Re: [bitcoin-dev] Safer NOINPUT with output tagging
On Mon, Dec 24, 2018 at 11:47:38AM +, ZmnSCPxj via bitcoin-dev wrote: > A boutique protocol would reduce the number of existing onchain wallets that > could be integrated in such UI. Seems like PSBT would be a sufficient protocol: 0) lightning node generates a PSBT for a new channel, with no inputs and a single output of the 2-of-2 address 1) wallet funds the PSBT but doesn't sign it, adding a change address if necessary, and could combine with other tx's bustapay style 2) lightning determines txid from PSBT, and creates update/settlement tx's for funding tx so funds can be recovered 3) wallet signs and publishes the PSBT 4) lightning sees tx on chain and channel is open That's a bit more convoluted than "(0) lightning generates an address and value, and creates NOINPUT update/settlement tx's for that address/value; (1) wallet funds address to exactly that value; (2) lightning monitors blockchain for payment to that address" of course. But it avoids letting users get into the habit of passing NOINPUT addresses around, or the risk of a user typo'ing the value and losing money immediately, and it has the benefit that the wallet can tweak the value if (eg) that avoids a change address or enhances privacy (iirc, c-lightning tweaks payment values for that reason). If the channel's closed cooperatively, it also avoids ever needing to publish a NOINPUT sig (or NOINPUT tagged output). Does that seem a fair trade off? Cheers, aj ___ bitcoin-dev mailing list bitcoin-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
Re: [bitcoin-dev] bustapay BIP :: a practical sender/receiver coinjoin protocol
On Tue, Jan 29, 2019 at 6:46 PM wrote: > > If the sender refuses to sign the final transaction, the receiver just > propagates the template transaction which pays the receiver! So it's a > pretty weak attack. > > The only real attack is that the sender could double-spend the > template-transaction before it's propagated, but the cost of doing this > isn't free, as at the very least you need to pay the transaction fees of > creating a double spend. It's not an amazingly good defence, but it's good > enough that it's unlikely to get abused (and an attacker would only learn a > single utxo of the receiver) . > Okay, I see what you mean. I better understand the weaknesses you've identified, and I can't really think of a better solution than what you've proposed. I also realized that implementors who aren't capable of integrating signing and UTXO validation wouldn't be the ones trying to implement this feature, so my concerns there are also moot. Carry on ;) ___ bitcoin-dev mailing list bitcoin-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
Re: [bitcoin-dev] Contribution
This mailing list is for the development of the Bitcoin protocol (see https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev). Code changes to Bitcoin Core can be discussed on https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-core-dev or preferably be submitted to https://github.com/bitcoin/bitcoin/ directly. -- Marco ___ bitcoin-dev mailing list bitcoin-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev