Return-Path: Received: from smtp4.osuosl.org (smtp4.osuosl.org [IPv6:2605:bc80:3010::137]) by lists.linuxfoundation.org (Postfix) with ESMTP id 6A748C000E for ; Sun, 4 Jul 2021 13:10:49 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 56A99403E4 for ; Sun, 4 Jul 2021 13:10:49 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -1.599 X-Spam-Level: X-Spam-Status: No, score=-1.599 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_FROM=0.001, FROM_LOCAL_NOVOWEL=0.5, RCVD_IN_MSPIKE_H4=0.001, RCVD_IN_MSPIKE_WL=0.001, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Authentication-Results: smtp4.osuosl.org (amavisd-new); dkim=pass (1024-bit key) header.d=protonmail.com Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id QiZLNV039K57 for ; Sun, 4 Jul 2021 13:10:47 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 Received: from mail-4324.protonmail.ch (mail-4324.protonmail.ch [185.70.43.24]) by smtp4.osuosl.org (Postfix) with ESMTPS id 6398E40441 for ; Sun, 4 Jul 2021 13:10:47 +0000 (UTC) Date: Sun, 04 Jul 2021 13:10:36 +0000 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=protonmail.com; s=protonmail; t=1625404244; bh=wfJWq8NsX/U51ar64CdXmEc0P0r3s5ATEKjnlFfgBN8=; h=Date:To:From:Cc:Reply-To:Subject:In-Reply-To:References:From; b=jKYq6d01bX7iseauXjBswZ6cMPnxBzB22bJ/XsP4kkV7n3WbB0TCP8bR+CF9VSmOi k0tYtgMeyuC2CJUzwZh43DNugAfIJXCtXS6fCQEvDdkl/pDUmEQPxI4xgA3UYblRaR 1IpA1fBH+4YiyCxriYDATb2uCNC8G+WuwUW65/kE= To: ZmnSCPxj , Bitcoin Protocol Discussion From: ZmnSCPxj Reply-To: ZmnSCPxj Message-ID: In-Reply-To: <5g9bzPMinzlRiQhDmlVBo1OQyR516-RABcphP1QiiLBbS47dZwvz_ufqLndLcUZL4OApEZvP60k4hliVuK50lEJkN1qY0QppKx2uUXpEkLY=@protonmail.com> References: <5g9bzPMinzlRiQhDmlVBo1OQyR516-RABcphP1QiiLBbS47dZwvz_ufqLndLcUZL4OApEZvP60k4hliVuK50lEJkN1qY0QppKx2uUXpEkLY=@protonmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Subject: Re: [bitcoin-dev] CheckSigFromStack for Arithmetic Values X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 04 Jul 2021 13:10:49 -0000 Good morning Erik and Jeremy, > The "for" arithmetic here is largely to mean that this cleverness allows = an implementation of `OP_CHECKSIGFROMSTACK`, using arithmetic operation `OP= _ADD`. > > To my mind this cleverness is more of an argument against ever enabling `= OP_ADD` and friends, LOL. > This is more of a "bad but ridiculously clever thing" post than a "Bitcoi= n should totally use this thing" post. Turns out `OP_ADD` is actually still enabled in Bitcoin, LOL, I thought it = was hit in the same banhammer that hit `OP_CAT` and `OP_MUL`. Limited to 32 bits, but that simply means that you just validate longer bit= vectors (e.g. the `s` in the "lamport-sign the EC signature") in sections o= f 32 bits. In any case, the point still mostly stands, I think this is more of a "over= all bad but still ridiculously clever" idea; the script and witness sizes a= re fairly awful. Mostly just worth discussing just in case it triggers somebody else to thin= k of a related idea that takes some of the cleverness but is overall better= . On the other hand if we can actually implement the "Lamport-sign the EC sig= " idea (I imagine the 32-bit limit requires some kind of `OP_CAT` or simila= r, or other bit or vector slicing operetion), that does mean Bitcoin is alr= eady quantum-safe (but has a fairly lousy quantum-safe signing scheme, I re= ally do not know the characteristics of better ones though). Regards, ZmnSCPxj