Jeremy Rubin [ARCHIVE] on Nostr: 📅 Original date posted:2022-02-02 📝 Original message:This meeting was held ...
📅 Original date posted:2022-02-02
📝 Original message:This meeting was held January 25th, 2022. The meeting logs are available
https://gnusha.org/ctv-bip-review/2022-01-25.log
Please review the agenda in conjunction with the notes:
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-January/019807.html
Feel free to make any corrections if I did not summarize accurately.
The next meeting is next Tuesday at 12:00 PT. I will attempt to circulate a
pre-meeting agenda draft shortly.
Best,
Jeremy
*Bug Bounty Update:*
1. Basic Rules set, working to formalize the program.
2. It turns out that 1 person allocating ~$10k is easy, a multi
stakeholder organization requires more formality.
3. 501c3 status / tax deducitbility available.
4. See here for more details:
https://docs.google.com/document/d/1pN6YzQ6HlR8t_-ZZoEdTegt88w6gJzCkcA_a4IXpKAo/edit
5. Rules still subject to change, but issues found under the current
descriptions awarded in good faith by me/Ariel for now.
*Notes from Feedback Review:*
*Luke's Feedback:*
1. Sentiment that activation / CTV should be discussed somewhat
separately.
2. Sentiment that having more clear cut use cases is good, no agreement
about what venue / type of document those should be (no disagreement really
either, just that BIPs might be too formal, but blog posts might not be
formal enough).
*James' Feedback:*
1. Sentiment that a minor slowdown isn't problematic, we've done it
before for other precomputations.
2. James was to spend a bit more time on benchmarking in a more modern
segment of the chain (the range he used was slightly irrelevant given low
segwit adoption period).
3. *After meeting: James' shows updates for CTV don't cause any notable
slowdown for current chain segments.*
*Peter's Feedback:*
1. Denial-of-Service concerns seem largely addressed.
2. Comment on tests was a result of reviewing outdated branch, not PR.
3. Main feedback that "sticks" is wanting more use cases to be more clear
I've seen some reviews that almost run into a kind of paradox of choice and
> are turned off by all the different potential applications. This isn't
> necessarily a bad thing. As we've seen with Taproot and now even CTV with
> the DLC post, there are going to be use cases and standards nobody's
> thought of yet, but having them out there all at once can be difficult for
> some to digest
*Sapio*
1. Sapio can be used today, without CTV.
2. Main change with CTV is more "non-interactivity".
3. Need for a more descriptive terms than "non-interactive", e.g.,
"asynchronous non-blocking", "independently verifiable", "non-stallable".
4. Composability is cool, but people aren't doing that much composable
stuff anyways so it's probably under-appreciated.
*Vaults*
1. Very strong positive sentiment for Vaults.
2. CTV eliminates "toxic waste" from the setup of vaults with pre-signed
txns / requirement for a RNG.
3. CTV/Sapio composability makes vaults somewhat "BIP Resistant" because
vaults could be customized heavily per user, depending on needs.
4. CPFP for smart contracts is in not the best state, improving
CPFP/Package relay important for these designs.
5. The ability to *prove* vaults constructed correctly w/o toxic waste,
e.g., 30 years later, is pretty important for high security uses (as
opposed to assume w/ presigned).
6. More flexible vaults (e.g., withdraw up to X amount per step v.s.
fixed X per step) are desirable, but can be emulated by withdrawing X and
sending it somewhere else (e.g. another vault) without major loss of
security properties or network load -- more flexible vault covenants have
greater space/validation costs v.s. simpler CTV ones.
*Congestion Control*
1. Sentiments shared that no one really cares about this issue and it's
bad marketing.
2. Layer 2 to 1 Index "21i" which is how long for a L2 (sidechain,
exchange, mining pools, etc) to clear all liabilities to end users (CTV
improves this to 1 block, currently clearing out and Exchange could take
weeks and also trigger "thundering herd" behaviors whereby if the expected
time to withdraw becomes too long, you then also need to withdraw).
3. Anecdotally, Exchanges seem less interested in congestion control,
Mining Pools and Lightning Channel openers seem more into it.
Main Issues & Answers:
Q: wallet complexity?
A: Wallets largely already need to understand most of the logic for CTV,
should they be rational
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-January/019756.html
Q: uses more space overall
A: Doesn't use more space than existing incentive compatible behavior on
how you might split up txns already, and even if it did, it's a small
constant factor more. See https://utxos.org/analysis/batching_sim/ for more
analysis.
