Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192]
	helo=mx.sourceforge.net)
	by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <pete@petertodd.org>) id 1UjBsn-0006Ex-Vo
	for bitcoin-development@lists.sourceforge.net;
	Sun, 02 Jun 2013 17:15:54 +0000
Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of petertodd.org
	designates 62.13.149.43 as permitted sender)
	client-ip=62.13.149.43; envelope-from=pete@petertodd.org;
	helo=outmail149043.authsmtp.co.uk; 
Received: from outmail149043.authsmtp.co.uk ([62.13.149.43])
	by sog-mx-2.v43.ch3.sourceforge.com with esmtp (Exim 4.76)
	id 1UjBsm-0003rz-Mb for bitcoin-development@lists.sourceforge.net;
	Sun, 02 Jun 2013 17:15:53 +0000
Received: from mail-c226.authsmtp.com (mail-c226.authsmtp.com [62.13.128.226])
	by punt9.authsmtp.com (8.14.2/8.14.2/Kp) with ESMTP id r52HFkMe089539
	for <bitcoin-development@lists.sourceforge.net>;
	Sun, 2 Jun 2013 18:15:46 +0100 (BST)
Received: from savin (76-10-178-109.dsl.teksavvy.com [76.10.178.109])
	(authenticated bits=128)
	by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id r52HFe22017314
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO)
	for <bitcoin-development@lists.sourceforge.net>;
	Sun, 2 Jun 2013 18:15:42 +0100 (BST)
Resent-From: Peter Todd <pete@petertodd.org>
Resent-Date: Sun, 2 Jun 2013 13:15:39 -0400
Resent-Message-ID: <20130602171539.GA18108@savin>
Resent-To: bitcoin-development@lists.sourceforge.net
Date: Sun, 2 Jun 2013 02:13:27 -0400
From: Peter Todd <pete@petertodd.org>
To: Gavin <gavinandresen@gmail.com>
Message-ID: <20130602061327.GA14148@savin>
References: <20130601193036.GA13873@savin>
	<38A06794-B6B4-45F3-99C1-24B08434536D@gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature"; boundary="k1lZvvs/B4yU6o8G"
Content-Disposition: inline
In-Reply-To: <38A06794-B6B4-45F3-99C1-24B08434536D@gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-Server-Quench: 0e4f0aee-cba8-11e2-98a9-0025907ec6c5
X-AuthReport-Spam: If SPAM / abuse - report it at:
	http://www.authsmtp.com/abuse
X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVJwpGK10IU0Fd
	P1hXKl1LNVAaWXld WiVPGEoXDxgzCjYj NEgGOBsDNw4AXwd1
	Kg0XXVBSFQZ4ABQL BxsUVhs8cANYeX5u ZEFqQHFbVVt/fUFi
	QwAWEG9+EzJiamAe V0NZc01TeQVCMB8Q bgZ/BSZYfDZVN3J9
	RlY+ZXVgbTwObXwN GFxcdQ0fShgAQygG SkJKLh8uAUYCRiN2
	IxE4J1obBEMcNFkH eWM7XkofKBYWWEVF GE9RRSFePVpJWy1j
	CApZUCxWGTtMRiFR RxYhJFpTGjFUVmJf GVddVg0UQz5DSzFF
	TjpUWCkgRFYuPQpz anxXOwU2EB4lIwAA 
X-Authentic-SMTP: 61633532353630.1020:706
X-AuthFastPath: 0 (Was 255)
X-AuthSMTP-Origin: 76.10.178.109/587
X-AuthVirus-Status: No virus detected - but ensure you scan with your own
	anti-virus system.
X-Spam-Score: -1.5 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
	-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
	sender-domain
	-0.0 SPF_PASS               SPF: sender matches SPF record
X-Headers-End: 1UjBsm-0003rz-Mb
Subject: Re: [Bitcoin-development] Proposal: soft-fork to make
 anyone-can-spend outputs unspendable for 100 blocks
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Sun, 02 Jun 2013 17:15:54 -0000


--k1lZvvs/B4yU6o8G
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Sat, Jun 01, 2013 at 10:32:07PM -0400, Gavin wrote:
> Feels like a new opcode might be better.
>=20
> Eg  <data> 100 OP_NOP1
>=20
> ... Where op_nop1 is redefined to be 'verify depth' ...=20

Good idea.

Either way, looks like complex announce-commit logic isn't needed and a
simple txout with one of a few possible forms will work.

I'd say we tell people to sacrifice to (provably) unspendable for now
and do a soft-fork later if there is real demand for this stuff in the
future.

> On Jun 1, 2013, at 3:30 PM, Peter Todd <pete@petertodd.org> wrote:
>=20
> > Currently the most compact way (proof-size) to sacrifice Bitcoins that
> > does not involve making them unspendable is to create a anyone-can-spend
> > output as the last txout in the coinbase of a block:
> >=20
> > scriptPubKey: <data> OP_TRUE
> >=20
> > The proof is then the SHA256 midstate, the txout, and the merkle path to
> > the block header. However this mechanism needs miner support, and it is
> > not possible to pay for such a sacrifice securely, or create an
> > assurance contract to create one.
> >=20
> > A anyone-can-spend in a regular txout is another option, but there is no
> > way to prevent a miner from including a transaction spending that txout
> > in the same block. Once that happens, there is no way to prove the miner
> > didn't create both, thus invalidating the sacrifice. The announce-commit
> > protocol solves that problem, but at the cost of a much larger proof,
> > especially if multiple parties want to get together to pay the cost of
> > the sacrifice. (the proof must include the entire tx used to make the
> > sacrifice)
> >=20
> > However if we add a rule where txouts ending in OP_TRUE are unspendable
> > for 100 blocks, similar to coinbases, we fix these problems. The rule
> > can be done as a soft-fork with 95% support in the same way the
> > blockheight rule was implemented. Along with that change
> > anyone-can-spend outputs should be make IsStandard() so they will be
> > relayed.
> >=20
> > The alternative is sacrifices to unspendable outputs, which is very
> > undesirable compared to sending the money to miners to further
> > strengthen the security of the network.
> >=20
> > We should always make it easy for people to write code that does what is
> > best for Bitcoin.

--=20
'peter'[:-1]@petertodd.org
0000000000000092f448c7630e47584650efa7e27604161c0b5984d603d944ea

--k1lZvvs/B4yU6o8G
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQEcBAEBCAAGBQJRquKHAAoJECSBQD2l8JH7gwUIAKzonCjRemkq0u/9LGpXMA+p
yBJc3gLCHhuWpuZiQslY87eEVRdx97ZS4Rlq29tt0qVcIZzrNTT8TuCjOMhPcK+n
w4jTu6YbK8k9t9LjHG6+XRF3f186zoeKtCo6drCy98s9AvLBr9eMElEqmVJWkI3u
yPP5T6aiyN2hzTXiRhxBBqQOgaNRzr2B+yRY2kzIWaUhe2qPi9Gd00oS3SYAXD7O
CkATyCDf7EiaO3lChqlUodkcQod8wp7PfFScwv+Q+RXSYAgskPTrwHTJuQCFabjO
03zav9Rvt0fGOE2uVpI3Uob85vSlK04XGTtC/MAAbYN+Y1/VvsnFnEC3uiW6Tpk=
=jlxA
-----END PGP SIGNATURE-----

--k1lZvvs/B4yU6o8G--