1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
|
Delivery-date: Wed, 04 Jun 2025 00:57:00 -0700
Received: from mail-yb1-f189.google.com ([209.85.219.189])
by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
(Exim 4.94.2)
(envelope-from <bitcoindev+bncBCO6NFWETEOBBQPY77AQMGQETXAH5TI@googlegroups.com>)
id 1uMizb-0004Xz-1D
for bitcoindev@gnusha.org; Wed, 04 Jun 2025 00:56:59 -0700
Received: by mail-yb1-f189.google.com with SMTP id 3f1490d57ef6-e7dd83f8690sf9262204276.2
for <bitcoindev@gnusha.org>; Wed, 04 Jun 2025 00:56:58 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=googlegroups.com; s=20230601; t=1749023813; x=1749628613; darn=gnusha.org;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:x-original-sender:mime-version
:subject:references:in-reply-to:message-id:to:from:date:sender:from
:to:cc:subject:date:message-id:reply-to;
bh=zlPRDg/6shO5+15ItbV6l/OnXqgaAiyxL5wNLgfQ0L8=;
b=J87lYbcBZMbvroU2xOJsL3KvuOrHoUIrChBslOlAuUDS7D0K1iXiyFN0t8YfB4JTfV
KXiSECSuCmiNAJdLIMic4AXYx3QZx4z1vL+ntY5PXs/BVkN9jcx46wtJJ03+agAa8Hz0
FEVZZVdDTmjy5aKdLQ+SOKISfIvcezs3/aN+AHPZ6jhHVpRI+x23dNeM0o8m1dtWKDwf
Pjk9tPTKsvS48LzBWo+Qmo5JUVsmWZUhS4ffD2JbsDaTKxta8Q6E9Wstmis23oVtTeM+
Hcr0CUNzmBXNiW9FAokXbSrH7U2TfRuw0rnA/aWSwUcE3TDIgD3goarCRzibD3Y67P5a
p5Dg==
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=gmail.com; s=20230601; t=1749023813; x=1749628613; darn=gnusha.org;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:x-original-sender:mime-version
:subject:references:in-reply-to:message-id:to:from:date:from:to:cc
:subject:date:message-id:reply-to;
bh=zlPRDg/6shO5+15ItbV6l/OnXqgaAiyxL5wNLgfQ0L8=;
b=bh4axTOgU5/c82dbDcZeqTo3XzF/DyhFXQ1wMG+prQ+l9XYgxCQlIL4/hS+iN7x+N0
0HRJThYl3jqWlvSkwpLL+IM4S4Idew0O7jGDekffwhfGURYmEXXVj7/9+fYgB/d2IdhW
nJIYLPf66GYNqRuhGd70hGfYlOtXD+vxnwm5sLwPAphQqMMKvuqmyXe9WiHHB7i9JLjz
RURWUA1z4+FX+eL8WPaZowz+/59al9TWK/AoIgHHzXjyGjzbJ3sQhmX/2eWbszUtC++l
i8Bwq834/9p1mKCR9DMygAB9aAh1lBeHoQxiIHunvZ4v1/hA/xJD1tqrvfvcnDOgV2TZ
B8Bg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1749023813; x=1749628613;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:x-original-sender:mime-version
:subject:references:in-reply-to:message-id:to:from:date:x-beenthere
:x-gm-message-state:sender:from:to:cc:subject:date:message-id
:reply-to;
bh=zlPRDg/6shO5+15ItbV6l/OnXqgaAiyxL5wNLgfQ0L8=;
b=uDyXRNVBKtE+XFqoAeugqbexpFf/WSl+fZnrfg+mmgR1WisNg1ROF9rLyFwKPo+V6L
jQHpsFwkZL5WebJd/QUalno6n6+Yi6535inT906T39h5SfKiyfvbAKBwuRck65QCknPP
9ywxB0HPu0bvyTtXTgmktZGKK7hdCEyUV6Gcmp9CiJ7FfPPXBEGt6mSRHJcZNN+7Yzus
QBWma5l1UvI81bqI7GrT5rTzWEzoyTHBpH/KfrLauIkwf/iNJ3Uhkstxg4A1rBRrqYIx
zM9s+mGIZdXPHzj4yFGo1LcBOV9e95UDso0iJSuTRDqXmSZ9BnOq5XWTLmPoX7tqm1/A
wCrA==
Sender: bitcoindev@googlegroups.com