Q: block space is cheap right now, why do we need this?
A: we do not want or expect blockspace to be cheap in the future, we should
plan for that outcome.
Q: What might adoption look like for businesses / how required is their
adoption?
A: Users can request payouts into their own CTV-trees w/o exchanges
knowing. Exchanges do stand to benefit from this, so they might. They will
need to pick a SLA for users to receive until wallet software "catches up"
a bit more. SLA's and a gradual low-change path for changing industry norms
discussed more in https://stephanlivera.com/episode/339/
Q (unanswered): Can we show that CTV is the optimal congestion control?
What else might work?
*Payment Pools*
1. Basically a Congestion Control + Cooperative Close.
2. Compose with Channels as leaf nodes.
3. CoinJoins can be done into payment pools.
4. There are some high level design questions to ask of any payment pool
design (see minutes), CTV seems to have OK tradeoffs.
5. What is the "Dunbar's Number" for how big pools could be? If it's 10
users, different design tradeoffs can be made than if it is 100.
6. More study to be needed on fund availability tradeoffs between having
1 Pool of size O(M) per user, N pools per user of size O(G), etc.
7. CTV Pools particularly seem suited for participant privacy compared
to other proposals which require all parties knowing all balances for all
other parties to be secure.
8. Need to better model/discuss alternatives and costs of
failure scenarios, e.g. 1 Failure in a TLUV model could mean O(N log N)
chainload, unless you precommit to paths for every 1 failure case, 2
failure case, etc, which then blows up the costs of each transaction in the
unilateral withdraw case. CTV Pools, being simpler have a bit more
"symmetry" in kickout costs v.s. unilateral withdrawal.
*General Discussion:*
1. Template covenants via APO can be made similar cost to CTV with the
addition of OP_GENERATOR (pushes G to the stack) and OP_CAT via `<half
sig> OP_G OP_CAT 0x01 OP_G OP_CAT CHECKSIG`, or without CAT by allowing
checksig to read R and S separately and getting rid of APO 0x01 prefix tags.
--
@JeremyRubin <https://twitter.com/JeremyRubin>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20220202/4eb51ab2/attachment-0001.html>
📝 Original message:This meeting was held January 25th, 2022. The meeting logs are available
https://gnusha.org/ctv-bip-review/2022-01-25.log
Please review the agenda in conjunction with the notes:
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-January/019807.html
Feel free to make any corrections if I did not summarize accurately.
The next meeting is next Tuesday at 12:00 PT. I will attempt to circulate a
pre-meeting agenda draft shortly.
Best,
Jeremy
*Bug Bounty Update:*
1. Basic Rules set, working to formalize the program.
2. It turns out that 1 person allocating ~$10k is easy, a multi
stakeholder organization requires more formality.
3. 501c3 status / tax deducitbility available.
4. See here for more details:
https://docs.google.com/document/d/1pN6YzQ6HlR8t_-ZZoEdTegt88w6gJzCkcA_a4IXpKAo/edit
5. Rules still subject to change, but issues found under the current
descriptions awarded in good faith by me/Ariel for now.
*Notes from Feedback Review:*
*Luke's Feedback:*
1. Sentiment that activation / CTV should be discussed somewhat
separately.
2. Sentiment that having more clear cut use cases is good, no agreement
about what venue / type of document those should be (no disagreement really
either, just that BIPs might be too formal, but blog posts might not be
formal enough).
*James' Feedback:*
1. Sentiment that a minor slowdown isn't problematic, we've done it
before for other precomputations.
2. James was to spend a bit more time on benchmarking in a more modern
segment of the chain (the range he used was slightly irrelevant given low
segwit adoption period).
3. *After meeting: James' shows updates for CTV don't cause any notable
slowdown for current chain segments.*
*Peter's Feedback:*
1. Denial-of-Service concerns seem largely addressed.
2. Comment on tests was a result of reviewing outdated branch, not PR.
3. Main feedback that "sticks" is wanting more use cases to be more clear
I've seen some reviews that almost run into a kind of paradox of choice and
> are turned off by all the different potential applications. This isn't
> necessarily a bad thing. As we've seen with Taproot and now even CTV with
> the DLC post, there are going to be use cases and standards nobody's
> thought of yet, but having them out there all at once can be difficult for
> some to digest
*Sapio*
1. Sapio can be used today, without CTV.
2. Main change with CTV is more "non-interactivity".
3. Need for a more descriptive terms than "non-interactive", e.g.,
"asynchronous non-blocking", "independently verifiable", "non-stallable".
