Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of gmail.com
	designates 209.85.217.172 as permitted sender)
	client-ip=209.85.217.172; envelope-from=snow.paul@gmail.com;
	helo=mail-lb0-f172.google.com; 
MIME-Version: 1.0
In-Reply-To: <20141221185126.GC18711@savin.petertodd.org>
References: <CALqxMTFK_sxdFjVi0qAC0JMdXa=tVBBNp0VrveRUfwa3b1UYhw@mail.gmail.com>
	<20141221185126.GC18711@savin.petertodd.org>
From: paul snow <snow.paul@gmail.com>
Date: Sun, 21 Dec 2014 18:56:28 -0600
Message-ID: <CAMU7uiu_wmsZRf6tXdE--rXLb6DSwJHs2YnspQ-cCoN_dw62JA@mail.gmail.com>
To: Peter Todd <pete@petertodd.org>
Content-Type: multipart/alternative; boundary=047d7b34318aab3e0d050ac38988
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] one-show signatures (Re: The relationship
 between Proof-of-Publication and Anti-Replay Oracles)
Precedence: list

--047d7b34318aab3e0d050ac38988
Content-Type: text/plain; charset=UTF-8

On Sun, Dec 21, 2014 at 12:51 PM, Peter Todd <pete@petertodd.org> wrote:

> On Sun, Dec 21, 2014 at 06:10:47PM +0000, Adam Back wrote:
> > Yes you could for example define a new rule that two signatures
> > (double-spend) authorises something - eg miners to take funds. (And
> > this would work with existing ECDSA addresses & unrestricted R-value
> > choices).
> >
> > I wasnt really making a point other than an aside that it maybe is
> > sort-of possible to do with math what you said was not possible where
> > you said "This [preventing signing more than one message] is
> > impossible to implement with math alone".
>
> Introducing a bunch of clever ECDSA math doesn't change the fact that
> the clever math isn't what is preventing double-spending, clever
> economics is. Just like Bitcoin itself.
>
> No sense getting people potentially confused by a bunch of complex
> equations that aren't relevant to the more fundemental and much more
> important principle that math alone can't prevent double-spending.


Math alone describes all of Bitcoin's structure; as math is a way to model
reality, it has no limits. Saying Math can't prevent double-spending is
near equivalent to saying it cannot be done.

--047d7b34318aab3e0d050ac38988
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr"><div class=3D"gmail_extra"><div class=3D"gmail_quote">On S=
un, Dec 21, 2014 at 12:51 PM, Peter Todd <span dir=3D"ltr">&lt;<a href=3D"m=
ailto:pete@petertodd.org" target=3D"_blank">pete@petertodd.org</a>&gt;</spa=
n> wrote:<br><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;b=
order-left:1px #ccc solid;padding-left:1ex"><span>On Sun, Dec 21, 2014 at 0=
6:10:47PM +0000, Adam Back wrote:<br>
&gt; Yes you could for example define a new rule that two signatures<br>
&gt; (double-spend) authorises something - eg miners to take funds. (And<br=
>
&gt; this would work with existing ECDSA addresses &amp; unrestricted R-val=
ue<br>
&gt; choices).<br>
&gt;<br>
&gt; I wasnt really making a point other than an aside that it maybe is<br>
&gt; sort-of possible to do with math what you said was not possible where<=
br>
&gt; you said &quot;This [preventing signing more than one message] is<br>
&gt; impossible to implement with math alone&quot;.<br>
<br>
</span>Introducing a bunch of clever ECDSA math doesn&#39;t change the fact=
 that<br>
the clever math isn&#39;t what is preventing double-spending, clever<br>
economics is. Just like Bitcoin itself.<br>
<br>
No sense getting people potentially confused by a bunch of complex<br>
equations that aren&#39;t relevant to the more fundemental and much more<br=
>
important principle that math alone can&#39;t prevent double-spending.</blo=
ckquote><div><br></div><div>Math alone describes all of Bitcoin&#39;s struc=
ture; as math is a way to model reality, it has no limits. Saying Math can&=
#39;t prevent double-spending is near equivalent to saying it cannot be don=
e. =C2=A0</div></div></div></div>

--047d7b34318aab3e0d050ac38988--