X-Forwarded-Encrypted: i=1; AJvYcCXYLpPK5k4rM3xSIxsk1KbphgQ4EySnejyDLkZj4pTvKxOU6x0ZzAfyaIQhAjsfC0ggVQTYP/dW9nG5@gnusha.org
X-Gm-Message-State: AOJu0YwwqyraaemxDmf7JHT4wGuQHTuC8e4IifogYNf4/O/aQr9ah5s4
m8r3mO5gDIKdf5ZQN4/4K3YiMvH2o3Sy40g8p6vWdbS8naC0EBlaJ6xc
X-Google-Smtp-Source: AGHT+IEqnhIIXAlw0kkbrubW6YYPPgvMot4wyb10fNXnXBiEmIdTh9+Ha/5/JTZPtDlqDj4cKe2EXg==
X-Received: by 2002:a05:6902:1a4a:b0:e7e:fa65:8fec with SMTP id 3f1490d57ef6-e8179dad833mr2031045276.41.1749023812815;
Wed, 04 Jun 2025 00:56:52 -0700 (PDT)
X-BeenThere: bitcoindev@googlegroups.com; h=AZMbMZdt/OjtOACoY2wW8SznvA7boydTH/nAGo19LxuaQnUoWA==
Received: by 2002:a25:b216:0:b0:e7d:cffc:6cc with SMTP id 3f1490d57ef6-e7f6f7f5cb8ls7010356276.2.-pod-prod-06-us;
Wed, 04 Jun 2025 00:56:49 -0700 (PDT)
X-Received: by 2002:a05:690c:45c6:b0:70e:86a:ae12 with SMTP id 00721157ae682-710d9d6e3ddmr21277497b3.8.1749023809137;
Wed, 04 Jun 2025 00:56:49 -0700 (PDT)
Received: by 2002:a05:690c:6083:b0:70e:2cf8:9db8 with SMTP id 00721157ae682-70f980e43fams7b3;
Mon, 2 Jun 2025 11:54:09 -0700 (PDT)
X-Received: by 2002:a05:690c:6d12:b0:70e:23e6:60f7 with SMTP id 00721157ae682-71057d20cf9mr196974207b3.27.1748890448724;
Mon, 02 Jun 2025 11:54:08 -0700 (PDT)
Date: Mon, 2 Jun 2025 11:54:08 -0700 (PDT)
From: Jonathan Voss <k98kurz@gmail.com>
To: Bitcoin Development Mailing List <bitcoindev@googlegroups.com>
Message-Id: <16f0f405-3f39-498e-9399-a6050773c4c7n@googlegroups.com>
In-Reply-To: <aD2J9HNJUqaod0n2@petertodd.org>
References: <cc2f8908-f6fa-45aa-93d7-6f926f9ba627n@googlegroups.com>
<CAFC_Vt6gqV-8aoTKt2it1p9LAnvaADueHnC1cM6LQojZf6fjCw@mail.gmail.com>
<c8bbcbbb-036b-4e72-9bb5-4490e43dda21n@googlegroups.com>
<aD2J9HNJUqaod0n2@petertodd.org>
Subject: Re: [bitcoindev] Post-Quantum commit / reveal Fawkescoin variant as a
soft fork
MIME-Version: 1.0
Content-Type: multipart/mixed;
boundary="----=_Part_190950_1585333022.1748890448370"
X-Original-Sender: K98kurz@gmail.com
Precedence: list
Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com
List-ID: <bitcoindev.googlegroups.com>
X-Google-Group-Id: 786775582512
List-Post: <https://groups.google.com/group/bitcoindev/post>, <mailto:bitcoindev@googlegroups.com>
List-Help: <https://groups.google.com/support/>, <mailto:bitcoindev+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/bitcoindev
List-Subscribe: <https://groups.google.com/group/bitcoindev/subscribe>, <mailto:bitcoindev+subscribe@googlegroups.com>
List-Unsubscribe: <mailto:googlegroups-manage+786775582512+unsubscribe@googlegroups.com>,
<https://groups.google.com/group/bitcoindev/subscribe>
X-Spam-Score: -0.5 (/)
------=_Part_190950_1585333022.1748890448370
Content-Type: multipart/alternative;
boundary="----=_Part_190951_868540719.1748890448370"
------=_Part_190951_868540719.1748890448370
