ZmnSCPxj [ARCHIVE] on Nostr: 📅 Original date posted:2018-11-16 📝 Original message: Good morning Rusty, > > > ...
📅 Original date posted:2018-11-16
📝 Original message:
Good morning Rusty,
> > > I apologize that this wasn't fleshed out before the summit, but I
> > > overestimated the power of Scriptless Scripts so had mentally deferred
> > > this.
> >
> > My understanding is that SS is as powerful as we thought, at least for some of the applications we were hoping to use it for.
> > However, implementing SS is hard without Schnorr, because script magic with `OP_CODESEPARATOR` is magic, and we essentially stalled out and said "maybe wait for Schnorr instead".
>
> No, we don't get static invoices. That was my hope; that we could do
> static invoicing without an extra interaction.
At first I thought it was possible, but on reflection, you are correct.
We need some way for the payee to dynamically provide a new payment hash (or payment point under SS).
This is because our proof-of-payment essentially means the payer learns a secret.
So we cannot commit to a fixed secret if we want the static invoice to be shareable among multiple payers.
So the payee does need to generate new secrets each time it wants to be paid, and give a unique secret to the payer as separate unique proofs-of-payment.
Regards,
ZmnSCPxj
📝 Original message:
Good morning Rusty,
> > > I apologize that this wasn't fleshed out before the summit, but I
> > > overestimated the power of Scriptless Scripts so had mentally deferred
> > > this.
> >
> > My understanding is that SS is as powerful as we thought, at least for some of the applications we were hoping to use it for.
> > However, implementing SS is hard without Schnorr, because script magic with `OP_CODESEPARATOR` is magic, and we essentially stalled out and said "maybe wait for Schnorr instead".
>
> No, we don't get static invoices. That was my hope; that we could do
> static invoicing without an extra interaction.
At first I thought it was possible, but on reflection, you are correct.
We need some way for the payee to dynamically provide a new payment hash (or payment point under SS).
This is because our proof-of-payment essentially means the payer learns a secret.
So we cannot commit to a fixed secret if we want the static invoice to be shareable among multiple payers.
So the payee does need to generate new secrets each time it wants to be paid, and give a unique secret to the payer as separate unique proofs-of-payment.
Regards,
ZmnSCPxj