1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
|
Delivery-date: Mon, 06 May 2024 09:59:40 -0700
Received: from mail-qt1-f188.google.com ([209.85.160.188])
by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
(Exim 4.94.2)
(envelope-from <bitcoindev+bncBAABB5EY4SYQMGQEK7EJSPA@googlegroups.com>)
id 1s41gh-0005cd-WD
for bitcoindev@gnusha.org; Mon, 06 May 2024 09:59:40 -0700
Received: by mail-qt1-f188.google.com with SMTP id d75a77b69052e-43d19711c12sf27384101cf.3
for <bitcoindev@gnusha.org>; Mon, 06 May 2024 09:59:39 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1715014773; cv=pass;
d=google.com; s=arc-20160816;
b=eNj9NAVYaJ79OrTkg4qdhjyLhJuzJE1MPKAISoMw3OAat+Ft+WHV9EluCYjq665YVB
wv8IuaJDUbZo35z/iBBFKxSMYIAaINUzKrCDs91698PakwbtxWp9WI2UejTRE7ydYOko
U0PowugQuREap1kzu/MafgXe+5gYnwY+rwIKo5sqXSI7ESz5QYFuc6ufkL4+BiIid9TT
+kaYVrbHaNvm+GcwDy16dwGRoaUS+G90wUgiFs2whzQjI+hsS+zAGT2fZYKwhOEUzgoO
JkIO+jLon/im9RzbVGuKYFAoB+jDg9B74EjrmTXr9AbMSNIBw6SRPXJrNnigYxcs9Sso
CFqw==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:in-reply-to:content-disposition
:mime-version:references:message-id:subject:cc:to:from:date:sender
:dkim-signature;
bh=SoYJ2jUi7U0iFWB4MHkc+yaIUNw7q/6MH23+WL6+GEY=;
fh=wludP5/9RHri/kkevkthB+5d8Cd+meT368QhpsV3H4o=;
b=mWVjFaYV02UbcsHPErNOyNt3kGdOWN8JRMALcLudFb2g2wvN9TvKtluRDeXI00rHep
ezM2ot629wzO24sBMDdjGweUmvmIobVUjq1oGS8rIbC/VZThMiofolLzU3eV6sg5GSvT
lzTKeVHO/FPGQtwKXGAMxzPTpNcsE7bPGoVZ9JGxtlSFif293Ic+8HLAEiKkeiyFH4y/
oIg32dAaHfwzdhHM3v5+p629EbGC4EHVAlDPK3dY21X3vR8j1MKvGN3DkW6vOWiFq9s4
11woPKpcVF8xrByzlXnXe3upvbdQrSvNakV4SpVBEZFY+3DTZ0qlhWq+MGppMZD2Xzg1
awwQ==;
darn=gnusha.org
ARC-Authentication-Results: i=2; gmr-mx.google.com;
dkim=pass header.i=@mail.wpsoftware.net header.s=default header.b=Dc1nGl1x;
spf=pass (google.com: domain of apoelstra@wpsoftware.net designates 66.183.0.205 as permitted sender) smtp.mailfrom=apoelstra@wpsoftware.net;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=wpsoftware.net
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=googlegroups.com; s=20230601; t=1715014773; x=1715619573; darn=gnusha.org;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:x-original-authentication-results
:x-original-sender:in-reply-to:content-disposition:mime-version
:references:message-id:subject:cc:to:from:date:sender:from:to:cc
:subject:date:message-id:reply-to;
bh=SoYJ2jUi7U0iFWB4MHkc+yaIUNw7q/6MH23+WL6+GEY=;
b=mllNgSKwDwxD9GtrG2l45Oxdv2xjCbvQlLaahDfMaxcPRJIvVEjOZqgo9Tq6XU5UF6
EWyq1Yk2yAvs5IPfwnbuE0IklC5jBlKYGz5ocmZEEOtIHjhXbEDtELuL4DKaOjvChIrZ
KyTH242wIE+gN21reTGBSBaXqy4u8vSvU5lhaXhRScrpALpEbKhZaiTgvx4riKHMTKql
IXazflcHYxNRIczT1HzLhys22FJCzSeBWZixLJB5Z09Mv0U2PcdylyTAxlStIifwnUa7
zfbPzbsvhMTqR81EldDYl/wW/dZhOi8Xmo30W7f6TunbQ4rbGh2yZ1xOvq01279e6HDk
nc8Q==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1715014773; x=1715619573;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:x-original-authentication-results
