedback-id:references:in-reply-to:message-id:subject:cc:from:to
         :date:from:to:cc:subject:date:message-id:reply-to;
        bh=l7fMhKvocDRNG9iOzV4S6paBTFUNIQHE+w8b1Dli7oY=;
        b=vWBZfmkZpvfsdBPiTpURdAgtuP0/kfYJtxInnKkuS8tD6A8aURtFGaLEG9pqM6qy8P
         4V0QB/8+2m1EFMijgAuk150BDgHdXjSX9sUY1SLKxoAmsLmhJnrGcs7fSkjuXAZnt05f
         wAGiXEw1VQ70jFiIdzdi7OrRzL2O9KJUE/EIcaXoM9P18xOf1lPC6n1giBd6PIMWFfHG
         8HjATZjr+xxeF3KMMdHKxVRMnVvjF/qGT6e7YCfmhocicy6YHKZ4QpsfY0KBcucuoIWB
         BiKPic2zn0r5qRhzt8OsS3bpO1NN1Hus7vdyiTTC9jw1r5Uan5GXMZnO3c1+YgFfXaXa
         RCtQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20230601; t=1731666962; x=1732271762;
        h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
         :list-id:mailing-list:precedence:reply-to
         :x-original-authentication-results:x-original-sender:mime-version
         :feedback-id:references:in-reply-to:message-id:subject:cc:from:to
         :date:x-beenthere:x-gm-message-state:from:to:cc:subject:date
         :message-id:reply-to;
        bh=l7fMhKvocDRNG9iOzV4S6paBTFUNIQHE+w8b1Dli7oY=;
        b=aEnHZS8BSAPFkw5fOgmbiQhZRa6Yknr037M4gqh9opfnOV+EujxTQ0vbIW5pZa8RTT
         ylaNoFm8M8R0lyVs8iRHkMx3ETu9RSmnOmafMb769yBW3ImpCvjMDlHx6JBFkZFgnsy8
         iBAyVQ6FOpRDlu57/PWl6jMnEW9RB+QQ+GI+82CNLKRlAveiU9JH32+QVyLMKt20RPnY
         ocYRLj3u9dLnyI2PFbud3a9yljQgwN/IC1K3tXD/MqbcHHPdOAGm8BV2yzXEY7SiljZ9
         EOURjdNkJZRWKcjbP2/bySjCO0+VbCwBeyngt07xDJFkvGULBFwpF8hlvKvlpw3RRon7
         kbSQ==
X-Forwarded-Encrypted: i=2; AJvYcCV+Av27L6rC6qNdmJN3TiwZJuypsnvLJyMANTljRJ59/7NO4nN17d4+k9awpwH7qHeKxhVoIFbUX/V2@gnusha.org
X-Gm-Message-State: AOJu0YxgOAyormW/2QJX8XpYX03OmNRQr+Y9mAGeL64Ynb5yJfQPVtn9
	Tc2xQugc8kwrgX249QiqpQj89nSVDYQm2Sp1x+B/KQ1ZNIuElXT+
X-Google-Smtp-Source: AGHT+IEJUYkz6ov4vyX/kLPdc3hYQPO8SIpnIDuctJtK8jJPGEO/irjLpe9RmthPoRocDlVM447gqA==
X-Received: by 2002:a05:6102:f07:b0:4ad:48f4:8be1 with SMTP id ada2fe7eead31-4ad62d519ebmr2435192137.25.1731666961715;
        Fri, 15 Nov 2024 02:36:01 -0800 (PST)
X-BeenThere: bitcoindev@googlegroups.com
Received: by 2002:a05:622a:1a87:b0:458:2e21:e400 with SMTP id
 d75a77b69052e-46356ebe352ls26296951cf.0.-pod-prod-04-us; Fri, 15 Nov 2024
 02:35:59 -0800 (PST)
X-Received: by 2002:a05:620a:1a18:b0:7b1:880c:5834 with SMTP id af79cd13be357-7b362362696mr306477685a.48.1731666959037;
        Fri, 15 Nov 2024 02:35:59 -0800 (PST)
Received: by 2002:a05:620a:111c:b0:7a1:d643:94b4 with SMTP id af79cd13be357-7b361857baems85a;
        Fri, 15 Nov 2024 02:14:58 -0800 (PST)
X-Received: by 2002:a05:600c:384f:b0:42c:a8cb:6a75 with SMTP id 5b1f17b1804b1-432df7452a2mr18540845e9.17.1731665696770;
        Fri, 15 Nov 2024 02:14:56 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1731665696; cv=none;
        d=google.com; s=arc-20240605;
        b=QlAh7yB1A46tLQAxHl0vS6RnVKF7P4CzHLZvHGhGlJkrKqVMV+QnHi0lYeAsFKpsay
         evUw6ZzTfUANxfMShBE/K9GF2jhq+ZByOJ7HM8OfEkKtA8ff6GbhurULFCJi/LrJNg7O
         m2oA4nK81ctPjOdFyUd4Rl0fVFJ2awpZJlIFFiEdyOW2h2auPJGnIn6hE6Nuqmy6OXZu
         g3vDvNmmdQXTApL8rOZAKQ4MDefIE+zaODr39VSkHJFswICEhAcQX7bpRySjKc5W536G
         mz3dqQ1oJutBQkpjyp34n7rkNHjQvb1VsY9Uxjf7os7+TadVgIRn24IAGHhDVGCUWVLi
         QHqQ==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
