Gregory Maxwell [ARCHIVE] on Nostr: 📅 Original date posted:2012-03-06 📝 Original message:On Fri, Mar 2, 2012 at ...
📅 Original date posted:2012-03-06
📝 Original message:On Fri, Mar 2, 2012 at 2:57 PM, Watson Ladd <wbl at uchicago.edu> wrote:
> I am proposing a new opcode for the purposes of anonymous
> transactions. This new opcode enables scripts to be given proof that
> the receiver can carry out or has carried out a previous transaction.
> I'm currently working on a paper that discusses using this opcode for
> anonymous transactions.
I believe I understand what the opcode does directly— it just
validates an opaque signautre. I don't understand how it enables
anonymous transactions.
Can you spell this out for me?
In particular I don't see why it is not, from the perspective of the
blockchain, isomorphic to a hash locked transaction. (This
equivalence is more obvious when you think about how lamport
signtures turn simple hashing into a one time signature).
📝 Original message:On Fri, Mar 2, 2012 at 2:57 PM, Watson Ladd <wbl at uchicago.edu> wrote:
> I am proposing a new opcode for the purposes of anonymous
> transactions. This new opcode enables scripts to be given proof that
> the receiver can carry out or has carried out a previous transaction.
> I'm currently working on a paper that discusses using this opcode for
> anonymous transactions.
I believe I understand what the opcode does directly— it just
validates an opaque signautre. I don't understand how it enables
anonymous transactions.
Can you spell this out for me?
In particular I don't see why it is not, from the perspective of the
blockchain, isomorphic to a hash locked transaction. (This
equivalence is more obvious when you think about how lamport
signtures turn simple hashing into a one time signature).