:x-original-sender:in-reply-to:content-disposition:mime-version
:references:message-id:subject:cc:to:from:date:x-beenthere
:x-gm-message-state:sender:from:to:cc:subject:date:message-id
:reply-to;
bh=SoYJ2jUi7U0iFWB4MHkc+yaIUNw7q/6MH23+WL6+GEY=;
b=CLanrekfOZRuL5xcKRaC003aT/KU3XBIRjYEDHZXmnpyX51m+k/Ei9XMEtcs9bteZW
tYnW4ZhYUf3tsolDmNCZZBS2ZKxeShMv+LQqOarb1KWvq9fGO6BU3KR6G/Rdkoud/odW
A1RpeDFGObmO1b1G/t0NyFOFyPBUyR+U9SQOMtiN9aM1gHSjbPfkf7cvuA+rSPVJGev9
lzj+0EgUWm9cWEolHGJSl1v3GPVfwA7kS/D2MTl/dMzC09AVu63CUFI5aDWDU116b2Eh
bp6VYIo0P91R151Va1+0gB8w1mnw6eCExNBemv0eULKRQ95xmwgANEWVg1puJN9T7it4
zwVw==
Sender: bitcoindev@googlegroups.com
X-Forwarded-Encrypted: i=2; AJvYcCWZ58RwnmLd4+RNVQXUxzVAilvNX42b2+7L69g9X+eq8tNgEnEEpDAhA8Z1tDko3kommNR2TfvVP+s4eQJ6c0SvB+vs9AQ=
X-Gm-Message-State: AOJu0YyXlczCVIT4QJP8HCvhwvHZanzXSenNl9MRHQVVTALpJEMyiJ9y
l4Oc0pHN6c6FxrrQJtaNU5pe5rvsoGlzzmjnVJrqgZ3mCiAbKlMo
X-Google-Smtp-Source: AGHT+IE+kQfZ4uRn3qUoAD/HZNZMpBdAn4wC3KyEVLxqOZ3v7rN3BXGbVge2chc/OalAf0v9NLpppQ==
X-Received: by 2002:a05:622a:4a:b0:43a:d399:91e5 with SMTP id y10-20020a05622a004a00b0043ad39991e5mr12496901qtw.6.1715014773477;
Mon, 06 May 2024 09:59:33 -0700 (PDT)
X-BeenThere: bitcoindev@googlegroups.com
Received: by 2002:a05:622a:d5:b0:43a:d7f2:514f with SMTP id
d75a77b69052e-43ca7f46baels6198231cf.1.-pod-prod-08-us; Mon, 06 May 2024
09:59:32 -0700 (PDT)
X-Forwarded-Encrypted: i=2; AJvYcCVu7Gb16GFQEEq9ASAhsv96u2qssMxYvVokbtFLrNLqmBwDVz4mWdlTnQtlUMyQ6sYYazBoABFc+OeYtAiHx1MPdF37BW7jZsxrHvA=
X-Received: by 2002:ac8:5705:0:b0:43d:89f6:9100 with SMTP id 5-20020ac85705000000b0043d89f69100mr3039qtw.3.1715014772242;
Mon, 06 May 2024 09:59:32 -0700 (PDT)
Received: by 2002:a05:620a:4714:b0:792:a4c6:e0f4 with SMTP id af79cd13be357-792a4c6eab3ms85a;
Mon, 6 May 2024 09:48:20 -0700 (PDT)
X-Forwarded-Encrypted: i=2; AJvYcCUmvISIPHMptsbOrZfgatATotEXtMBWb3XiAB7s3sOLgEgXWWMH+uAiaL3sJm0LXNBsWeAqjjNUyogZYX3VW1ef3EJZrUM18yUDH3I=
X-Received: by 2002:a05:620a:4689:b0:792:5b7a:ad58 with SMTP id bq9-20020a05620a468900b007925b7aad58mr14381352qkb.8.1715014099373;
Mon, 06 May 2024 09:48:19 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1715014099; cv=none;
d=google.com; s=arc-20160816;
b=K6qaY+Wo8mmC2F4cIdGyH6lKFhTtPmws2W3Ho/79X0Lix1OqwwjzBCy/DebsHZkyxj
+YXYQ9JrBw04cq1ebX6d/0PG+Rw40zUtr08D8Xor3Cy/PProsfSz5PajCET2gQnP9GUu
mCCSxzX42IlDkyaOvGaOylPA2rp4Di84Hu508+sDa1uQ4x+Yey57gC33Vl7Oa1/KyFQ2
SllU5zZdLdS5WmJmWKfq2fpELJ6i4vrD9HhHRV7zCsVJrttkNtgYpGH+Cyxs4uYyh3kN
l5ur9ARk/gk/AzZ3CBhCPB9gvvMl+lbkJDl5/QoTV9CQ4dVhbrr1k5C6qttGtyOTrnfw
fCMg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
h=in-reply-to:content-disposition:mime-version:references:message-id
:subject:cc:to:from:date:dkim-signature;
bh=ZdME1Vf2xgH1cwtOv79ZrjRYT6dUWE0MPWlH7Vgn3pE=;
fh=F4Yi2qrZGojr5/AC+8Po021ePc+eBwPeJPP1rn5BI+w=;
b=DBQ13pD4KZlkjvUVqBN70CwMBCrNNrlHkug/Zz17FlSgCzKyxJSyoovHr4z/oo7FL7
lh7qp8hkPv8RAvof2XubSfPngLKhhM6mK445OYFoN+5kRoBaQ+gJdtdGK5C0drZeIQuv
nwF9jMEWU3zkD6T2RGKyXkDzgqawXwIBpxkXgn+2YVmyjbEyWNfrLM09jeFXFYm/pWXT
wXdxQAf8SpK8yX2PtdLcxjp1T4ChI2TdO6A10eh6DVN6fp7u+b4QK//Fn4S+Iw7qr8RA
4Miiu5Met5wFHDP7IFTOSPD+sTQyP8AUdeKwQojQZB4pw/SD4kPS8jTaPJiQy99bV0ZC
WySg==;
dara=google.com
ARC-Authentication-Results: i=1; gmr-mx.google.com;
dkim=pass header.i=@mail.wpsoftware.net header.s=default header.b=Dc1nGl1x;
spf=pass (google.com: domain of apoelstra@wpsoftware.net designates 66.183.0.205 as permitted sender) smtp.mailfrom=apoelstra@wpsoftware.net;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=wpsoftware.net
Received: from mail.wpsoftware.net ([66.183.0.205])
by gmr-mx.google.com with ESMTP id y14-20020a05620a44ce00b00790ab3559f9si724369qkp.3.2024.05.06.09.48.19
for <bitcoindev@googlegroups.com>;
Mon, 06 May 2024 09:48:19 -0700 (PDT)
Received-SPF: pass (google.com: domain of apoelstra@wpsoftware.net designates 66.183.0.205 as permitted sender) client-ip=66.183.0.205;
Received: from camus (camus-andrew.lan [192.168.0.190])
by mail.wpsoftware.net (Postfix) with ESMTPSA id 3ED0340102;
Mon, 6 May 2024 16:48:18 +0000 (UTC)
Date: Mon, 6 May 2024 16:48:17 +0000
From: Andrew Poelstra <apoelstra@wpsoftware.net>
To: "David A. Harding" <dave@dtrt.org>
Cc: Matthew Zipkin <pinheadmz@gmail.com>, Ethan Heilman <eth3rs@gmail.com>,
Bitcoin Development Mailing List <bitcoindev@googlegroups.com>
Subject: Re: [bitcoindev] Signing a Bitcoin Transaction with Lamport
Signatures (no changes needed)
Message-ID: <ZjkJ0fPyzuAPTLWS@camus>
References: <CAEM=y+XyW8wNOekw13C5jDMzQ-dOJpQrBC+qR8-uDot25tM=XA@mail.gmail.com>
<CA+x5asTOTai_4yNGEgtKEqAchuWJ0jGDEgMqHFYDwactPnrgyw@mail.gmail.com>
<ZjD-dMMGxoGNgzIg@camus>
<47711dc4ffe9d661e8321b05b6adab4e@dtrt.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature"; boundary="uWbPaJfyaDo01qX6"
Content-Disposition: inline
In-Reply-To: <47711dc4ffe9d661e8321b05b6adab4e@dtrt.org>
X-Original-Sender: apoelstra@wpsoftware.net
X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass
header.i=@mail.wpsoftware.net header.s=default header.b=Dc1nGl1x;
spf=pass (google.com: domain of apoelstra@wpsoftware.net designates
66.183.0.205 as permitted sender) smtp.mailfrom=apoelstra@wpsoftware.net;
dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=wpsoftware.net
Precedence: list
Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com
List-ID: <bitcoindev.googlegroups.com>
X-Google-Group-Id: 786775582512
List-Post: <https://groups.google.com/group/bitcoindev/post>, <mailto:bitcoindev@googlegroups.com>
List-Help: <https://groups.google.com/support/>, <mailto:bitcoindev+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/bitcoindev
List-Subscribe: <https://groups.google.com/group/bitcoindev/subscribe>, <mailto:bitcoindev+subscribe@googlegroups.com>
List-Unsubscribe: <mailto:googlegroups-manage+786775582512+unsubscribe@googlegroups.com>,
