Send bitcoin-dev mailing list submissions to
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
or, via email, send a message with subject or body 'help' to
You can reach the person managing the list at
When replying, please edit your Subject line so it is more specific
than "Re: Contents of bitcoin-dev digest..."
1. Re: Horizontal scaling of blockchain (Cserveny Tamas)
2. Re: Horizontal scaling of blockchain (Thomas Guyot-Sionnest)
3. Re: Horizontal scaling of blockchain (Tom Zander)
4. Re: BIP49 Derivation scheme changes (Thomas Voegtlin)
5. Re: Fwd: "Compressed" headers stream (Peter Todd)
6. Re: "Compressed" headers stream (Peter Todd)
----------------------------------------------------------------------
Message: 1
Date: Fri, 01 Sep 2017 18:15:53 +0000
Subject: Re: [bitcoin-dev] Horizontal scaling of blockchain
<CACY+MSOPWhTnR-ZR67T1a5ZU2w4pWa6FkXsGF3_C+
Content-Type: text/plain; charset="utf-8"
Yes. I meant the single thread as an analogy, if a block is found, other
blocks are worthless. (more or less) Longest chain wins.
My line of though was, that currently the only way to scale with the
traffic (and lowering the fees) is increasing the block size (which is hard
as I learned from recent events), or reducing the complexity which is less
secure (most likely more controversial)
Splitting the chain is effectively increasing the block size, but without
the increased hashing and validation overhead.
The usage growth seems to be more of exponential rather than linear. Sooner
or later the block size will need to be 4 mb then 40 mb, then what is the
real limit? Otherwise waiting times and thus the fees will just grow
rapidly. I don't think that it is desirable.
With splitting the ledger, the block size can remain 1-2 mb for long time,
only new partitions needs to be added on a schedule. This would also make
better use of the hashing capacity.
Cheers,
Tamas
just
distributed
a
task
it
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/
attachments/20170901/d908e965/attachment-0001.html>
------------------------------
Message: 2
Date: Fri, 1 Sep 2017 15:40:44 -0400
Clemente
Subject: Re: [bitcoin-dev] Horizontal scaling of blockchain
Content-Type: text/plain; charset=windows-1252
It wouldn't be less secure as long as you adjust the confirmation
accordingly. If we decided to mine one block every minute, then your
usual 6 confirmation should become 60 confirmation. In the end, the same
amount of work will have been done to prove the transaction is legit and
so it's just as secure... Actually, one could argue since the average
hash rate over 60 block is more accurate than over 6, it's actually more
secure if you also pay attention to hash rate variation as part of the
confirmation... That help in the scenario a very large pool goes dark to
mine a sidechain.
--
Thomas
------------------------------
Message: 3
Date: Sat, 02 Sep 2017 23:13:57 +0200
Cc: Bitcoin Protocol Discussion
Subject: Re: [bitcoin-dev] Horizontal scaling of blockchain
Content-Type: text/plain; charset="us-ascii"
The real limit is set by the technology. Just like in 1990 we could not
fathom having something like YouTube and high-res video streaming
(Netflix),
the limits of what is possible continually shifts.
This is basically how any successful product has ever grown, I think that
it
is not just desirable, it is inevitable.
--
Tom Zander
Blog: https://zander.github.io
Vlog: https://vimeo.com/channels/tomscryptochannel
------------------------------
Message: 4
Date: Sun, 3 Sep 2017 07:19:12 +0200
Subject: Re: [bitcoin-dev] BIP49 Derivation scheme changes
Content-Type: text/plain; charset=utf-8
That is what Electrum does.
See http://docs.electrum.org/en/latest/seedphrase.html
------------------------------
Message: 5
Date: Mon, 4 Sep 2017 10:06:44 -0400
Subject: Re: [bitcoin-dev] Fwd: "Compressed" headers stream
Content-Type: text/plain; charset="us-ascii"
On Mon, Aug 28, 2017 at 05:12:15PM +0000, Gregory Maxwell via bitcoin-dev
Note that I'm already planning on OpenTimestamps having infrastructure for
trusted validity attestations; log scaling proofs alone only prove total
work,
not validity. Timestamping has all kinds of very dubious security
properties
when done via proof-of-work, due to various ways that miners can get away
with
inaccurate block times. In particular, setting a block time backwards is
something that miners can do, particularly with majority hashing power,
which
is the exact thing we're trying to prevent in a timestamp proof.
This all makes me dubious about risking further weakening of this already
weak
security with compact SPV proofs; we'd need a lot more analysis to
understand
what we're risking. Also note that we can ship a known-good
sum-merkle-tree tip hash with the software, which further reduces initial
download bandwidth needed to get the block headers on top of this obviously
safe eliding of redundant hashes.
--
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: Digital signature
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/
attachments/20170904/8be560f7/attachment-0001.sig>
------------------------------
Message: 6
Date: Mon, 4 Sep 2017 10:10:17 -0400
Discussion
Subject: Re: [bitcoin-dev] "Compressed" headers stream
Content-Type: text/plain; charset="us-ascii"
On Mon, Aug 28, 2017 at 12:26:48PM -0400, Greg Sanders via bitcoin-dev
timestamping
Timestamping can easily be *more* vulnerable to malicious miners than
financial
applications for a number of reasons, including the fact that there's no
financial feedback loop of miners destroying the value of the coins they
produce - timestamping is a non-financial piggy-back application that
doesn't
directly interact with the Bitcoin economy, beyond a trival number of
timestamp
transactions.
--
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: Digital signature
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/
attachments/20170904/818e9344/attachment.sig>
------------------------------
_______________________________________________
bitcoin-dev mailing list
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
End of bitcoin-dev Digest, Vol 28, Issue 3
******************************************

Send bitcoin-dev mailing list submissions to
To subscribe or unsubscribe via the World Wide Web, visit
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
or, via email, send a message with subject or body 'help' to
You can reach the person managing the list at
When replying, please edit your Subject line so it is more specific
than "Re: Contents of bitcoin-dev digest..."
1. Re: BIP49 Derivation scheme changes (Pavol Rusnak)
2. Re: Proposal: bip32 version bytes for segwit scripts
(Pavol Rusnak)
3. Re: BIP49 Derivation scheme changes (Thomas Voegtlin)
4. Re: Proposal: bip32 version bytes for segwit scripts (Luke Dashjr)
5. Re: Sidechain headers on mainchain (unification of
drivechains and spv proofs) (Chris Stewart)
6. Re: Proposal: bip32 version bytes for segwit scripts
(Thomas Voegtlin)
7. SF proposal: prohibit unspendable outputs with amount=0
(Jorge Tim?n)
----------------------------------------------------------------------
Message: 1
Date: Tue, 5 Sep 2017 17:41:37 +0200
Subject: Re: [bitcoin-dev] BIP49 Derivation scheme changes
Content-Type: text/plain; charset=windows-1252
I am fine with both your proposal and proposal from Thomas
({x,y,z}{pub,prv}).
Let's just decide ASAP which one we'll use.
--
Best Regards / S pozdravom,
Pavol "stick" Rusnak
CTO, SatoshiLabs
------------------------------
Message: 2
Date: Tue, 5 Sep 2017 17:44:01 +0200
Subject: Re: [bitcoin-dev] Proposal: bip32 version bytes for segwit
scripts
Content-Type: text/plain; charset=windows-1252
I used this argument for mnemonic/seed, not xpub/xprv. I am fine with
this proposal of yours, so don't worry.
--
Best Regards / S pozdravom,
Pavol "stick" Rusnak
CTO, SatoshiLabs
------------------------------
Message: 3
Date: Tue, 5 Sep 2017 18:33:00 +0200
Subject: Re: [bitcoin-dev] BIP49 Derivation scheme changes
Content-Type: text/plain; charset=utf-8
possible
mediawiki#serialization-format
I have proposed a similar idea, with letters z,y,z combined with pub/prv
(see the electrum documentation page)
The point is that we need 3 types of keys, not 2, because there are two
types of segwit output scripts: native and nested in p2sh.
We could use t,u,v for testnet.