        h=content-transfer-encoding:mime-version:feedback-id:references
         :in-reply-to:message-id:subject:cc:from:to:date:dkim-signature;
        bh=IiKEYE4Ys8AUdsIrFsRCEibsMUNYM6FGTXFd88IPHjw=;
        fh=0Bf8Ni34T2XO/uRpNwBN18lccMSbp9N/tGUNP10ZWls=;
        b=DhlGWz2pTPfknXyCctuIZ32iRBa0MODayG2kcb2VLoflIm6Lo9W5Tiw1k4BovROykJ
         +c+jp+P5tOTK0AXQ+P7u5iTGfbQi0e/AtecP1iLvhGO9XnIOeaN80fl1X3EWAnWGyyFs
         4o5tnc19yKoW6wspEUp4Bvx0yVp/MkkSoNH2Dq16C5fBdyGLzF3lZ/iXDfktifk8/lRq
         NnXNTgmO+Hs46CMUPuab9GsDsflXuMuyczBR6q7dHttW+tIwbbQpLXRpm42D5y1e6GQl
         hADTTlJHx2pw+P77bzSDTfUXHbbH7NXJxhcCyYl7HewPgYmJHWVGfSI7uWKuMnoABK40
         mJww==;
        dara=google.com
ARC-Authentication-Results: i=1; gmr-mx.google.com;
       dkim=pass header.i=@protonmail.com header.s=protonmail3 header.b=zEbFwHVV;
       spf=pass (google.com: domain of moonsettler@protonmail.com designates 185.70.40.135 as permitted sender) smtp.mailfrom=moonsettler@protonmail.com;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=protonmail.com
Received: from mail-40135.protonmail.ch (mail-40135.protonmail.ch. [185.70.40.135])
        by gmr-mx.google.com with ESMTPS id 5b1f17b1804b1-432d48b8f7dsi2966535e9.1.2024.11.15.02.14.56
        for <bitcoindev@googlegroups.com>
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Fri, 15 Nov 2024 02:14:56 -0800 (PST)
Received-SPF: pass (google.com: domain of moonsettler@protonmail.com designates 185.70.40.135 as permitted sender) client-ip=185.70.40.135;
Date: Fri, 15 Nov 2024 10:14:52 +0000
To: Brandon Black <freedom@reardencode.com>
From: "'moonsettler' via Bitcoin Development Mailing List" <bitcoindev@googlegroups.com>
Cc: bitcoindev@googlegroups.com
Subject: Re: [bitcoindev] CHECKSIGFROMSTACK(VERIFY/ADD)
Message-ID: <83CBONdqGnLg2CP1tqiIPtOaG4Lx35UTqrmRBv2hagwsMlmZAMG0e165Wq_k43h-7pgS9yDdWx8qsAAB9AxQWr_RH_CaJdDZztNvXCGM6Rc=@protonmail.com>
In-Reply-To: <ZzZziZOy4IrTNbNG@console>
References: <ZzZziZOy4IrTNbNG@console>
Feedback-ID: 38540639:user:proton
X-Pm-Message-ID: b69ee0da77fbbe986b7a898bc20bc7b11df27281
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
X-Original-Sender: moonsettler@protonmail.com
X-Original-Authentication-Results: gmr-mx.google.com;       dkim=pass
 header.i=@protonmail.com header.s=protonmail3 header.b=zEbFwHVV;
       spf=pass (google.com: domain of moonsettler@protonmail.com designates
 185.70.40.135 as permitted sender) smtp.mailfrom=moonsettler@protonmail.com;
       dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=protonmail.com
X-Original-From: moonsettler <moonsettler@protonmail.com>
Reply-To: moonsettler <moonsettler@protonmail.com>
Precedence: list
Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com
List-ID: <bitcoindev.googlegroups.com>
X-Google-Group-Id: 786775582512
List-Post: <https://groups.google.com/group/bitcoindev/post>, <mailto:bitcoindev@googlegroups.com>
List-Help: <https://groups.google.com/support/>, <mailto:bitcoindev+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/bitcoindev
List-Subscribe: <https://groups.google.com/group/bitcoindev/subscribe>, <mailto:bitcoindev+subscribe@googlegroups.com>
List-Unsubscribe: <mailto:googlegroups-manage+786775582512+unsubscribe@googlegroups.com>,
 <https://groups.google.com/group/bitcoindev/subscribe>
X-Spam-Score: -1.0 (-)