<https://groups.google.com/group/bitcoindev/subscribe>
X-Spam-Score: -0.8 (/)
--uWbPaJfyaDo01qX6
Content-Type: text/plain; charset="UTF-8"
Content-Disposition: inline
On Sun, May 05, 2024 at 09:39:51PM -1000, David A. Harding wrote:
>
> Hi Andrew,
>
> I don't understand the above. I think of a covenant as a script that is
> able to restrict the scriptPubKey of the transaction that spends it. As I
> understand Heilman's description, a lamport signature commits to the size of
> an ECDSA signature (which can naturally vary) and the ECDSA signature
> commits to the spending transaction. Performing the lamport verification on
> the stack is practically equivalent to OP_CHECKSIGFROMSTACK, which is half
> of what you need for a covenant. As you've previously described[1], the
> other half is some method for introspection. How do lamport signatures
> offer introspection when they're restricted to committing to ECDSA
> signatures that can't be known at the time a script is created due to
> circular dependency in hashing (i.e., the ECDSA signature commits to the
> spending transaction, which commits to the previous transaction's txid,
> which commits to the script)?
>
Aside from limits on transaction size, post-Taproot script can verify a
trace of any program execution, as long as the individual elements it is
operating on fit into 4-byte CScriptNums. You can therefore implement
SHA2, ECDSA, etc., and reconstruct the pattern of SIZE elements by
feeding in transaction data. Which of course can then be arbitrarily
constrained.
Probably actually doing this would take more than 4 megs of script and
you would need to use some sort of BitVM tricks and the whole thing
might not work. But this was my point in saying that "only the script
limits are stopping us from having covenants".
And pre-Taproot we have only 201 opcodes so of course this is all
totally out of the question :) but plausibly we could make a copy of the
Lamport signature in a Taproot output and then use non-equivocation
slashing conditions to somehow make things work.
--
Andrew Poelstra
Director, Blockstream Research
Email: apoelstra at wpsoftware.net
Web: https://www.wpsoftware.net/andrew
The sun is always shining in space
-Justin Lewis-Webster
--
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/bitcoindev/ZjkJ0fPyzuAPTLWS%40camus.
--uWbPaJfyaDo01qX6
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEkPnKPD7Je+ki35VexYjWPOQbl8EFAmY5Cc8ACgkQxYjWPOQb
l8E/6Qf/VH8gQhms8B3p6VdIAOAreXuuOMaANr9JBRL6dj0azJBhjoy8OcPUbf0m
Lh06bmekh5kcKwxkFPH8KqF4bxyNQt5q1XUff+b393R5/hsaiXHXUSRGPk5xd2w6
rPB7/B/BrClDs6ihGEQlECbuzjdM3t52Ztc8Xz8lyfuZyWAn1gOvAl2HH7yLT6+u
PcBAKZlOnup+wOYuSEyRQZYa42pQFnMKfcblEBR3XoYmZKu8kE7WNogzs1cU92aB
96p+XrmJXsq/6KinHz5ASgChQTfPOzQYWN4qCkjse4m8neG7TaRynHXahiizUihx
1NfuQIH6F4p/g9aKbLVlUYMAlRV5Og==
=Kwxv
-----END PGP SIGNATURE-----
--uWbPaJfyaDo01qX6--
|
