ZmnSCPxj [ARCHIVE] on Nostr: 📅 Original date posted:2018-05-04 📝 Original message: Good morning Carsten, > > ...
📅 Original date posted:2018-05-04
📝 Original message:
Good morning Carsten,
> > The setup transaction is simply a transaction that spends some funds and
> >
> > creates a single output, which has the script from Figure 2, but since
> >
> > that would be a forward reference, I decided to handwave and call it a
> >
> > multisig. A simple fix would be to change the setup phase bullet point
> >
> > at the beginning of section 3, would that be sufficient?
>
> A first clarification, which just regards the naming, would be to use
>
> just one of "setup transaction" and "funding transaction".
Calling it "funding transaction" is my fault, as I prefer that term since it matches in spirit the funding transaction in LN-penalty (Poon-Dryja).
> The symbol
>
> T_{u,0} is only used once, on page 6. I'd either remove it, or used it
>
> in other places (Fig. 1?), too.
>
> Without your mail (thanks!) I did not see that the setup transaction
>
> output is complicated (has branches) as shown in Fig. 2. A clarification
>
> at the named bullet point would indeed help (although I see the issue of
>
> forward references).
>
> One idea (just to get my idea across, I'm sure you can do better):
>
> old: "to a 2-of-2 multisig address"
>
> new: "to a script making use of 2-of-2 multisig"
Note, that when we add the trigger transaction later in the paper, the funding transaction output becomes an ordinary 2-of-2 multisig address. The complex script becomes relegated to the output of the trigger transaction.
So in the final design of eltoo, the funding transaction output is indeed a 2-of-2 multisig.
This is useful as the mutual close transaction (what the paper calls a "final settlement" transaction) just spends an ordinary 2-of-2 multisig and thus has a greater anonymity set, i.e. it prevents blockchain analysis from realizing that it was actually a channel (unless, of course, it was also tracking gossip from LN).
>
> > If instead of calling it a multisig we call it a multiparty output and
> >
> > reference the script in Figure 2, that'd be addressed as well.
>
> I agree.
>
> > Well, it has arbitrary inputs, and a single output with the script from
> >
> > Figure 2, in the non-trigger case, and in the trigger case it'd be just
> >
> > a `2 A B 2 OP_CMSV`.
>
> Got it. Follow up question: would a second output (change) be OK? I see
>
> some advantages, but I'm not sure if it would work.
Yes, it definitely would be OK. In fact, it is good to talk about funding outpoints rather than funding transactions. It is possible for a single Bitcoin transaction to serve as an anchor for several channels at once, and the BOLT spec supports this (but I know of no implementation that actually implements this). Basically, the funding outpoint is some transaction output that pays to a 2-of-2 multisig and which will be spent using some offchain mechanism, or a mutual close transaction --- this is what I call the "funding transaction pattern".
Regards,
ZmnSCPxj
>
> Thanks
>
> Carsten
>
>
> -------------------------------------------------------------------------------------------------------------------------------------------------
>
> andrena objects ag
>
> Ganghoferstraße 70
>
> 80339 München
>
> http://www.andrena.de
>
> Vorstand: Hagen Buchwald, Dr. Dieter Kuhn, Stefan Schürle
>
> Aufsichtsratsvorsitzender: Rolf Hetzelberger
>
> Sitz der Gesellschaft: Karlsruhe
>
> Amtsgericht Mannheim, HRB 109694
>
> USt-IdNr. DE174314824
>
> Bitte beachten Sie auch unsere anstehenden Veranstaltungen:
>
> http://www.andrena.de/events
📝 Original message:
Good morning Carsten,
> > The setup transaction is simply a transaction that spends some funds and
> >
> > creates a single output, which has the script from Figure 2, but since
> >
> > that would be a forward reference, I decided to handwave and call it a
> >
> > multisig. A simple fix would be to change the setup phase bullet point
> >
> > at the beginning of section 3, would that be sufficient?
>
> A first clarification, which just regards the naming, would be to use
>
> just one of "setup transaction" and "funding transaction".
Calling it "funding transaction" is my fault, as I prefer that term since it matches in spirit the funding transaction in LN-penalty (Poon-Dryja).
> The symbol
>
> T_{u,0} is only used once, on page 6. I'd either remove it, or used it
>
> in other places (Fig. 1?), too.
>
> Without your mail (thanks!) I did not see that the setup transaction
>
> output is complicated (has branches) as shown in Fig. 2. A clarification
>
> at the named bullet point would indeed help (although I see the issue of
>
> forward references).
>
> One idea (just to get my idea across, I'm sure you can do better):
>
> old: "to a 2-of-2 multisig address"
>
> new: "to a script making use of 2-of-2 multisig"
Note, that when we add the trigger transaction later in the paper, the funding transaction output becomes an ordinary 2-of-2 multisig address. The complex script becomes relegated to the output of the trigger transaction.
So in the final design of eltoo, the funding transaction output is indeed a 2-of-2 multisig.
This is useful as the mutual close transaction (what the paper calls a "final settlement" transaction) just spends an ordinary 2-of-2 multisig and thus has a greater anonymity set, i.e. it prevents blockchain analysis from realizing that it was actually a channel (unless, of course, it was also tracking gossip from LN).
>
> > If instead of calling it a multisig we call it a multiparty output and
> >
> > reference the script in Figure 2, that'd be addressed as well.
>
> I agree.
>
> > Well, it has arbitrary inputs, and a single output with the script from
> >
> > Figure 2, in the non-trigger case, and in the trigger case it'd be just
> >
> > a `2 A B 2 OP_CMSV`.
>
> Got it. Follow up question: would a second output (change) be OK? I see
>
> some advantages, but I'm not sure if it would work.
Yes, it definitely would be OK. In fact, it is good to talk about funding outpoints rather than funding transactions. It is possible for a single Bitcoin transaction to serve as an anchor for several channels at once, and the BOLT spec supports this (but I know of no implementation that actually implements this). Basically, the funding outpoint is some transaction output that pays to a 2-of-2 multisig and which will be spent using some offchain mechanism, or a mutual close transaction --- this is what I call the "funding transaction pattern".
Regards,
ZmnSCPxj
>
> Thanks
>
> Carsten
>
>
> -------------------------------------------------------------------------------------------------------------------------------------------------
>
> andrena objects ag
>
> Ganghoferstraße 70
>
> 80339 München
>
> http://www.andrena.de
>
> Vorstand: Hagen Buchwald, Dr. Dieter Kuhn, Stefan Schürle
>
> Aufsichtsratsvorsitzender: Rolf Hetzelberger
>
> Sitz der Gesellschaft: Karlsruhe
>
> Amtsgericht Mannheim, HRB 109694
>
> USt-IdNr. DE174314824
>
> Bitte beachten Sie auch unsere anstehenden Veranstaltungen:
>
> http://www.andrena.de/events