4. Composability is cool, but people aren't doing that much composable
stuff anyways so it's probably under-appreciated.
*Vaults*
1. Very strong positive sentiment for Vaults.
2. CTV eliminates "toxic waste" from the setup of vaults with pre-signed
txns / requirement for a RNG.
3. CTV/Sapio composability makes vaults somewhat "BIP Resistant" because
vaults could be customized heavily per user, depending on needs.
4. CPFP for smart contracts is in not the best state, improving
CPFP/Package relay important for these designs.
5. The ability to *prove* vaults constructed correctly w/o toxic waste,
e.g., 30 years later, is pretty important for high security uses (as
opposed to assume w/ presigned).
6. More flexible vaults (e.g., withdraw up to X amount per step v.s.
fixed X per step) are desirable, but can be emulated by withdrawing X and
sending it somewhere else (e.g. another vault) without major loss of
security properties or network load -- more flexible vault covenants have
greater space/validation costs v.s. simpler CTV ones.
*Congestion Control*
1. Sentiments shared that no one really cares about this issue and it's
bad marketing.
2. Layer 2 to 1 Index "21i" which is how long for a L2 (sidechain,
exchange, mining pools, etc) to clear all liabilities to end users (CTV
improves this to 1 block, currently clearing out and Exchange could take
weeks and also trigger "thundering herd" behaviors whereby if the expected
time to withdraw becomes too long, you then also need to withdraw).
3. Anecdotally, Exchanges seem less interested in congestion control,
Mining Pools and Lightning Channel openers seem more into it.
Main Issues & Answers:
Q: wallet complexity?
A: Wallets largely already need to understand most of the logic for CTV,
should they be rational
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-January/019756.html
Q: uses more space overall
A: Doesn't use more space than existing incentive compatible behavior on
how you might split up txns already, and even if it did, it's a small
constant factor more. See https://utxos.org/analysis/batching_sim/ for more
analysis.
Q: block space is cheap right now, why do we need this?
A: we do not want or expect blockspace to be cheap in the future, we should
plan for that outcome.
Q: What might adoption look like for businesses / how required is their
adoption?
A: Users can request payouts into their own CTV-trees w/o exchanges
knowing. Exchanges do stand to benefit from this, so they might. They will
need to pick a SLA for users to receive until wallet software "catches up"
a bit more. SLA's and a gradual low-change path for changing industry norms
discussed more in https://stephanlivera.com/episode/339/
Q (unanswered): Can we show that CTV is the optimal congestion control?
What else might work?
*Payment Pools*
1. Basically a Congestion Control + Cooperative Close.
2. Compose with Channels as leaf nodes.
3. CoinJoins can be done into payment pools.
4. There are some high level design questions to ask of any payment pool
design (see minutes), CTV seems to have OK tradeoffs.
5. What is the "Dunbar's Number" for how big pools could be? If it's 10
users, different design tradeoffs can be made than if it is 100.
6. More study to be needed on fund availability tradeoffs between having
1 Pool of size O(M) per user, N pools per user of size O(G), etc.
7. CTV Pools particularly seem suited for participant privacy compared
to other proposals which require all parties knowing all balances for all
other parties to be secure.
8. Need to better model/discuss alternatives and costs of
failure scenarios, e.g. 1 Failure in a TLUV model could mean O(N log N)
chainload, unless you precommit to paths for every 1 failure case, 2
failure case, etc, which then blows up the costs of each transaction in the
unilateral withdraw case. CTV Pools, being simpler have a bit more
"symmetry" in kickout costs v.s. unilateral withdrawal.
*General Discussion:*
1. Template covenants via APO can be made similar cost to CTV with the
addition of OP_GENERATOR (pushes G to the stack) and OP_CAT via `<half
sig> OP_G OP_CAT 0x01 OP_G OP_CAT CHECKSIG`, or without CAT by allowing
checksig to read R and S separately and getting rid of APO 0x01 prefix tags.
--
@JeremyRubin <https://twitter.com/JeremyRubin>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20220202/4eb51ab2/attachment-0001.html>