Le 06/02/2023 à 19:05, Erik Aronesty via bitcoin-dev a écrit :
> my favorite one is the javascript exploit for people that like to
> render untrusted blockchain data in their browser

Taking this example to show that from my standpoint it's not a good idea
to store "big things" in the blockchain, but it's a good idea to store
proofs of something ( then this is the rationale for this change request
https://github.com/bitcoin/bitcoin/issues/27043), we all know that there
are plenty of useless things already stored in the blockchain, now if
people want to pay to store big things, then let them do it

But how can you validate what is stored? Simple answer: you can't, I
take in my NFT proposal the example of js code loading, it's impossible
to be sure of the code loaded (and it is supposed to evolve, then which
version is correct in the blockchain can be mysterious) without using a
third party, that's what I am doing here: https://peersm.com/wallet, the
third party is my github repo, the code self validates that it is the
correct one and the user must check the hash, of course the code could
lie then you should better embed the check in a bookmarklet, the page
can't lie, and of course I could be  a thief then others should check
the code and seed the hash somewhere, even if clearly explained that the
code must be used off line it's not difficult to invent different things
to steal the keys

Same principle applies with my NFT proposal (which can be real things,
so impossible to store in the blockchain): a third party allowing a
timestamp is used to prove that you are the seeder of the NFT (first
owner), minting can't be trusted and then becomes useless with the third
party, so you spare some bitcoin transactions

Using a third party does not mean that the blockchain is of no use,
again the blockchain will validate the life of the NFT and it remains
decentralized like lightning

bitcoin-dev mailing list

Reply via email to