[bitcoin-dev] Single signature for all transactions in a block?

Discussion:

CANNON via bitcoin-dev

2017-12-31 23:39:17 UTC

I had a question relating to scaling and privacy enhancements.
I believe that segwit combined with aggregated signatures
and coinjoin can potentially achieve such. The idea is to
use aggregated signatures in conjunction with coinjoin. So
that all inputs of a coinjoin transaction would have a single
signature vastly decreasing size while having privacy at the
same time. If majority of transactions in a block did this I
assume that significant more transactions could be fit into a
block? However the question I have, with the extra blockspace
made possible by segwit, is this extra blockspace limited to only
witness data or can it be used for transaction data such as the
scenario I have described here?

- --
Cannon
PGP Fingerprint: 2BB5 15CD 66E7 4E28 45DC 6494 A5A2 2879 3F06 E832
Email: ***@cannon-ciota.info

NOTICE: ALL EMAIL CORRESPONDENCE NOT SIGNED/ENCRYPTED WITH PGP SHOULD
BE CONSIDERED POTENTIALLY FORGED, AND NOT PRIVATE.

Bryan Bishop via bitcoin-dev

2017-12-31 23:46:57 UTC

Permalink

On Sun, Dec 31, 2017 at 5:39 PM, CANNON via bitcoin-dev <

Post by CANNON via bitcoin-dev
I had a question relating to scaling and privacy enhancements.
I believe that segwit combined with aggregated signatures
and coinjoin can potentially achieve such. The idea is to
use aggregated signatures in conjunction with coinjoin. So
that all inputs of a coinjoin transaction would have a single
signature vastly decreasing size while having privacy at the
same time. If majority of transactions in a block did this I
assume that significant more transactions could be fit into a
block?

Here are some resources to read regarding signature aggregation and
scalability:

https://diyhpl.us/wiki/transcripts/bitcoin-core-dev-tech/2017-09-06-signature-aggregation/
https://diyhpl.us/wiki/transcripts/gmaxwell-2017-08-28-deep-dive-bitcoin-core-v0.15/#signature-aggregation
https://diyhpl.us/wiki/transcripts/scalingbitcoin/milan/schnorr-signatures/
https://bitcoincore.org/en/2017/03/23/schnorr-signature-aggregation/
https://bitcointalk.org/index.php?topic=1377298.0
https://bitcoincore.org/logs/2016-05-zurich-meeting-notes.html
https://github.com/sipa/secp256k1/blob/968e2f415a5e764d159ee03e95815ea11460854e/src/modules/schnorr/schnorr.md
https://diyhpl.us/wiki/transcripts/2016-july-bitcoin-developers-miners-meeting/dan-boneh/

- Bryan
http://heybryan.org/
1 512 203 0507

Rhavar via bitcoin-dev

2017-12-31 23:49:15 UTC

Permalink

The key to understanding how it works is to stop thinking in terms of a block size limit, but rather a block weight limit. 1 byte of witness data counts as 1 weight, the rest counts for 4 weight. A block must be less than 4 million weight. There's no separate limits at all, so any saving in the witness space (e.g. through signature aggregation) is useful for both witness/non-witness data.

-Ryan

-------- Original Message --------
Subject: [bitcoin-dev] Single signature for all transactions in a block?
Local Time: December 31, 2017 5:39 PM
UTC Time: December 31, 2017 11:39 PM
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
I had a question relating to scaling and privacy enhancements.
I believe that segwit combined with aggregated signatures
and coinjoin can potentially achieve such. The idea is to
use aggregated signatures in conjunction with coinjoin. So
that all inputs of a coinjoin transaction would have a single
signature vastly decreasing size while having privacy at the
same time. If majority of transactions in a block did this I
assume that significant more transactions could be fit into a
block? However the question I have, with the extra blockspace
made possible by segwit, is this extra blockspace limited to only
witness data or can it be used for transaction data such as the
scenario I have described here?
---------------------------------------------------------------
Cannon
PGP Fingerprint: 2BB5 15CD 66E7 4E28 45DC 6494 A5A2 2879 3F06 E832
NOTICE: ALL EMAIL CORRESPONDENCE NOT SIGNED/ENCRYPTED WITH PGP SHOULD
BE CONSIDERED POTENTIALLY FORGED, AND NOT PRIVATE.
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJaSXSNAAoJEAYDai9lH2mwRy4QAMqhl6UWNqRy7ziDuxukm+nZ
jWtjyc8G38b9r9Nya13/GslHWeEDdSmma6e7afFMVX1y9Qj+t0EZDJVlMMy8JRZr
zDmSdXDxStNv6T+L3NVbSOBhdP+1MpcsvAAs3yd0Nl5cxfBF87ArHlXMbTLJF86S
1gijI4pg3x83tDg/Di6gf9BHk2oXGDc4vraF6LsMDTfQmp7S8pivnswaaEyb6etH
39ei6L3wkV7LvTmA2onCAB8vZtTuARhNuLTYSPfH5LAC4hha2bOCXci3p4Mz4qh3
U4LqUnuYVR8nYOFFsrfhKggN3kptVWhrbDAoHR2fLoYDmfbMkqUdyjdmmc2Rvlgm
eMJvpG91dYb+Q6JqTrar6DH+XSvoOVSWnBLe8Uwf4AnzGxMUpkTDzkyaBxGq4K1u
Vv2Yg808KwA47MKKpvKSckB350YAq9Cr276Lq/giUrxmS1gOyDKDjm1e3yFLM+6d
NancAwgnp17q43FwSX44cT0ISxk9USnWVhaKDQjSGK8MnirkZ1vuu2SshEW1AVhm
44Bt5nQdLmJDw7rqwkjv66sxofXvmCAnPD+p4yiVyfLNZ7OKw6XNcKm3zKAch2Fy
fefWbZnw0yEA3IhNPiMZOSv/YnwTtfzpFUNuTCtLehs+3Xkp0bl72JDz0HRVYbHM
RbsrLp60rD5kuJBq5dl7
=3gku
-----END PGP SIGNATURE-----
---------------------------------------------------------------
bitcoin-dev mailing list
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev