Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193] helo=mx.sourceforge.net) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1QweiZ-0007MS-Qg for bitcoin-development@lists.sourceforge.net; Thu, 25 Aug 2011 18:31:55 +0000 Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.216.182 as permitted sender) client-ip=209.85.216.182; envelope-from=gmaxwell@gmail.com; helo=mail-qy0-f182.google.com; Received: from mail-qy0-f182.google.com ([209.85.216.182]) by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1QweiY-0000aA-Rv for bitcoin-development@lists.sourceforge.net; Thu, 25 Aug 2011 18:31:55 +0000 Received: by qyk9 with SMTP id 9so2043809qyk.13 for ; Thu, 25 Aug 2011 11:31:49 -0700 (PDT) MIME-Version: 1.0 Received: by 10.229.101.137 with SMTP id c9mr114913qco.102.1314297109412; Thu, 25 Aug 2011 11:31:49 -0700 (PDT) Received: by 10.229.114.206 with HTTP; Thu, 25 Aug 2011 11:31:49 -0700 (PDT) In-Reply-To: References: <201108241215.36847.luke@dashjr.org> Date: Thu, 25 Aug 2011 14:31:49 -0400 Message-ID: From: Gregory Maxwell To: =?UTF-8?Q?Michael_Gr=C3=B8nager?= Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-Spam-Score: -1.6 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (gmaxwell[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature 0.0 AWL AWL: From: address is in the auto white-list X-Headers-End: 1QweiY-0000aA-Rv Cc: bitcoin-development@lists.sourceforge.net Subject: Re: [Bitcoin-development] New standard transaction types: time to schedule a blockchain split? X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 25 Aug 2011 18:31:55 -0000 On Thu, Aug 25, 2011 at 3:39 AM, Michael Gr=C3=B8nager wrote: the customer to bypass the clerk and have 3 key addresses, or could we just leave it to the/a client to implement the multisign transaction after the money has been received - as a transfer to a safe? This would greatly simplify the problem and cover the vast majority of use cases. Not covered in this is huge single transfers where the intruder of a single key system finds it profitable to reveal their intrusion by grabbing the entire wallet. Obviously these things don't need to be hard coupled, since they're useful independently. But I don't agree with the premise that being able to pay directly into an escrow using an address isn't essential at least as an eventual feature. The bank analogy falls down because in our threat model people are replacing the bank teller with a convincing facsimile (malware turning your computer against you). Funds can be stolen in a microsecond, so any exposure isn't good. Again, I'm not arguing to delay anything=E2=80=94 just pointing out that th= e ability to have usable addresses (they can be long) that encode a couple escrow destination. Perhaps just an address type that can encode any payment script? User provides the inputs, sets the outputs plus and additional outputs, and signs. Client refuses to pay to an address if the resulting transaction fails IsStandard. On Thu, Aug 25, 2011 at 1:18 PM, Gavin Andresen w= rote: > 2) How often will the 1-of-3 and 3-of-3 cases be used? I included them > just for completeness, but perhaps they should be dropped for now so > there is less code to write and test. I just don't imagine there are > many cases where you have exactly three parties and 1-of-3 or 3-of-3 > are required to spend. 3-of-3 in particular seems somewhat important to me (group trust accounts). I'd really rather not drop use cases unless we're not confident that they can't be tested sufficiently simply because it'll just mean another cycle of testing later someday to test them and, honestly, a more uphill argument as the usecases get narrower and narrower. I'll spend some cycles testing whatever cases make it in.