Hi Brandon,

For what it's worth, I also think signature aggregation will be the dominant
form of CSFS use. LNhance at it's core is CTV + CSFS, and so it makes sense
to have both of those available in pre-tapscript.

No strong opinion on CHECKSIGFROMSTACKADD, agree with the general reasoning.

It's a bit weird to backport Schnorr this way, and the NOP upgrade path
leaving 3 elements on the stack is also unfortunate. On the other hand,
reverting CSFSV to use ECDSA in pre-tapscript would force us to consider
implementing script multisig, to do anything really worthwhile there.

BR,
moonsettler




Sent with Proton Mail secure email.

On Thursday, November 14th, 2024 at 11:02 PM, Brandon Black <freedom@reardencode.com> wrote:

> Hi list,
> 
> As we're working toward numbering and merge for the CHECKSIGFROMSTACK
> (CSFS) BIP, there are 2 open questions[1] that may be worth resolving
> before it is merged as a draft:
> 
> * Should CHECKSIGFROMSTACKVERIFY (CSFSV) be added to pre-tapscript?
> 
> The proposed opcode always evaluates BIP340 Schnorr signatures
> regardless of script version, so making it available in earlier script
> versions makes Schnorr signatures available on those script versions for
> certain use cases.
> 
> My personal thinking in initially including CSFSV in earlier script
> versions was basically that it's compatible with NOP forking, so why
> not. Because LNHANCE includes CTV which is designed as a NOP compatible
> upgrade, also including CSFSV fits well with CTV.
> 
> The other side of the argument is that we shouldn't include
> compatibility with earlier script versions unless there's a concrete
> benefit to doing so. For CTV, the possibility of bare CTV is a
> compelling reason to add it to earlier script versions, but there's not
> a similarly compelling reason to include CSFSV.
> 
> Using a scarce NOP to provide Schnorr signed commitments to earlier
> scripts may not be worthwhile.
> 
> 
> * Should we include CHECKSIGFROMSTACKADD?
> 
> Obviously, if script multisig is going to be a common use case for
> checking signatures on stack data CHECKSIGFROMSTACKADD simplifies the
> corresponding scripts by a few WU per key. As MuSig2 and FROST are
> progressing in standardization and implementation, I do not expect
> script multisig to be a dominant use for these opcodes, so I did not
> include CSFSA initially.
> 
> Here the argument is somewhat the inverse of CSFSV on legacy: We have
> many OP_SUCCESSes available, so the cost of allocating one for CSFSA is
> low, and the benefit is that making script multisigs with CSFSA (such as
> those produced by miniscript) is simpler and less error prone.
> 
> --
> 
> I would love to hear thoughts about both of these questions from the
> list, and will update the BIP and implementations of CSFS(V/A) based on
> your feedback.
> 
> Thanks much!
> 
> --Brandon
> 
> [1]: https://github.com/bitcoin/bips/pull/1535#issuecomment-2111195930
> 
> --
> You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
> To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/ZzZziZOy4IrTNbNG%40console.

-- 
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/83CBONdqGnLg2CP1tqiIPtOaG4Lx35UTqrmRBv2hagwsMlmZAMG0e165Wq_k43h-7pgS9yDdWx8qsAAB9AxQWr_RH_CaJdDZztNvXCGM6Rc%3D%40protonmail.com.