1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
|
Delivery-date: Thu, 14 Nov 2024 15:06:34 -0800
Received: from mail-qt1-f189.google.com ([209.85.160.189])
by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
(Exim 4.94.2)
(envelope-from <bitcoindev+bncBDVJRHEUX4BRB4ME3K4QMGQEYODGP3I@googlegroups.com>)
id 1tBiv4-0003yn-BW
for bitcoindev@gnusha.org; Thu, 14 Nov 2024 15:06:34 -0800
Received: by mail-qt1-f189.google.com with SMTP id d75a77b69052e-460f57b35dbsf17143041cf.1
for <bitcoindev@gnusha.org>; Thu, 14 Nov 2024 15:06:34 -0800 (PST)
ARC-Seal: i=2; a=rsa-sha256; t=1731625588; cv=pass;
d=google.com; s=arc-20240605;
b=hvUrATSd3VomhjiyJv2wHPBuuTYe6+rTi4Pzz8+u7HB+M3hvs+gAVDH+QJBR/ZxXcC
KAL6N6R1eMroA+/BeDK+bNmQbxKdh498FxOMDYvmvj4POhw67Y4y9DovYDvlqiW848yF
Wmhtf/ZZlU+kuVclRZXYBpQN6GSMXjM/xiOaFXJuJLHMaJ6Vp/S1bebja6fWZgbaMbWj
aOe4MhpHCOT4miEEAyP6TBHLrW+mA+OK4Cn+6b5QuPR5oXoed6evZgR4FeoylWQvUjwz
YqdUZ9IZwsv87DNNAbZzS/cGDUhY816U3glAs0bYICkl6HQJaTv2qweV2CAaHXBqPICV
Bs6w==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:content-disposition:mime-version
:message-id:subject:to:from:date:sender:dkim-signature;
bh=Pa3uPlRFUTY/q6otkz6qBnP/4Z+L+ZRuAgERBf197B0=;
fh=pryERuK4mHPLbuQUh5EuxlDaxfw7byHkHXYW8NaRoOI=;
b=UO7m7SAj0RMSVjoO3hwpktU2ho29D1oCc57UGI5+iM3bZ5fiwx0luk+p3/6e+20k1g
SxFnCvSJq9BNXzFeTMnUHfaQ7Rb9h5SIulxX24JanIFTZtmYaLmXBKaeOgWfM0EE/gD6
CO2UmWDAiXxtp1HCSNTgIPLuCz9ew7HTD0YBcgZRiW6b+NGbkhqHmxd/C0L0PQ18vLkS
X1D4cSksCOTsryAvuwAr2UmWl3oOgPNmCmgO5tQLsZU+6E0jyi6mZZzWNChAbiJMOTLx
G8TUfG4Q66Mlie+Kk+IdZvzQgwkiN1a+upSThyGUkUMz4MV1dTT/WfUa2+Q6x55K3a6u
ShvA==;
darn=gnusha.org
ARC-Authentication-Results: i=2; gmr-mx.google.com;
dkim=pass header.i=@reardencode.com header.s=mail header.b=LWKllkSM;
spf=pass (google.com: domain of freedom@reardencode.com designates 2607:f2f8:ad40:ea11::1 as permitted sender) smtp.mailfrom=freedom@reardencode.com;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=reardencode.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=googlegroups.com; s=20230601; t=1731625588; x=1732230388; darn=gnusha.org;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:x-original-authentication-results
:x-original-sender:content-disposition:mime-version:message-id
:subject:to:from:date:sender:from:to:cc:subject:date:message-id
:reply-to;
bh=Pa3uPlRFUTY/q6otkz6qBnP/4Z+L+ZRuAgERBf197B0=;
b=gwGqqIVmhv+gsJfBKKGTEoH2Sgu0HtOuKJ3UZTnuD5U+GG2vYtzfmLD11j4PEbdAl3
cM9fa+hFFlV6r435PSeYbDw/LTyQpUFfe3hbVwWc9KxDDpVNwUqMn555oSOexjX2ZrJ3
iayG/YI1S41fRC1K2PkHHtxvnYBYcwnUD6OOr+Tlbog+dbCmJy25syuNU2BHDj/Lb8AZ
ZCkAAXXSebd1MzNfVOb5ZctT8HYR+giPsS7dKbSHNzcLhMh4SfRO3Ath1+PWYmix5E64
f/zecSqWkkOVl6FCbLsQ22Zf5sUHXroshXahP6pmemEFKXf8DJcGX50sUirY+YvvuRWx
niPw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1731625588; x=1732230388;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:x-original-authentication-results
:x-original-sender:content-disposition:mime-version:message-id
:subject:to:from:date:x-beenthere:x-gm-message-state:sender:from:to
:cc:subject:date:message-id:reply-to;
bh=Pa3uPlRFUTY/q6otkz6qBnP/4Z+L+ZRuAgERBf197B0=;
b=OP6lW4QFbv+1siFA4Z5UE2QVCzzZ8Dz7TQw9Ov1JZIuz9zwlhrqzCDW5LECJ9oMgf+
HsrLsdQfz+ryUwNpBkZkEzQRSK1pgpnXp/ugLQvkX5ZYvQt3zBm27bc4HYfA/Rsg4nY/
TBOQtYFGkvIjOF0Hg8/Q71HqVOK0COyWAXPw8+08tr+1iOZAc2r66WYp1ZOcstV544Nm
oHuHdpigjkxOc110KjzjtbiVgz1NSH8RSJCybtYDz2H1Y7riw6FKF9jByZP9JU6Fdpw4