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
If using a monetary network requires out-of-band payments, then that=20
severely limits the actual utility of the monetary network as a medium of=
=20
exchange. Imagine if the only way to make a bank transfer was to first go=
=20
in-person to the bank of the recipient of the transfer to give them=20
something that then allowed your bank to make the transfer -- it would be=
=20
an unworkable monetary system. Similarly, if future Bitcoin transactions=20
require making out-of-band payments, then it has failed as a monetary=20
network with an endogenous unit of account. The whole system has to work=20
without reliance upon exogenous monetary media or mechanisms. As such, the=
=20
commit-and-reveal scheme fails to maintain the monetary properties of the=
=20
network as a whole unless we assert reliance upon altruism to get the=20
commitments into the blockchain, which instead breaks the incentive-based=
=20
game theoretic design. Maybe it would work as a stop-gap solution in the=20
event of the advent of a relevant quantum computer, but it is certainly not=
=20
a good long-term plan as currently formulated.
Recall the original premise: "Bitcoin: A Peer-to-Peer Electronic Cash=20
System". If you can't transact with it as cash, i.e. as the ultimate=20
endogenous settlement mechanism, then it is no longer Bitcoin. Requiring an=
=20
exogenous system fundamentally breaks the model.
-- Jonathan
On Monday, June 2, 2025 at 9:53:55=E2=80=AFAM UTC-4 Peter Todd wrote:
> On Fri, May 30, 2025 at 03:00:41PM -0700, Jonathan Voss wrote:
> > As far as I can tell, the main flaw in commit/reveal protocols is in th=
e=20
> > commit phase: if revealing a commitment with N confirmations is require=
d=20
> to=20
> > spend bitcoins, then, without spending any bitcoins, how do you get the=
=20
> > commitment into the blockchain in the first place? Maybe I am just=20
> > misunderstanding this. If so, then a commit/reveal scheme may be a=20
> workable=20
> > solution.
>
> You can always purchase new BTC to perform the commitment.
>
> Indeed, this problem is often seen in alt-coins where fees must be paid i=
n=20
> a
> native asset, while users are trying to send some kind of tokenized asset=
=20
> like
> a USD token. You can have funds that you can't move because you don't hav=
e=20
> the
> correct asset. While annoying, this isn't a fatal problem.
>
> --=20
> https://petertodd.org 'peter'[:-1]@petertodd.org
>
--=20
You received this message because you are subscribed to the Google Groups "=
Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an e=
mail to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/=
16f0f405-3f39-498e-9399-a6050773c4c7n%40googlegroups.com.
