MIME-Version: 1.0
References: <CALZpt+FhpZETHP8UpDGgw-Wg=m4Hxm8y9XZ9kXYgmt90_6Zt6w@mail.gmail.com>
 <XSc7hh8TBcrQc8YsYbCj4dmf3YkdQwJAv50lIcAK7rMYH9gChkn_S3SkJFmATwCrD-klYeJ55FajcGQ1HVuY0msxyiah8rLbVlQG7sXkAmo=@protonmail.com>
 <CALZpt+HerfG6hfkPksN=0ih5pRP6m0qAnxH3au7h3gadnHPKdQ@mail.gmail.com>
 <oYPIKqafRHCflmFrB8HcUnhyFabJo7u4sT8w8DPBIQ1lWcuQGiPs-dhJiupOdCnmrc_3zRhq36VngKBgSXee-hFoe6C_sUYkcz9hNz1cfAA=@protonmail.com>
 <0tp0SQgSX6kVG84bQ6fk7umnv3IaC2Nx6leiGYxhayz2HCQymAuBJxaODFijqLPP0nJ1b41wE4wlC-0_H8eN2GadtVEqGBGWGlzuMtfjhDo=@protonmail.com>
In-Reply-To: <0tp0SQgSX6kVG84bQ6fk7umnv3IaC2Nx6leiGYxhayz2HCQymAuBJxaODFijqLPP0nJ1b41wE4wlC-0_H8eN2GadtVEqGBGWGlzuMtfjhDo=@protonmail.com>
From: Antoine Riard <antoine.riard@gmail.com>
Date: Mon, 25 Jul 2022 23:20:31 -0400
Message-ID: <CALZpt+GPNQU6MdFgWZwJwGpLw1X36dhT0sqoY4deS7SYNWiwWA@mail.gmail.com>
To: ZmnSCPxj <ZmnSCPxj@protonmail.com>
Content-Type: multipart/alternative; boundary="0000000000001911e105e4acc9db"
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] On a new community process to specify covenants
Precedence: list

--0000000000001911e105e4acc9db
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

Hi Zeeman,

So on the first concern of using an "economic simulation" or
sidechains/other cryptocurrencies to gather feedback about interest of
Script extensions, I wonder about the value transitivity of such a process
to measure consensus. Namely, if you have asset X picked up in system A, it
doesn't tell you the same asset X is preferred in system B, unless I think
you have the same agent. However, in cryptocurrencies, at least in Bitcoin,
we assume pseudonymous participants. So it can be really hard to say it's
the same agent to qualify its utility. Of course, you could have some
linking between system A and system B, like signatures if the same signing
scheme is used. However if it's possible why not use direct assets in
system B to express a preference ? Maybe in the future if we have a
privacy-preserving coins ownership proof system we could use that as one
consensus indicator [0] ?

At least in terms of community decision-making, the more we have
trust-minimized data signals, _assuming_ we have the information
capabilities to process them, the better we're.

That said, about the covenant working group/process I'm proposing I would
like to stay on the use-cases collection, deep trade-offs analysis and
adequate covenant designs grounds.

Activation really should be its own dedicated process, well-splitted in
terms of communication channels, documentation archive and timeframes.

About a generic contracting platform approach, I think for sure it would be
a huge gain in flexibility for multi-party contract protocols design though
there is at least three caveats in my opinion 1) we might open a Pandora
Box enabling one to design trustless bribing contracts towards miners to
attack existent deployed Bitcoin use-cases like Lightning (not a
theoretical concern at all when we look on the wild west of Defi in other
cryptocurrencies) 2) the multi-party contract protocol problem space is
relatively early, we might evolve the primitive abstraction with which
we're dealing and the language itself should evolve 3) we might still have
to do a lot of economic engineering if the microcode operations or syntax
units of the language are bounding well to validation nodes ressources.

So IMHO, a lot of unknowns about a generic contracting platform (even if
it's tempting from an application developer viewpoint I know)

[0]
https://lists.linuxfoundation.org/pipermail/lightning-dev/2020-November/002=
884.html
[1] For example an input-output bundle abstraction might be better for
fee-bumping reasons:
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2021-July/019243.ht=
ml

Le dim. 24 juil. 2022 =C3=A0 19:40, ZmnSCPxj <ZmnSCPxj@protonmail.com> a =
=C3=A9crit :

> Good morning alia, Antoine, and list,
>
> > Hi Antoine,
> > Claiming Taproot history, as best practice or a standard methodology in
> bitcoin development, is just too much. Bitcoin development methodology is
> an open problem, given the contemporary escalation/emergence of challenge=
s,
> history is not  entitled to be hard coded as standard.
> >
> > Schnorr/MAST development history, is a good subject for case study, but
> it is not guaranteed that the outcome to be always the same as your take.
> >
> > I'd suggest instead of inventing a multi-decades-lifecycle based
> methodology (which is weird by itself, let alone installing it as a
> standard for bitcoin projects), being open-mind  enough for examining mor=
e
> agile approaches and their inevitable effect on the course of discussions=
,
>
> A thing I have been mulling is how to prototype such mechanisms more
> easily.
>
> A "reasonably standard" approach was pioneered in Elements Alpha, where a=
n
> entire federated sidechain is created and then used as a testbed for new
> mechanisms, such as SegWit and `OP_CHECKSIGFROMSTACK`.
> However, obviously the cost is fairly large, as you need an entire
> federated sidechain.
>
> It does have the nice advantage that you can use "real" coins, with real
> value (subject to the federation being trustworthy, admittedly) in order =
to
> convincingly show a case for real-world use.
>
> As I pointed out in [Smart Contracts Unchained](
> https://zmnscpxj.github.io/bitcoin/unchained.html), an alternative to
> using a blockchain would be to use federated individual coin outpoints.
>
> A thing I have been pondering is to create a generic contracting platform
> with a richer language, which itself is just used to implement a set of
> `OP_` SCRIPT opcodes.
> This is similar to my [Microcode proposal](
> https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-March/020158=
.html)
> earlier this year.
> Thus, it would be possible to prototype new `OP_` codes, or change the
> behavior of existing `OP_` codes (e.g. `SIGHASH_NOINPUT` would be a chang=
e
> in behavior of existing `OP_CHECKSIG` and `OP_CHECKMULTISIG`), by having =
a
> translation from `OP_` codes to the richer language.
> Then you could prototype a new SCRIPT `OP_` code by providing your own
> translation of the new `OP_` code and a SCRIPT that uses that `OP_` code,
> and using Smart Contract Unchained to use a real funds outpoint.
>
> Again, we can compare the Bitcoin consensus layer to a form of hardware:
> yes, we *could* patch it and change it, but that requires a ***LOT*** of
> work and the new software has to be redeployed by everyone, so it is,
> practically speaking, hardware.
> Microcode helps this by adding a softer layer without compromising the
> existing hard layer.
>
> So... what I have been thinking of is creating some kind of smart
> contracts unchained platform that allows prototyping new `OP_` codes usin=
g
> a microcode mechanism.
>
> Regards,
> ZmnSCPxj
>

