Re: [bitcoin-dev] Chain width expansion

Are you assuming no network protocol changes? At root, the requirement is that peers can prove their total chain POW. Since each block has the height in the coinbase, a peer can send a short proof of height for a disconnected header and could assert the POW for that header. Each peer could send

Re: [bitcoin-dev] Chain width expansion

On 10/4/19 1:20 AM, David A. Harding wrote: > On Thu, Oct 03, 2019 at 05:38:36PM -0700, Braydon Fuller via bitcoin-dev > wrote: >> This paper describes a solution [to DoS attacks] that does not >> require enabling or maintaining checkpoints and provides improved security. >> [...] >> The paper i

Re: [bitcoin-dev] [Lightning-dev] OP_CAT was Re: Continuing the discussion about noinput / anyprevout

Interesting point. The script is under your control, so you should be able to ensure that you are always using a correctly constructed midstate, e.g., something like: scriptPubKey: <-1> OP_SHA256STREAM DEPTH OP_SHA256STREAM <-2> OP_SHA256STREAM OP_EQUALVERIFY would hash all the elements on the

Re: [bitcoin-dev] [Lightning-dev] OP_CAT was Re: Continuing the discussion about noinput / anyprevout

Good point -- in our discussion, we called it OP_FFS -- Fold Functional Stream, and it could be initialized with a different integer to select for different functions. Therefore the stream processing opcodes would be generic, but extensible. -- @JeremyRubin

Re: [bitcoin-dev] [Lightning-dev] OP_CAT was Re: Continuing the discussion about noinput / anyprevout

On Thu, Oct 03, 2019 at 10:02:14PM -0700, Jeremy via bitcoin-dev wrote: > Awhile back, Ethan and I discussed having, rather than OP_CAT, an > OP_SHA256STREAM that uses the streaming properties of a SHA256 hash > function to allow concatenation of an unlimited amount of data, provided > the only use

Re: [bitcoin-dev] ChainWallet - A way to prevent loss of funds by physical violence

Since the user can't prove that they are using this technique, or petertodd's timelock encryption for that matter, an attacker has little incentive to stop physically attacking until they have a spendable UTXO. I believe you can get the same effect with on-chain timelocks, or delete-the-bits plus

[bitcoin-dev] ChainWallet - A way to prevent loss of funds by physical violence

Hi everyone If you are a hodler, I like to propose the creation of a key stretching as a new layer of protection over your current wallet. I call it ChainWallet. Whatever is the method used to generate your private key, we can do the following: newPrivKey = sha256(sha256(sha256(…sha256(privKey

Re: [bitcoin-dev] Chain width expansion

On Thu, Oct 03, 2019 at 05:38:36PM -0700, Braydon Fuller via bitcoin-dev wrote: > This paper describes a solution [to DoS attacks] that does not > require enabling or maintaining checkpoints and provides improved security. > [...] > The paper is available at: > https://bcoin.io/papers/bitcoin-chai

Re: [bitcoin-dev] [Lightning-dev] OP_CAT was Re: Continuing the discussion about noinput / anyprevout

Good morning Jeremy, > Awhile back, Ethan and I discussed having, rather than OP_CAT, an > OP_SHA256STREAM that uses the streaming properties of a SHA256 hash function > to allow concatenation of an unlimited amount of data, provided the only use > is to hash it. > > You can then use it perhaps