Gregory Maxwell [ARCHIVE] on Nostr: 📅 Original date posted:2018-05-23 📝 Original message:On Wed, May 23, 2018 at ...
📅 Original date posted:2018-05-23
📝 Original message:On Wed, May 23, 2018 at 10:06 PM, Natanael via bitcoin-dev
<bitcoin-dev at lists.linuxfoundation.org> wrote:
> Consider for example a P2SH address for some fund, where you create a
> transaction in advance. Even if the parties involved in signing the
> transaction would agree (collude), the original intent of this particular
> P2SH address may be to hold the fund accountable by enforcing some given
> rules by script. To be able to circumvent the rules could break the purpose
> of the fund.
I am having a bit of difficulty understanding your example.
If graftroot were possible it would mean that the funds were paid to a
public key. That holder(s) of the corresponding private key could
sign without constraint, and so the accoutability you're expecting
wouldn't exist there regardless of graftroot.
I think maybe your example is only making the case that it should be
possible to send funds constrained by a script without a public key
ever existing at all. If so, I agree-- but that wasn't the question
here as I understood it.
📝 Original message:On Wed, May 23, 2018 at 10:06 PM, Natanael via bitcoin-dev
<bitcoin-dev at lists.linuxfoundation.org> wrote:
> Consider for example a P2SH address for some fund, where you create a
> transaction in advance. Even if the parties involved in signing the
> transaction would agree (collude), the original intent of this particular
> P2SH address may be to hold the fund accountable by enforcing some given
> rules by script. To be able to circumvent the rules could break the purpose
> of the fund.
I am having a bit of difficulty understanding your example.
If graftroot were possible it would mean that the funds were paid to a
public key. That holder(s) of the corresponding private key could
sign without constraint, and so the accoutability you're expecting
wouldn't exist there regardless of graftroot.
I think maybe your example is only making the case that it should be
possible to send funds constrained by a script without a public key
ever existing at all. If so, I agree-- but that wasn't the question
here as I understood it.