Return-Path: Received: from smtp1.osuosl.org (smtp1.osuosl.org [IPv6:2605:bc80:3010::138]) by lists.linuxfoundation.org (Postfix) with ESMTP id 6AB98C002B for ; Tue, 7 Feb 2023 12:17:30 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id 52C4581373 for ; Tue, 7 Feb 2023 12:17:30 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org 52C4581373 X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -1.901 X-Spam-Level: X-Spam-Status: No, score=-1.901 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, NICE_REPLY_A=-0.001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id f42-npzg3GzY for ; Tue, 7 Feb 2023 12:17:28 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.8.0 DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org 9A3988135B Received: from smtpout3.mo529.mail-out.ovh.net (smtpout3.mo529.mail-out.ovh.net [46.105.54.81]) by smtp1.osuosl.org (Postfix) with ESMTPS id 9A3988135B for ; Tue, 7 Feb 2023 12:17:28 +0000 (UTC) Received: from mxplan6.mail.ovh.net (unknown [10.109.156.148]) by mo529.mail-out.ovh.net (Postfix) with ESMTPS id 262DA20E63; Tue, 7 Feb 2023 12:17:26 +0000 (UTC) Received: from peersm.com (37.59.142.108) by DAG6EX2.mxp6.local (172.16.2.52) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256) id 15.1.2507.17; Tue, 7 Feb 2023 13:17:25 +0100 Authentication-Results: garm.ovh; auth=pass (GARM-108S00276e45300-7b22-4143-84ff-5ae7d1a7a157, 03585E57F9B5A5998A85AD638F4D2FBFDA38351E) smtp.auth=aymeric@peersm.com X-OVh-ClientIp: 92.184.112.46 To: Erik Aronesty , Bitcoin Protocol Discussion , Claus Ehrenberg References: From: Aymeric Vitte Message-ID: Date: Tue, 7 Feb 2023 13:17:24 +0100 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.4.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset="windows-1252" Content-Transfer-Encoding: quoted-printable X-Originating-IP: [37.59.142.108] X-ClientProxiedBy: DAG4EX2.mxp6.local (172.16.2.32) To DAG6EX2.mxp6.local (172.16.2.52) X-Ovh-Tracer-GUID: ec448336-59e2-4e65-a6df-7535e7c4bf60 X-Ovh-Tracer-Id: 4707950463256585184 X-VR-SPAMSTATE: OK X-VR-SPAMSCORE: -100 X-VR-SPAMCAUSE: gggruggvucftvghtrhhoucdtuddrgedvhedrudegkedgfeeiucetufdoteggodetrfdotffvucfrrhhofhhilhgvmecuqfggjfdpvefjgfevmfevgfenuceurghilhhouhhtmecuhedttdenucesvcftvggtihhpihgvnhhtshculddquddttddmnecujfgurhepuffvfhevhffkffgfgggjtgfgihesthhqredttdefheenucfhrhhomhepteihmhgvrhhitgcugghithhtvgcuoegrhihmvghrihgtsehpvggvrhhsmhdrtghomheqnecuggftrfgrthhtvghrnhephfehffeujeffjeevhfetfffgheetfeelteejffegvddvieeufeejhfdtteetueffnecuffhomhgrihhnpehgihhthhhusgdrtghomhdpphgvvghrshhmrdgtohhmnecukfhppeduvdejrddtrddtrddupdefjedrheelrddugedvrddutdeknecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehinhgvthepuddvjedrtddrtddruddpmhgrihhlfhhrohhmpeeorgihmhgvrhhitgesphgvvghrshhmrdgtohhmqedpnhgspghrtghpthhtohepuddprhgtphhtthhopehrohgsvghrthdrlhgvvgdrughitghkihhnshhonhesghhmrghilhdrtghomhdprghusggvrhhgvghmvgguihgrlhgvsehgmhgrihhlrdgtohhmpdgsihhttghoihhnqdguvghvsehlihhsthhsrdhlihhnuhigfhhouhhnuggrthhiohhnrdhorhhgpdgvrhhikhesqhefvddrtghomhdpoffvtefjohhsthepmhhohedvledpmhhouggvpehsmhhtphhouhht X-Mailman-Approved-At: Tue, 07 Feb 2023 14:05:44 +0000 Cc: Robert Dickinson Subject: Re: [bitcoin-dev] Ordinal Inscription Size Limits X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 07 Feb 2023 12:17:30 -0000 Le 06/02/2023 =E0 19:05, Erik Aronesty via bitcoin-dev a =E9crit : > my favorite one is the javascript exploit for people that like to > render untrusted blockchain data in their browser Taking this example to show that from my standpoint it's not a good idea to store "big things" in the blockchain, but it's a good idea to store proofs of something ( then this is the rationale for this change request https://github.com/bitcoin/bitcoin/issues/27043), we all know that there are plenty of useless things already stored in the blockchain, now if people want to pay to store big things, then let them do it But how can you validate what is stored? Simple answer: you can't, I take in my NFT proposal the example of js code loading, it's impossible to be sure of the code loaded (and it is supposed to evolve, then which version is correct in the blockchain can be mysterious) without using a third party, that's what I am doing here: https://peersm.com/wallet, the third party is my github repo, the code self validates that it is the correct one and the user must check the hash, of course the code could lie then you should better embed the check in a bookmarklet, the page can't lie, and of course I could be a thief then others should check the code and seed the hash somewhere, even if clearly explained that the code must be used off line it's not difficult to invent different things to steal the keys Same principle applies with my NFT proposal (which can be real things, so impossible to store in the blockchain): a third party allowing a timestamp is used to prove that you are the seeder of the NFT (first owner), minting can't be trusted and then becomes useless with the third party, so you spare some bitcoin transactions Using a third party does not mean that the blockchain is of no use, again the blockchain will validate the life of the NFT and it remains decentralized like lightning