Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id C3CDA4A4 for ; Mon, 22 May 2017 14:41:41 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-ua0-f169.google.com (mail-ua0-f169.google.com [209.85.217.169]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 6A0A41D8 for ; Mon, 22 May 2017 14:41:41 +0000 (UTC) Received: by mail-ua0-f169.google.com with SMTP id u10so60483619uaf.1 for ; Mon, 22 May 2017 07:41:41 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=nnu4My7IZJhrl9AsImtoCM9Zir4K+fLlE+G60c8qCHU=; b=jzFdvkf4aKo/RU8NbYGwl3dask6PUL3wSeUI2WrwSq690G8CZrhG+wxqBOY2t+7HtU RcAPY4olbTCoeESxUzOHySlCDGVgdgDkPf/J+mC5EvaTe/ygzzMY1I3C0uBPmBCbbvso tjW2gCn79XDW7pQuqHTtXj7s9eMzqwTtHNqd2ZQ/FVsKfMwKRbK0QW3L8Aydae6n9B1m sRXE6K2Q6dfKdrHzRxA8xlGkU2a7OkLzrUBWcCTOQ3Hml298ftB2bzlp3oWb2Cbh440a W3Veu5SW/Ojup4IqxN+YJkWx9L9IsvVGrT+k/8cRE8Ps0kFG/JtSZxVjjlgY8b1Wbd9h XmDQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=nnu4My7IZJhrl9AsImtoCM9Zir4K+fLlE+G60c8qCHU=; b=faoUpGz3sB2s3gxClO1qxbqmxbBFwPp6nuEwD2Ue9D902Ekvqoejjm4B+712Ljuafv U3E4N06yoJ9xZk2TGTLeDsVTQ/chR2EaBLSdbrkHODcHixtKZbwbj1g9GUxIl2G24e/C /1/Oedp8+T80MCoVU4UIudjyLR9zfx+pLFzHDHNiNYyh//xccTh0qKEuDNIE+2Zits4G GcGSEHTmg/teE9iM5+k5tSbyvvfjn17RxotL4QHLnnhwnrUD4FNa29Wy3kweAS1tchu4 P+QbdZnKMdyj7v793YvPz2bU1imSO7O/odU1IyrdpKtDD4jzFZZTbmY6RP+Z+eulCHRP 7VeQ== X-Gm-Message-State: AODbwcAViXVX5thOCcplMkau3kRw8uG59d3zQbQrEuP1vt96qlIW2QzH GiylkUs4TwcfcnxJ5PosB5qMzi+93Q== X-Received: by 10.159.37.150 with SMTP id 22mr10104821uaf.72.1495464100620; Mon, 22 May 2017 07:41:40 -0700 (PDT) MIME-Version: 1.0 Received: by 10.159.36.204 with HTTP; Mon, 22 May 2017 07:41:40 -0700 (PDT) Received: by 10.159.36.204 with HTTP; Mon, 22 May 2017 07:41:40 -0700 (PDT) In-Reply-To: <20170522140919.GA17878@fedora-23-dvm> References: <20170522140919.GA17878@fedora-23-dvm> From: Ethan Heilman Date: Mon, 22 May 2017 10:41:40 -0400 Message-ID: To: Peter Todd Content-Type: multipart/alternative; boundary="001a113c82367df05005501ddea8" X-Spam-Status: No, score=-1.5 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, HTML_MESSAGE, RCVD_IN_DNSWL_NONE, RCVD_IN_SORBS_SPAM autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Cc: Bitcoin Dev Subject: Re: [bitcoin-dev] A proposal to reintroduce the disabled script opcodes X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 22 May 2017 14:41:41 -0000 --001a113c82367df05005501ddea8 Content-Type: text/plain; charset="UTF-8" >It'd help your case if you gave us some examples of such scripts being used. I want OP_CAT so that I can securely and compactly verify many hashes and hash preimages. This would shrink offchain Tumblebit transactions significantly. For instance if I want a transaction TxA which checks that a transaction TxB releases preimages x1,x2,...,x10 such that y1=H(x1), y2=H(x2),...,y10=H(x10). Currently I just put y1,...y10 and check that the preimahes hash correctly. With OP_CAT I would only have to store one hash in TxA, yhash ytotal = H(OP_CAT(H(OP_CAT(y1, y2)),y3)...y10) TxA could then just hash all the preimages supplied by TxB and confirm they hash to TxA. This would reduce the size of TxA from approx 10*32B to 32+10*16B. I have a version which improves this further but it is more complex. Most of the math OP codes aren't particularly helpful due to their 32bit nature and their strange overflow behavior. --001a113c82367df05005501ddea8 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
>It'd help your case if you gave us some examples of such scripts be= ing used.

I want OP_CAT so tha= t I can securely and compactly verify many hashes and hash preimages. This = would shrink offchain Tumblebit transactions significantly.

For instance if I want a transaction TxA whic= h checks that a transaction TxB releases preimages x1,x2,...,x10 such that<= /div>
y1=3DH(x1), y2=3DH(x2),...,y10=3DH(x10). Currently I= just put y1,...y10 and check that the preimahes hash correctly. With OP_CA= T I would only have to store one hash in TxA, yhash
=
ytotal =3D H(OP_CAT(H(OP_CAT(y1, y2)),y3)...y10= )

TxA could then just ha= sh all the preimages supplied by TxB and confirm they hash to TxA. This wou= ld reduce the size of TxA from approx 10*32B to 32+10*16B. I have a version= which improves this further but it is more complex.

Most of the math OP codes aren't particularly helpful due t= o their 32bit nature and their strange overflow behavior.
=
--001a113c82367df05005501ddea8--