Return-Path: Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137]) by lists.linuxfoundation.org (Postfix) with ESMTP id 0B15EC0032 for ; Mon, 13 Mar 2023 14:56:30 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id DA12A41728 for ; Mon, 13 Mar 2023 14:56:29 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org DA12A41728 Authentication-Results: smtp4.osuosl.org; dkim=pass (2048-bit key) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256 header.s=20210112 header.b=oU6HjnqI X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -1.848 X-Spam-Level: X-Spam-Status: No, score=-1.848 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=ham autolearn_force=no Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id vw3Dq9C2sBBw for ; Mon, 13 Mar 2023 14:56:28 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 2C9A041703 Received: from mail-ed1-x52d.google.com (mail-ed1-x52d.google.com [IPv6:2a00:1450:4864:20::52d]) by smtp4.osuosl.org (Postfix) with ESMTPS id 2C9A041703 for ; Mon, 13 Mar 2023 14:56:28 +0000 (UTC) Received: by mail-ed1-x52d.google.com with SMTP id j11so49854205edq.4 for ; Mon, 13 Mar 2023 07:56:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; t=1678719386; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:from:to:cc:subject:date:message-id:reply-to; bh=YUq5U4nNBleNhPeH73Q7qK2yDldkZ621RtkVsB7vPC0=; b=oU6HjnqItYwYZemDW1bDnbmr/gFeAjqNnLz0pe2WoW3MSG9lQnMex7K8yg+LJlQ08X 98FTJ2zopbzRbNswwd80K+ZG1zfPOedziq5MXR0MvYwwWaz7fKBhxFnL35L8QuHHC4z2 luwAsJ4pUTrbVc1V3DUMiZZ0KHZgaqQhNb4wMn+KVT/49bCGdmbTxFeQZmcxm7uT1AMj kEFetzS5+POlA5E+Tziwd045JGs9wc1CmzXS1ldYUMe5A4s/9teQcZ4JM2GvNBrjV9Kz 5uGw1n6Pc0tvJG53fl8Ulux+P9qf4CfmfIwqK9MIKch6dij64dfM4mqVDuTjfYLWLqnK Utyg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; t=1678719386; h=cc:to:subject:message-id:date:from:in-reply-to:references :mime-version:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=YUq5U4nNBleNhPeH73Q7qK2yDldkZ621RtkVsB7vPC0=; b=4ce512dIfNY3NllDbdY6lJE0d4LU1Mlu22TYuitR+v15eoUi0K58uscQNlmn4Kh/PS K7IRRiV7nafUGZvqUrSvcr+s+Q1SPCFkMcBuCTOhnh4rOpvmJLgeQGS5HYHUp5rfnseK WWl9OTT9yMT8roFnbqYBCPArhNGqqymaZhU3BnMohy9E+DDB82kEAexy5djMAdPC7/RP HbCapN49509mYaUTGLHrAaTVdtoYqrmau151KH8pe5Kp7ZXz6Nnf8EDqLOGNK16lSAd4 OjsjrIeEnhvT8psiIOQMuYS/S4a4zoxSohLJ6jht/AXiNGeQDKowWhRpZyRrf3n02Ak7 SATw== X-Gm-Message-State: AO0yUKVcktkhw/MkLRg8eInIXi8E4q/EfFRRcjYKRJSNhRyW6irbc6R8 YjEmkwQot4dJIJaNsRAWI3xdBC7yAkTBHQcP26E= X-Google-Smtp-Source: AK7set+2CS0X8pCVfZHvdyZEOVjRZ5k4kocDZTyerhAnxnj49GTERAt2yhflXhBhuSlG29oQg5gssqMECK50yr8hwSA= X-Received: by 2002:a17:906:1481:b0:888:6294:a1fd with SMTP id x1-20020a170906148100b008886294a1fdmr16350339ejc.2.1678719386208; Mon, 13 Mar 2023 07:56:26 -0700 (PDT) MIME-Version: 1.0 References: <4652dbe8-6647-20f2-358e-be0ef2e52c47@dashjr.org> In-Reply-To: From: Greg Sanders Date: Mon, 13 Mar 2023 10:56:15 -0400 Message-ID: To: Luke Dashjr , Bitcoin Protocol Discussion Content-Type: multipart/alternative; boundary="000000000000b14bcb05f6c950d6" Subject: Re: [bitcoin-dev] BIP for OP_VAULT X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Mar 2023 14:56:30 -0000 --000000000000b14bcb05f6c950d6 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Didn't finish sentence: but in practice would end up with pretty similar usage flows imho, and as noted in PR, would take a different wallet paradigm, among other technical challenges. On Mon, Mar 13, 2023 at 10:55=E2=80=AFAM Greg Sanders wrote: > Hi Luke, > > Can you elaborate why the current idealized functionality of deposit -> > trigger -> withdrawal is too complicated for > everyday use but the above deposit -> withdrawal -> > resolve(claim/clawback) wouldn't be? I admit at a high level > it's a fine paradigm, but in practice would end > > Let's ignore implementation for the discussion, since that's in flux. > > Cheers, > Greg > > On Sat, Mar 11, 2023 at 3:53=E2=80=AFPM Luke Dashjr via bitcoin-dev < > bitcoin-dev@lists.linuxfoundation.org> wrote: > >> I started reviewing the BIP, but stopped part way through, as it seems >> to have a number of conceptual issues. >> >> I left several comments on the PR >> (https://github.com/bitcoin/bips/pull/1421#pullrequestreview-1335925575)= , >> >> but ultimately I think it isn't simplified enough for day-to-day use, >> and would harm privacy quite a bit. >> >> Instead, I would suggest a new approach where: >> >> 1) Joe receives funds with a taproot output like normal. >> 2) Joe sends funds to Fred, but Fred cannot spend them until N blocks >> later (covenant-enforced relative locktime). Ideally, this should >> use/support a taproot keypath spend somehow. It would be nice to blind >> the particular relative locktime somehow too, but that may be too >> expensive. >> 2b) If Joe's funds were stolen, Joe can spend Fred's UTXO within the N >> block window to a recovery output. >> >> Unfortunately, the implementation details for this kind of setup are >> non-obvious and will likely require yet another address format (or at >> least recipient-wallet changes), but certainly seems within the scope of >> possibility. >> >> Thoughts? >> >> Luke >> >> >> On 2/13/23 16:09, James O'Beirne via bitcoin-dev wrote: >> > Since the last related correspondence on this list [0], a number of >> > improvements have been made to the OP_VAULT draft [1]: >> > >> > * There is no longer a hard dependence on package relay/ephemeral >> > anchors for fee management. When using "authorized recovery," all >> > vault-related transactions can be bundled with unrelated inputs and >> > outputs, facilitating fee management that is self contained to the >> > transaction. Consequently, the contents of this proposal are in theo= ry >> > usable today. >> > >> > * Specific output locations are no longer hardcoded in any of the >> > transaction validation algorithms. This means that the proposal is n= ow >> > compatible with future changes like SIGHASH_GROUP, and >> > transaction shapes for vault operations are more flexible. >> > >> > --- >> > >> > I've written a BIP that fully describes the proposal here: >> > >> > >> https://github.com/jamesob/bips/blob/jamesob-23-02-opvault/bip-vaults.me= diawiki >> > >> > The corresponding PR is here: >> > >> > https://github.com/bitcoin/bips/pull/1421 >> > >> > My next steps will be to try for a merge to the inquisition repo. >> > >> > Thanks to everyone who has participated so far, but especially to AJ a= nd >> > Greg for all the advice. >> > >> > James >> > >> > [0]: >> > >> https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2023-January/021= 318.html >> > [1]: https://github.com/bitcoin/bitcoin/pull/26857 >> > >> > _______________________________________________ >> > bitcoin-dev mailing list >> > bitcoin-dev@lists.linuxfoundation.org >> > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev >> _______________________________________________ >> bitcoin-dev mailing list >> bitcoin-dev@lists.linuxfoundation.org >> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev >> > --000000000000b14bcb05f6c950d6 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
Didn't finish sentence: but in practice would end up w= ith pretty similar usage flows imho, and as noted in PR, would take a diffe= rent wallet paradigm,
among other technical challenges.