--0000000000001911e105e4acc9db
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">Hi Zeeman,<br><br>So on the first concern of using an &quo=
t;economic simulation&quot; or sidechains/other cryptocurrencies to gather =
feedback about interest of Script extensions, I wonder about the value tran=
sitivity of such a process to measure consensus. Namely, if you have asset =
X picked up in system A, it doesn&#39;t tell you the same asset X is prefer=
red in system B, unless I think you have the same agent. However, in crypto=
currencies, at least in Bitcoin, we assume pseudonymous participants. So it=
 can be really hard to say it&#39;s the same agent to qualify its utility. =
Of course, you could have some linking between system A and system B, like =
signatures if the same signing scheme is used. However if it&#39;s possible=
 why not use direct assets in system B to express a preference ? Maybe in t=
he future if we have a privacy-preserving coins ownership proof system we c=
ould use that as one consensus indicator [0] ?<br><br>At least in terms of =
community decision-making, the more we have trust-minimized data signals, _=
assuming_ we have the information capabilities to process them, the better =
we&#39;re.<br><br>That said, about the covenant working group/process I&#39=
;m proposing I would like to stay on the use-cases collection, deep trade-o=
ffs analysis and adequate covenant designs grounds.<br><br>Activation reall=
y should be its own dedicated process, well-splitted in terms of communicat=
ion channels, documentation archive and timeframes.<br><br>About a generic =
contracting platform approach, I think for sure it would be a huge gain in =
flexibility for multi-party contract protocols design though there is at le=
ast three caveats in my opinion 1) we might open a Pandora Box enabling one=
 to design trustless bribing contracts towards miners to attack existent de=
ployed Bitcoin use-cases like Lightning (not a theoretical concern at all w=
hen we look on the wild west of Defi in other cryptocurrencies) 2) the mult=
i-party contract protocol problem space is relatively early, we might evolv=
e the primitive abstraction with which we&#39;re dealing and the language i=
tself should evolve 3) we might still have to do a lot of economic engineer=
ing if the microcode operations or syntax units of the language are boundin=
g well to validation nodes ressources.<br><br>So IMHO, a lot of unknowns ab=
out a generic contracting platform (even if it&#39;s tempting from an appli=
cation developer viewpoint I know)<br><br>[0] <a href=3D"https://lists.linu=
xfoundation.org/pipermail/lightning-dev/2020-November/002884.html">https://=
lists.linuxfoundation.org/pipermail/lightning-dev/2020-November/002884.html=
</a><br>[1] For example an input-output bundle abstraction might be better =
for fee-bumping reasons:<br><a href=3D"https://lists.linuxfoundation.org/pi=
permail/bitcoin-dev/2021-July/019243.html">https://lists.linuxfoundation.or=
g/pipermail/bitcoin-dev/2021-July/019243.html</a><br></div><br><div class=
=3D"gmail_quote"><div dir=3D"ltr" class=3D"gmail_attr">Le=C2=A0dim. 24 juil=
. 2022 =C3=A0=C2=A019:40, ZmnSCPxj &lt;<a href=3D"mailto:ZmnSCPxj@protonmai=
l.com">ZmnSCPxj@protonmail.com</a>&gt; a =C3=A9crit=C2=A0:<br></div><blockq=
uote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-left:1p=
x solid rgb(204,204,204);padding-left:1ex">Good morning alia, Antoine, and =
list,<br>
<br>
&gt; Hi Antoine,<br>
&gt; Claiming Taproot history, as best practice or a standard methodology i=
n bitcoin development, is just too much. Bitcoin development methodology is=
 an open problem, given the contemporary escalation/emergence of challenges=
, history is not=C2=A0 entitled to be hard coded as standard.<br>
&gt;<br>
&gt; Schnorr/MAST development history, is a good subject for case study, bu=
t it is not guaranteed that the outcome to be always the same as your take.=
<br>
&gt;<br>
&gt; I&#39;d suggest instead of inventing a multi-decades-lifecycle based m=
ethodology (which is weird by itself, let alone installing it as a standard=
 for bitcoin projects), being open-mind=C2=A0 enough for examining more agi=
le approaches and their inevitable effect on the course of discussions,<br>
<br>
A thing I have been mulling is how to prototype such mechanisms more easily=
.<br>
<br>
A &quot;reasonably standard&quot; approach was pioneered in Elements Alpha,=
 where an entire federated sidechain is created and then used as a testbed =
for new mechanisms, such as SegWit and `OP_CHECKSIGFROMSTACK`.<br>
However, obviously the cost is fairly large, as you need an entire federate=
d sidechain.<br>
<br>
It does have the nice advantage that you can use &quot;real&quot; coins, wi=
th real value (subject to the federation being trustworthy, admittedly) in =
order to convincingly show a case for real-world use.<br>
<br>
As I pointed out in [Smart Contracts Unchained](<a href=3D"https://zmnscpxj=
.github.io/bitcoin/unchained.html" rel=3D"noreferrer" target=3D"_blank">htt=
ps://zmnscpxj.github.io/bitcoin/unchained.html</a>), an alternative to usin=
g a blockchain would be to use federated individual coin outpoints.<br>
<br>
A thing I have been pondering is to create a generic contracting platform w=
ith a richer language, which itself is just used to implement a set of `OP_=
` SCRIPT opcodes.<br>
This is similar to my [Microcode proposal](<a href=3D"https://lists.linuxfo=
undation.org/pipermail/bitcoin-dev/2022-March/020158.html" rel=3D"noreferre=
r" target=3D"_blank">https://lists.linuxfoundation.org/pipermail/bitcoin-de=
v/2022-March/020158.html</a>) earlier this year.<br>
Thus, it would be possible to prototype new `OP_` codes, or change the beha=
vior of existing `OP_` codes (e.g. `SIGHASH_NOINPUT` would be a change in b=
ehavior of existing `OP_CHECKSIG` and `OP_CHECKMULTISIG`), by having a tran=
slation from `OP_` codes to the richer language.<br>
Then you could prototype a new SCRIPT `OP_` code by providing your own tran=
slation of the new `OP_` code and a SCRIPT that uses that `OP_` code, and u=
sing Smart Contract Unchained to use a real funds outpoint.<br>
<br>
Again, we can compare the Bitcoin consensus layer to a form of hardware: ye=
s, we *could* patch it and change it, but that requires a ***LOT*** of work=
 and the new software has to be redeployed by everyone, so it is, practical=
ly speaking, hardware.<br>
Microcode helps this by adding a softer layer without compromising the exis=
ting hard layer.<br>
<br>
So... what I have been thinking of is creating some kind of smart contracts=
 unchained platform that allows prototyping new `OP_` codes using a microco=
de mechanism.<br>
<br>
Regards,<br>
ZmnSCPxj<br>
</blockquote></div>

--0000000000001911e105e4acc9db--