------=_Part_190951_868540719.1748890448370
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
If using a monetary network requires out-of-band payments, then that severe=
ly limits the actual utility of the monetary network as a medium of exchang=
e. Imagine if the only way to make a bank transfer was to first go in-perso=
n to the bank of the recipient of the transfer to give them something that =
then allowed your bank to make the transfer -- it would be an unworkable mo=
netary system. Similarly, if future Bitcoin transactions require making out=
-of-band payments, then it has failed as a monetary network with an endogen=
ous unit of account. The whole system has to work without reliance upon exo=
genous monetary media or mechanisms. As such, the commit-and-reveal scheme =
fails to maintain the monetary properties of the network as a whole unless =
we assert reliance upon altruism to get the commitments into the blockchain=
, which instead breaks the incentive-based game theoretic design. Maybe it =
would work as a stop-gap solution in the event of the advent of a relevant =
quantum computer, but it is certainly not a good long-term plan as currentl=
y formulated.<div><br /></div><div>Recall the original premise: "Bitcoin: A=
Peer-to-Peer Electronic Cash System". If you can't transact with it as cas=
h, i.e. as the ultimate endogenous settlement mechanism, then it is no long=
er Bitcoin. Requiring an exogenous system fundamentally breaks the model.<b=
r /><div><br /></div><div>-- Jonathan<br /><br /></div></div><div class=3D"=
gmail_quote"><div dir=3D"auto" class=3D"gmail_attr">On Monday, June 2, 2025=
at 9:53:55=E2=80=AFAM UTC-4 Peter Todd wrote:<br/></div><blockquote class=
=3D"gmail_quote" style=3D"margin: 0 0 0 0.8ex; border-left: 1px solid rgb(2=
04, 204, 204); padding-left: 1ex;">On Fri, May 30, 2025 at 03:00:41PM -0700=
, Jonathan Voss wrote:
<br>> As far as I can tell, the main flaw in commit/reveal protocols is =
in the=20
<br>> commit phase: if revealing a commitment with N confirmations is re=
quired to=20
<br>> spend bitcoins, then, without spending any bitcoins, how do you ge=
t the=20
<br>> commitment into the blockchain in the first place? Maybe I am just=
=20
<br>> misunderstanding this. If so, then a commit/reveal scheme may be a=
workable=20
<br>> solution.
<br>
<br>You can always purchase new BTC to perform the commitment.
<br>
<br>Indeed, this problem is often seen in alt-coins where fees must be paid=
in a
<br>native asset, while users are trying to send some kind of tokenized ass=
et like
<br>a USD token. You can have funds that you can't move because you don=
't have the
<br>correct asset. While annoying, this isn't a fatal problem.
<br>
<br>--=20
<br><a href=3D"https://petertodd.org" target=3D"_blank" rel=3D"nofollow" da=
ta-saferedirecturl=3D"https://www.google.com/url?hl=3Den-US&q=3Dhttps:/=
/petertodd.org&source=3Dgmail&ust=3D1748976183939000&usg=3DAOvV=
aw30SLWTOVWLLHXu9ctm9oTe">https://petertodd.org</a> 'peter'[:-1]@<a=
href=3D"http://petertodd.org" target=3D"_blank" rel=3D"nofollow" data-safe=
redirecturl=3D"https://www.google.com/url?hl=3Den-US&q=3Dhttp://peterto=
dd.org&source=3Dgmail&ust=3D1748976183939000&usg=3DAOvVaw0s2nrC=
zbnyp4yNmieblefT">petertodd.org</a>
<br></blockquote></div>
<p></p>
-- <br />
You received this message because you are subscribed to the Google Groups &=
quot;Bitcoin Development Mailing List" group.<br />
To unsubscribe from this group and stop receiving emails from it, send an e=
mail to <a href=3D"mailto:bitcoindev+unsubscribe@googlegroups.com">bitcoind=
ev+unsubscribe@googlegroups.com</a>.<br />
To view this discussion visit <a href=3D"https://groups.google.com/d/msgid/=
bitcoindev/16f0f405-3f39-498e-9399-a6050773c4c7n%40googlegroups.com?utm_med=
ium=3Demail&utm_source=3Dfooter">https://groups.google.com/d/msgid/bitcoind=
ev/16f0f405-3f39-498e-9399-a6050773c4c7n%40googlegroups.com</a>.<br />
------=_Part_190951_868540719.1748890448370--
------=_Part_190950_1585333022.1748890448370--
|