qifiSXdFyX1ypeHO5KYbn3sJHoL4jWbTyRap8bECbqq5ksYBObUGPb+/XuOoYjsz1Kwj
Y5BQ==
Sender: bitcoindev@googlegroups.com
X-Forwarded-Encrypted: i=2; AJvYcCVekQB6V5F6/4RJ+ItpK+HripZfWE2mKExY0SjH5SLebxmMM30mfy9TuDU25SGacV3GvCxcFuo0Zlwc@gnusha.org
X-Gm-Message-State: AOJu0Yw7rhcZrj1hiFxwe9+yUZ1aIeLWqBUHKnjArjlw7wl1LGogV3vs
PS4DaLnzQilZ2eTF7JIokgSNP+wp3W3RP81OblEGkNW+GpTjwOyq
X-Google-Smtp-Source: AGHT+IH0IR++pmBLwul0S0t9mgojKTcdWRnW1Fw/E/71264eZnvlhkpnyBKUSUGGvVKOYbP4o4zeOQ==
X-Received: by 2002:a05:622a:22a3:b0:463:59f2:1835 with SMTP id d75a77b69052e-46363ec8b91mr7662011cf.54.1731625587590;
Thu, 14 Nov 2024 15:06:27 -0800 (PST)
X-BeenThere: bitcoindev@googlegroups.com
Received: by 2002:a05:622a:181b:b0:461:6d22:ba36 with SMTP id
d75a77b69052e-46356f7af4dls16883751cf.1.-pod-prod-09-us; Thu, 14 Nov 2024
15:06:25 -0800 (PST)
X-Received: by 2002:a05:622a:345:b0:460:e593:45aa with SMTP id d75a77b69052e-46363e3ebe5mr6505201cf.33.1731625585296;
Thu, 14 Nov 2024 15:06:25 -0800 (PST)
Received: by 2002:ae9:c002:0:b0:7b1:4744:32d3 with SMTP id af79cd13be357-7b35b0a1848ms85a;
Thu, 14 Nov 2024 14:03:24 -0800 (PST)
X-Received: by 2002:a05:6122:3d09:b0:50d:5ab3:5209 with SMTP id 71dfb90a1353d-5147866aa2bmr695549e0c.8.1731621804045;
Thu, 14 Nov 2024 14:03:24 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1731621804; cv=none;
d=google.com; s=arc-20240605;
b=hP+tb9ASeMzRduWDRxfDkPLH4pkd9nQ8Dqo6vIa/QeD8eUaCV5AC/osxuZ5C0Qm4mO
WDlrokiLxiD2y7+WSIwv7Sj9EY8OX0gEvvuL0EYGUKfnABwq9EUiPC9tmTI4iGLS6Guv
CXJ5KH+LR/QKbwhWClO2Jmhn4BbFUxo6Y+II7QdxgzuIceT74Ck7okeneXiFx0XZfe27
KQGAfNM+59O1xVs8JMfZiTbGxen81D4odedK5EpQFL1xSDEktU84kSAOtFzSPyy5jF0G
WB+sRdvtjAtvAcKFdZqkthfafbjgUcAvpSeAp6TVbYWMf9GuTiOurxZ8OyOzIy5Xj2gw
ietw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
h=content-disposition:mime-version:message-id:subject:to:from
:dkim-signature:date;
bh=iNiGMzLmeQhXusUudm0seew+bAH4r3021BKgs/DcTSE=;
fh=VcGcg+Zjs9gw1uDcHbxsAILhBAcecnbJzZRdxgKVDIc=;
b=OUYAwt39jLckTWIEQgWfJ4FSOBUluUVwviKJpJo9qcbIIxVVzj1BbBehpmrZNXhnCb
Qjy6y3d5Run0I2L5rVSJng7ebFtFRKMI00zCPWTZy83OCvNveSQxAvy7IeaW0quDDeCf
KPG0CXs6q8+TJKurEgbWeZLJ2/oKaaaeXqt+NSJJgHpTo8TX29qilMizc2sbmx7QfvMv
Xkx3PujmqtPVVNNLqvIFhsSp6Urw1FvRLeUTABIixdls0sfTc3m7WGi7kn4UNTDLW67T
aFA0vAQp5z1UXo9CVFdmULpxbf7TtPMNtCKMZck8ul5S4x3IdYJ3GWa4mLsa2bClGOfV
mI8A==;
dara=google.com
ARC-Authentication-Results: i=1; gmr-mx.google.com;
dkim=pass header.i=@reardencode.com header.s=mail header.b=LWKllkSM;
spf=pass (google.com: domain of freedom@reardencode.com designates 2607:f2f8:ad40:ea11::1 as permitted sender) smtp.mailfrom=freedom@reardencode.com;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=reardencode.com
Received: from mail.reardencode.com ([2607:f2f8:ad40:ea11::1])
by gmr-mx.google.com with ESMTPS id 71dfb90a1353d-51479b09473si13731e0c.2.2024.11.14.14.03.23
for <bitcoindev@googlegroups.com>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Thu, 14 Nov 2024 14:03:23 -0800 (PST)
Received-SPF: pass (google.com: domain of freedom@reardencode.com designates 2607:f2f8:ad40:ea11::1 as permitted sender) client-ip=2607:f2f8:ad40:ea11::1;
Date: Thu, 14 Nov 2024 14:02:49 -0800
From: Brandon Black <freedom@reardencode.com>
To: bitcoindev@googlegroups.com
Subject: [bitcoindev] CHECKSIGFROMSTACK(VERIFY/ADD)
Message-ID: <ZzZziZOy4IrTNbNG@console>