=
On Mon, Ma= r 13, 2023 at 10:55=E2=80=AFAM Greg Sanders <gsanders87@gmail.com> wrote:
Hi Luke,
<= br>
Can you elaborate why the current idealized functionality of depos= it=C2=A0-> trigger -> withdrawal is too complicated for
everyday = use but the above deposit -> withdrawal -> resolve(claim/clawback)=C2= =A0 wouldn't be? I admit at a high level
it's a fine para= digm, but in practice would end=C2=A0

Let's ig= nore implementation for the discussion, since that's in flux.

Cheers,
Greg

On Sat, Mar 11, 2023 at 3:53=E2= =80=AFPM Luke Dashjr via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.= org> wrote:
I started reviewing the BIP, but stopped part way through, as it seems <= br> to have a number of conceptual issues.

I left several comments on the PR
(https://github.com/bitcoin/bi= ps/pull/1421#pullrequestreview-1335925575),
but ultimately I think it isn't simplified enough for day-to-day use, <= br> and would harm privacy quite a bit.

Instead, I would suggest a new approach where:

1) Joe receives funds with a taproot output like normal.
2) Joe sends funds to Fred, but Fred cannot spend them until N blocks
later (covenant-enforced relative locktime). Ideally, this should
use/support a taproot keypath spend somehow. It would be nice to blind
the particular relative locktime somehow too, but that may be too expensive= .
2b) If Joe's funds were stolen, Joe can spend Fred's UTXO within th= e N
block window to a recovery output.

Unfortunately, the implementation details for this kind of setup are
non-obvious and will likely require yet another address format (or at
least recipient-wallet changes), but certainly seems within the scope of possibility.

Thoughts?

Luke


On 2/13/23 16:09, James O'Beirne via bitcoin-dev wrote:
> Since the last related correspondence on this list [0], a number of > improvements have been made to the OP_VAULT draft [1]:
>
> * There is no longer a hard dependence on package relay/ephemeral
> =C2=A0 anchors for fee management. When using "authorized recover= y," all
> =C2=A0 vault-related transactions can be bundled with unrelated inputs= and
> =C2=A0 outputs, facilitating fee management that is self contained to = the
> =C2=A0 transaction. Consequently, the contents of this proposal are in= theory
> =C2=A0 usable today.
>
> * Specific output locations are no longer hardcoded in any of the
> =C2=A0 transaction validation algorithms. This means that the proposal= is now
> =C2=A0 compatible with future changes like SIGHASH_GROUP, and
> =C2=A0 transaction shapes for vault operations are more flexible.
>
> ---
>
> I've written a BIP that fully describes the proposal here:
>
> https://github.c= om/jamesob/bips/blob/jamesob-23-02-opvault/bip-vaults.mediawiki
>
> The corresponding PR is here:
>
> https://github.com/bitcoin/bips/pull/1421
>
> My next steps will be to try for a merge to the inquisition repo.
>
> Thanks to everyone who has participated so far, but especially to AJ a= nd
> Greg for all the advice.
>
> James
>
> [0]:
> https://lists.l= inuxfoundation.org/pipermail/bitcoin-dev/2023-January/021318.html
> [1]: https://github.com/bitcoin/bitcoin/pull/26857=
>
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org= /mailman/listinfo/bitcoin-dev
_______________________________________________
bitcoin-dev mailing list
= bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mail= man/listinfo/bitcoin-dev
--000000000000b14bcb05f6c950d6--