Pieter Wuille [ARCHIVE] on Nostr: 📅 Original date posted:2015-06-06 📝 Original message:On Sat, Jun 6, 2015 at ...
📅 Original date posted:2015-06-06
📝 Original message:On Sat, Jun 6, 2015 at 5:05 PM, Kalle Rosenbaum <kalle at rosenbaum.se> wrote:
> > What do you gain by making PoPs actually valid transactions? You could
> for
> > example change the signature hashing algorithm (prepend a constant
> string,
> > or add a second hashing step) for signing, rendering the signatures in a
> PoP
> > unusable for actual transaction, while still committing to the same
> actual
> > transaction. That would also remove the need for the OP_RETURN to catch
> > fees.
>
> The idea is to simplify implementation. Existing software can be used
> as is to sign and validate PoPs. But I do agree that it would be a
> cleaner specification if we would make the PoP invalid as a
> transaction. I'm open to changes here. I do like the idea to prepend a
> constant string. But that would require changes in transaction signing
> and validation code, wouldn't it?
>
Yes, of course. An alternative is adding a 21M BTC output at the end, or
bitflipping the txin prevout hashes, or another reversible transformation
on the transaction data that is guaranteed to invalidate it.
I think that the risk of asking people to sign something that is not an
actual transaction, but could be used as one, is very scary.
> > Also, I would call it "proof of transaction intent", as it's a
> commitment to
> > a transaction and proof of its validity, but not a proof that an actual
> > transaction took place, nor a means to prevent it from being double
> spent.
>
>
> Naming is hard. I think a simpler name that explains what its main
> purpose is (prove that you paid for something) is better than a name
> that exactly tries to explain what it is.
"Proof of Payment" indeed does make me think it's something that proves you
paid. But as described, that is not what a PoP does. It proves the ability
to create a particular transaction, and committing to it. There is no
actual payment involved (plus, payment makes me think you're talking about
BIP70 payments, not simple Bitcoin transactions).
> "Proof of transaction
> intent" does not help me understand what this is about. But I would
> like to see more name suggestions. The name does not prevent people
> from using it for other purposes, ie internet over telephone network.
>
I don't understand why something like "Proof of Transaction Intent" would
be incompatible with internet over telephone network either...
--
Pieter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150606/f9b9daa2/attachment.html>;
📝 Original message:On Sat, Jun 6, 2015 at 5:05 PM, Kalle Rosenbaum <kalle at rosenbaum.se> wrote:
> > What do you gain by making PoPs actually valid transactions? You could
> for
> > example change the signature hashing algorithm (prepend a constant
> string,
> > or add a second hashing step) for signing, rendering the signatures in a
> PoP
> > unusable for actual transaction, while still committing to the same
> actual
> > transaction. That would also remove the need for the OP_RETURN to catch
> > fees.
>
> The idea is to simplify implementation. Existing software can be used
> as is to sign and validate PoPs. But I do agree that it would be a
> cleaner specification if we would make the PoP invalid as a
> transaction. I'm open to changes here. I do like the idea to prepend a
> constant string. But that would require changes in transaction signing
> and validation code, wouldn't it?
>
Yes, of course. An alternative is adding a 21M BTC output at the end, or
bitflipping the txin prevout hashes, or another reversible transformation
on the transaction data that is guaranteed to invalidate it.
I think that the risk of asking people to sign something that is not an
actual transaction, but could be used as one, is very scary.
> > Also, I would call it "proof of transaction intent", as it's a
> commitment to
> > a transaction and proof of its validity, but not a proof that an actual
> > transaction took place, nor a means to prevent it from being double
> spent.
>
>
> Naming is hard. I think a simpler name that explains what its main
> purpose is (prove that you paid for something) is better than a name
> that exactly tries to explain what it is.
"Proof of Payment" indeed does make me think it's something that proves you
paid. But as described, that is not what a PoP does. It proves the ability
to create a particular transaction, and committing to it. There is no
actual payment involved (plus, payment makes me think you're talking about
BIP70 payments, not simple Bitcoin transactions).
> "Proof of transaction
> intent" does not help me understand what this is about. But I would
> like to see more name suggestions. The name does not prevent people
> from using it for other purposes, ie internet over telephone network.
>
I don't understand why something like "Proof of Transaction Intent" would
be incompatible with internet over telephone network either...
--
Pieter
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150606/f9b9daa2/attachment.html>;