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
Content-Disposition: inline
X-Operating-System: Linux 6.6.36 x86_64
X-Original-Sender: freedom@reardencode.com
X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass
header.i=@reardencode.com header.s=mail header.b=LWKllkSM; spf=pass
(google.com: domain of freedom@reardencode.com designates 2607:f2f8:ad40:ea11::1
as permitted sender) smtp.mailfrom=freedom@reardencode.com; dmarc=pass
(p=NONE sp=NONE dis=NONE) header.from=reardencode.com
Precedence: list
Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com
List-ID: <bitcoindev.googlegroups.com>
X-Google-Group-Id: 786775582512
List-Post: <https://groups.google.com/group/bitcoindev/post>, <mailto:bitcoindev@googlegroups.com>
List-Help: <https://groups.google.com/support/>, <mailto:bitcoindev+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/bitcoindev
List-Subscribe: <https://groups.google.com/group/bitcoindev/subscribe>, <mailto:bitcoindev+subscribe@googlegroups.com>
List-Unsubscribe: <mailto:googlegroups-manage+786775582512+unsubscribe@googlegroups.com>,
<https://groups.google.com/group/bitcoindev/subscribe>
X-Spam-Score: -0.8 (/)
Hi list,
As we're working toward numbering and merge for the CHECKSIGFROMSTACK
(CSFS) BIP, there are 2 open questions[1] that may be worth resolving
before it is merged as a draft:
* Should CHECKSIGFROMSTACKVERIFY (CSFSV) be added to pre-tapscript?
The proposed opcode always evaluates BIP340 Schnorr signatures
regardless of script version, so making it available in earlier script
versions makes Schnorr signatures available on those script versions for
certain use cases.
My personal thinking in initially including CSFSV in earlier script
versions was basically that it's compatible with NOP forking, so why
not. Because LNHANCE includes CTV which is designed as a NOP compatible
upgrade, also including CSFSV fits well with CTV.
The other side of the argument is that we shouldn't include
compatibility with earlier script versions unless there's a concrete
benefit to doing so. For CTV, the possibility of bare CTV is a
compelling reason to add it to earlier script versions, but there's not
a similarly compelling reason to include CSFSV.
Using a scarce NOP to provide Schnorr signed commitments to earlier
scripts may not be worthwhile.
* Should we include CHECKSIGFROMSTACKADD?
Obviously, if script multisig is going to be a common use case for
checking signatures on stack data CHECKSIGFROMSTACKADD simplifies the
corresponding scripts by a few WU per key. As MuSig2 and FROST are
progressing in standardization and implementation, I do not expect
script multisig to be a dominant use for these opcodes, so I did not
include CSFSA initially.
Here the argument is somewhat the inverse of CSFSV on legacy: We have
many OP_SUCCESSes available, so the cost of allocating one for CSFSA is
low, and the benefit is that making script multisigs with CSFSA (such as
those produced by miniscript) is simpler and less error prone.
--
I would love to hear thoughts about both of these questions from the
list, and will update the BIP and implementations of CSFS(V/A) based on
your feedback.
Thanks much!
--Brandon
[1]: https://github.com/bitcoin/bips/pull/1535#issuecomment-2111195930
--
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/ZzZziZOy4IrTNbNG%40console.
|