Rusty Russell [ARCHIVE] on Nostr: 📅 Original date posted:2022-02-16 📝 Original message:Jeremy Rubin ...
📅 Original date posted:2022-02-16
📝 Original message:Jeremy Rubin <jeremy.l.rubin at gmail.com> writes:
> Hi Rusty,
>
> Please see my post in the other email thread
> https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-February/019886.html
>
> The differences in this regard are several, and worth understanding beyond
> "you can iterate CTV". I'd note a few clear examples for showing that "CTV
> is just as powerful" is not a valid claim:
>
> 1) CTV requires the contract to be fully enumerated and is non-recursive.
> For example, a simple contract that allows n participants to take an action
> in any order requires factorially many pre-computations, not just linear or
> constant. For reference, 24! is about 2**80. Whereas for a more
> interpretive covenant -- which is often introduced with the features for
> recursion -- you can compute the programs for these addresses in constant
> time.
> 2) CTV requires the contract to be fully enumerated: For example, a simple
> contract one could write is "Output 0 script matches Output 1", and the set
> of outcomes is again unbounded a-priori. With CTV you need to know the set
> of pairs you'd like to be able to expand to a-priori
> 3) Combining 1 and 2, you could imagine recursing on an open-ended thing
> like creating many identical outputs over time but not constraining what
> those outputs are. E.g., Output 0 matches Input 0, Output 1 matches Output
> 2.
Oh agreed. It was distinction of "recursive" vs "not recursive" which
was less useful in this context.
"limited to complete enumeration" is the more useful distinction: it's a
bright line between CTV and TXHASH IMHO.
> I'll close by repeating : Whether that [the recursive/open ended
> properties] is an issue or not precluding this sort of design or not, I
> defer to others.
Yeah. There's been some feeling that complex scripting is bad, because
people can lose money (see the various attempts to defang
SIGHASH_NOINPUT). I reject that; since script exists, we've crossed the
Rubicon, so let's make the tools as clean and clear as we can.
Cheers!
Rusty.
📝 Original message:Jeremy Rubin <jeremy.l.rubin at gmail.com> writes:
> Hi Rusty,
>
> Please see my post in the other email thread
> https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-February/019886.html
>
> The differences in this regard are several, and worth understanding beyond
> "you can iterate CTV". I'd note a few clear examples for showing that "CTV
> is just as powerful" is not a valid claim:
>
> 1) CTV requires the contract to be fully enumerated and is non-recursive.
> For example, a simple contract that allows n participants to take an action
> in any order requires factorially many pre-computations, not just linear or
> constant. For reference, 24! is about 2**80. Whereas for a more
> interpretive covenant -- which is often introduced with the features for
> recursion -- you can compute the programs for these addresses in constant
> time.
> 2) CTV requires the contract to be fully enumerated: For example, a simple
> contract one could write is "Output 0 script matches Output 1", and the set
> of outcomes is again unbounded a-priori. With CTV you need to know the set
> of pairs you'd like to be able to expand to a-priori
> 3) Combining 1 and 2, you could imagine recursing on an open-ended thing
> like creating many identical outputs over time but not constraining what
> those outputs are. E.g., Output 0 matches Input 0, Output 1 matches Output
> 2.
Oh agreed. It was distinction of "recursive" vs "not recursive" which
was less useful in this context.
"limited to complete enumeration" is the more useful distinction: it's a
bright line between CTV and TXHASH IMHO.
> I'll close by repeating : Whether that [the recursive/open ended
> properties] is an issue or not precluding this sort of design or not, I
> defer to others.
Yeah. There's been some feeling that complex scripting is bad, because
people can lose money (see the various attempts to defang
SIGHASH_NOINPUT). I reject that; since script exists, we've crossed the
Rubicon, so let's make the tools as clean and clear as we can.
Cheers!
Rusty.