bgroff at lavabit.com [ARCHIVE] on Nostr: 📅 Original date posted:2011-08-26 🗒️ Summary of this message: Gavin Andresen ...
📅 Original date posted:2011-08-26
🗒️ Summary of this message: Gavin Andresen proposes a new Bitcoin script that allows for more complex transactions, but there are concerns about a bug in CHECKMULTISIG and the necessity of some of the proposed cases.
📝 Original message:"Gavin Andresen" <gavinandresen at gmail.com> wrote:
> I wanted to talk about it now so there is rough consensus on what to
> put on the road map, and to get as many smart brains looking at the
> proposal and making it as good as possible. Current proposal is at:
> https://gist.github.com/39158239e36f6af69d6f
>
> I have two issues with it:
>
> 1) groffer reports that there's a bug in CHECKMULTISIG (pops too many
> arguments off the stack), so perhaps we should avoid using it at all.
> Fixing the bug would change its behavior, and is not an option because
> that would cause a blockchain split. We absolutely need unit tests and
> better documentation for how CHECKMULTISIG behaves (perhaps it is
> working as intended, and Satoshi just messed up the description of
> what it does in the comment).
>
> 2) How often will the 1-of-3 and 3-of-3 cases be used? I included them
> just for completeness, but perhaps they should be dropped for now so
> there is less code to write and test. I just don't imagine there are
> many cases where you have exactly three parties and 1-of-3 or 3-of-3
> are required to spend.
Here are some additional use cases:
* Long term lock funds, requiring signatures from 2 officers of a company
to disburse (2 of n for n between 3 and 20)
* Short term lock funds, with 2-factor auth to disburse and an additional
2 of n backup in case one of the factors is lost (2-of-2 OR 2-of-n)
* "Escrow" with the the two parties having to agree or one of two backup
observers helping in case of disagreement (2-of-2 OR 2-of-3 OR 2-of-3)
* An options contract where the outcome is triggered by a key being
broadcast: (Ks AND K1) OR (Kr AND K2) - s gets control of funds if K1 is
broadcast, r gets control if K2 is broadcast.
🗒️ Summary of this message: Gavin Andresen proposes a new Bitcoin script that allows for more complex transactions, but there are concerns about a bug in CHECKMULTISIG and the necessity of some of the proposed cases.
📝 Original message:"Gavin Andresen" <gavinandresen at gmail.com> wrote:
> I wanted to talk about it now so there is rough consensus on what to
> put on the road map, and to get as many smart brains looking at the
> proposal and making it as good as possible. Current proposal is at:
> https://gist.github.com/39158239e36f6af69d6f
>
> I have two issues with it:
>
> 1) groffer reports that there's a bug in CHECKMULTISIG (pops too many
> arguments off the stack), so perhaps we should avoid using it at all.
> Fixing the bug would change its behavior, and is not an option because
> that would cause a blockchain split. We absolutely need unit tests and
> better documentation for how CHECKMULTISIG behaves (perhaps it is
> working as intended, and Satoshi just messed up the description of
> what it does in the comment).
>
> 2) How often will the 1-of-3 and 3-of-3 cases be used? I included them
> just for completeness, but perhaps they should be dropped for now so
> there is less code to write and test. I just don't imagine there are
> many cases where you have exactly three parties and 1-of-3 or 3-of-3
> are required to spend.
Here are some additional use cases:
* Long term lock funds, requiring signatures from 2 officers of a company
to disburse (2 of n for n between 3 and 20)
* Short term lock funds, with 2-factor auth to disburse and an additional
2 of n backup in case one of the factors is lost (2-of-2 OR 2-of-n)
* "Escrow" with the the two parties having to agree or one of two backup
observers helping in case of disagreement (2-of-2 OR 2-of-3 OR 2-of-3)
* An options contract where the outcome is triggered by a key being
broadcast: (Ks AND K1) OR (Kr AND K2) - s gets control of funds if K1 is
broadcast, r gets control if K2 is broadcast.