[bitcoin-dev] Miniscript

[Pieter Wuille via bitcoin-dev]

Hi all,

Miniscript is a project we've been working on for the past year or so,
and is now at a stage where I'd like to get it some more attention. It is joint
work with Andrew Poelstra and Sanket Sanjalkar.

It's a language for writing (a subset of) Bitcoin Scripts in a structured way,
enabling analysis, composition, generic signing and more.

For example the script

   OP_CHECKSIG OP_IFDUP OP_NOTIF OP_DUP OP_HASH160 
  OP_EQUALVERIFY OP_CHECKSIGVERIFY <144> OP_CSV OP_ENDIF

in Miniscript notation would be

  or_d(c:pk(A),and_v(vc:pk_h(B),older(144)))

making it human (engineer?) readable that this is a script that permits A to
take the coins at any time, and B after 1 day. A full description of the
language can be found on the project website http://bitcoin.sipa.be/miniscript

Using Miniscript it's possible to:
* Write descriptors for addresses for scripts that implement things more
  complicated than multisig.
* Make software that can deal with composition of policies (e.g. have funds
  in a 2-of-3 setup where one of the 3 "keys" is itself a policy that involves
  perhaps multiple devices and timeouts).
* Compile complex spending policies to efficient scripts.
* Figure out under what necessary and/or sufficient conditions a script can be
  satisfied.
* Given signatures for a sufficient set of keys (and hash preimages, if needed),
  generically construct a witness for arbitrary scripts, without metadata
  apart from the script itself and public keys appearing in it. This means
  generic PSBT signers are possible for this class of scripts.
* Compute the bounds on the size of a witness for arbitrary scripts.
* Perform static analysis to see if any of Script's resource limitations
  (ops limit, stack size, ...) might interfere with the ability to spend.
* Who knows what else...

We have two implementations:
* a C++ one (https://github.com/sipa/miniscript)
* a Rust library (https://github.com/apoelstra/rust-miniscript).

The implementations are a work in progress, but through large scale randomized
tests we have confidence that the language design and associated witnesses are
compatible with the existing consensus and standardness rules.

To be clear: Miniscript is designed for Bitcoin as it exists today (primarily
P2WSH), and does not need any consensus changes. That said, we plan to extend
the design to support future script changes Bitcoin may include.

Cheers,

-- 
Pieter
___
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev

[bitcoin-dev] Storm: escrowed storage and messaging at L2/L3

[Dr Maxim Orlovsky via bitcoin-dev]

Hi,

I'd like to propose a design for distributed storage and messaging with 
escrow/economic incentivization leveraging LNP/BP ecosystem and working at 
Layer 2 and 3. It is described in details here: 
https://github.com/storm-org/storm-spec [1]

Briefly, it allows to construct special type of payment channels guaranteeing 
remote data storage and retrieval with counterparty risks mitigated by economic 
stimulus (stakes etc). Next, it can be combined with Lightning Network, i.e. 
operate completely off-chain ("Storm with Lightning" :).

This proposal came as a side-effect of our joint work on RGB and single-use 
seals technologies (recently mentioned by Peter Todd here [2]). In the nearest 
future I will be busy with finalizing and implementing these protocols, but 
don't want this idea to be missed/forgotten, since it can be very useful for 
other L2/L3 technologies requiring client-stored data, like guaranteeing 
external storage of script data for Taproot, scriptless scripts or Prometheus 
(technology for scalable computing [3]). So I'd welcome any possible comments, 
critics, or interest in driving Storm development forward.

[1] https://github.com/storm-org/storm-spec
[2] 
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2019-August/017257.html
[3] https://github.com/pandoracore/prometheus-spec/blob/master/prometheus.pdf

--

Dr Maxim Orlovsky
Pandora Core AG
https://twitter.com/dr_orlovsky
https://github.com/dr-orlovsky
xorlovsky[1..]@pandoracore.com___
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev