Replying to two emails below.

On Wed, Aug 7, 2019 at 7:27 PM ZmnSCPxj <> wrote:

> > -   Re-vaulting transaction. This is where the magic happens. The
> re-vaulting
> >     transaction is signed during transaction tree setup, before
> constructing the
> >     delayed-spend transaction for the parent vault. The re-vaulting
> transaction is
> >     broadcasted when someone wants to prevent a coin withdrawal during
> the public
> >     observation delay period. The re-vaulting transaction spends the
> delayed-spend
> >     transaction outputs. It has a single output with a script created by
> running
> >     the entire vault setup function again. Hence, when the re-vaulting
> transaction
> >     is confirmed, all of the coins go back into a new
> identically-configured vault
> >     instead of being relinquished through the delayed-spend transaction
> timeout for
> >     hot wallet key signing.
> As transactions need to be signed in reverse order, it seems to me that
> there is a practical limit in the number of times a vault can be used.
> Basically, the number of times we run the vault setup function is the
> limit on number of re-vaultings possible.
> Is my understanding correct?

Yes, that is correct. When setting up the vault, plan it "all the way to
the end" like next 100+ years. With exponential backoff on the relative
timelock values, the total number of pre-signed transactions isn't really
that high. With a few thousand pre-signed transactions (more than enough),
you can have high resolution timelocks well into the future.

On Wed, Aug 7, 2019 at 4:19 PM Dustin Dettmer <>

> Does revaulting vault up with the same keys, or new ones?
> Are they new derivation paths on the same key?

Honestly, no idea. The answer to that might depend on each individual vault
user. If the user doesn't want to deal with the expense of managing a bunch
of unique keys and other data, then it might make more sense to use the
same values and have a small blob that has to be stored for a long time,
rather than many different blobs stored in different places to deal with.

- Bryan
bitcoin-dev mailing list

Reply via email to