------------------------------
Message: 4
Date: Tue, 5 Sep 2017 13:03:39 -0400
Subject: Re: [bitcoin-dev] Proposal: bip32 version bytes for segwit
scripts
Content-Type: Text/Plain; charset="iso-8859-1"
On Tuesday 05 September 2017 06:25:16 Thomas Voegtlin via bitcoin-dev
I think it makes more sense to use a child number field for this purpose.
It seems desirable to use the same seed for all different script formats...
As you note, xpub\xprv are already being used for both P2PKH and P2SH. It
really doesn't make sense to differentiate segwit specifically.
Luke
------------------------------
Message: 5
Date: Tue, 5 Sep 2017 12:06:32 -0500
Discussion
Subject: Re: [bitcoin-dev] Sidechain headers on mainchain (unification
of drivechains and spv proofs)
mail.gmail.com>
Content-Type: text/plain; charset="utf-8"
Hi ZmnSCPxj,
Basically, in case of a sidechain fork, the mainchain considers the longest
the
can
What happens in the case that the provided merkle tree hash has a invalid
transaction in it? Wouldn't this mean that the mainchain nodes would think
the longest work chain is the valid chain, and it would kill off any
consensus valid chain that sidechain miners are trying to construct? It
seems that a malicious miner could extend the chain to whatever the SPV
proof block height is and make it impossible for the chain to reorg after
that. I guess if that is a sufficiently long block waiting period it may
not be a realistic concern, but something to think about any way.
Just a side note -- I think it should be highly recommended that the
coinbase maturity period on the sidechain to be longer than 288 (or
whatever we decide on the parameter). This incentivizes the s:miners to
work together to extend the chain by working with other s:miners (otherwise
they won't be able to claim their bribes). If they do not work together
they will not be able to spend their s:coinbase_tx outputs until they
extend their own sidechain by 288 blocks meaning they need to tie up a
large amount of capital to go rogue on their fork.
Another interesting thing might be to use the OP_WITHDRAWPROOFVERIFY op
code
<https://github.com/ElementsProject/elements/blob/
elements-0.14.1/src/script/interpreter.cpp#L1420>
used in the elements project. Since the cannonical merkle root hashes are
included in the mainchain, we can provide a merkle proof to the bitcoin
blockchain to initiate a withdrawl from the sidechain. I wrote up a blog
post on how OP_WPV works here
when-transferring-coins-into-a-sidechain-with-op-withdrawproofverify-
b2f49b02ab60>.
This allows us to prove that a transaction occurred on the sidechain to
lock up those funds.
-Chris
?
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/
attachments/20170905/37b0bcbe/attachment-0001.html>
------------------------------
Message: 6
Date: Tue, 5 Sep 2017 20:09:19 +0200
Subject: Re: [bitcoin-dev] Proposal: bip32 version bytes for segwit
scripts
Content-Type: text/plain; charset=utf-8
formats...
That does not seem desirable to everybody.
If you want to guarantee that users will be able to recover all their
funds from their mnemonic seed (and that is what they expect), then
wallets must implement all script formats, even the ones that are
deprecated. In addition, the list of script formats that must be
supported is not defined in advance, but it keeps growing. This makes
wallet implementation increasingly difficult. In the long run, seed
portability is guaranteed to fail in such a system.
That's not a reason. The fact that xpub/xprv can be used for both P2PKH
and P2SH has already resulted in users receiving coins on addresses they
do not control.
------------------------------
Message: 7
Date: Tue, 5 Sep 2017 23:51:45 +0200
Subject: [bitcoin-dev] SF proposal: prohibit unspendable outputs with
amount=0
gmail.com>
Content-Type: text/plain; charset="UTF-8"
This is not a priority, not very important either.
Right now it is possible to create 0-value outputs that are spendable
and thus stay in the utxo (potentially forever). Requiring at least 1
satoshi per output doesn't really do much against a spam attack to the
utxo, but I think it would be slightly better than the current
situation.
Is there any reason or use case to keep allowing spendable outputs
with null amounts in them?
If not, I'm happy to create a BIP with its code, this should be simple.
------------------------------
_______________________________________________
bitcoin-dev mailing list
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
End of bitcoin-dev Digest, Vol 28, Issue 6
******************************************