Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 2135592F for ; Tue, 22 Aug 2017 23:29:51 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from mail001.aei.ca (mail001.aei.ca [206.123.6.130]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id BE069473 for ; Tue, 22 Aug 2017 23:29:50 +0000 (UTC) Received: (qmail 11341 invoked by uid 89); 22 Aug 2017 23:29:49 -0000 Received: by simscan 1.2.0 ppid: 11336, pid: 11338, t: 0.0083s scanners: regex: 1.2.0 attach: 1.2.0 Received: from mail002.aei.ca (HELO mail002.contact.net) (206.123.6.132) by mail001.aei.ca with (DHE-RSA-AES256-SHA encrypted) SMTP; 22 Aug 2017 23:29:49 -0000 Received: (qmail 22021 invoked by uid 89); 22 Aug 2017 23:29:49 -0000 Received: by simscan 1.2.0 ppid: 21991, pid: 21997, t: 6.9367s scanners: regex: 1.2.0 attach: 1.2.0 clamav: 0.97.8/m: spam: 3.3.1 X-Spam-Checker-Version: SpamAssassin 3.4.1 (2015-04-28) X-Spam-Level: X-Spam-Status: No, hits=-3.0 required=5.0 tests=ALL_TRUSTED,BAYES_00, HTML_MESSAGE autolearn=ham autolearn_force=no version=3.4.1 Received: from dsl-66-36-135-64.mtl.aei.ca (HELO ?192.168.67.200?) (dermoth@66.36.135.64) by mail.aei.ca with ESMTPA; 22 Aug 2017 23:29:42 -0000 To: Rodney Morris , Bitcoin Protocol Discussion References: From: Thomas Guyot-Sionnest Message-ID: Date: Tue, 22 Aug 2017 19:29:41 -0400 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Thunderbird/45.8.0 MIME-Version: 1.0 In-Reply-To: Content-Type: multipart/alternative; boundary="------------2A9529CF4B0EC9677BF25BE2" X-Mailman-Approved-At: Wed, 23 Aug 2017 01:44:33 +0000 Subject: Re: [bitcoin-dev] UTXO growth scaling solution proposal X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 22 Aug 2017 23:29:51 -0000 This is a multi-part message in MIME format. --------------2A9529CF4B0EC9677BF25BE2 Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable I'm just getting the proposal out... if we decide to go forward (pretty huge "if" right now) whenever it kicks in after 15, 50 or 100 years should be decided as early as possible. Are CheckLockTimeVerify transactions accepted yet? I thought most special transactions were only accepted on Testnet... In any case we should be able to scan the blockchain and look for any such transaction. And I hate to make this more complex, but maybe re-issuing the tx from coinbase could be an option? -- Thomas On 22/08/17 06:58 PM, Rodney Morris via bitcoin-dev wrote: > Thomas et.al . > > So, in your minds, anyone who locked up coins using CLTV for their > child to receive on their 21st birthday, for the sake of argument, has > effectively forfeit those coins after the fact? You are going to > force anyone who took coins offline (cryptosteel, paper, doesn't > matter) to bring those coins back online, with the inherent security > risks? > > In my mind, the only sane way to even begin discussing an approach > implementing such a thing - where coins "expire" after X years - would > be to give the entire ecosystem X*N years warning, where N > 1.5. I'd > also suggest X would need to be closer to the life span of a human > than zero. Mind you, I'd suggest this "feature" would need to be > coded and deployed as a future-hard-fork X*N years ahead of time.=20 > A-la Satoshi's blog post regarding increasing block size limit, a good > enough approximation would be to add a block height check to the code > that approximates X*N years, based on 10 minute blocks. The > transparency around such a change would need to be radical and absolute= =2E > > I'd also suggest that, similar to CLTV, it only makes sense to discuss > creating a "never expire" transaction output, if such a feature were > being seriously considered. > > If you think discussions around a block size increase were difficult, > then we'll need a new word to describe the challenges and vitriol that > would arise in arguments that will follow this discussion should it be > seriously proposed, IMHO. > > I also don't think it's reasonable to conflate the discussion herein > with discussion about what to do when ECC or SHA256 is broken. The > weakening/breaking of ECC poses a real risk to the stability of > Bitcoin - the possible release of Satoshi's stash being the most > obvious example - and what to do about that will require serious > consideration when the time comes. Even if the end result is the same > - that coins older than "X" will be invalidated - everything else > important about the scenarios are different as far as I can see. > > Rodney > --------------2A9529CF4B0EC9677BF25BE2 Content-Type: text/html; charset=windows-1252 Content-Transfer-Encoding: 8bit I'm just getting the proposal out... if we decide to go forward (pretty huge "if" right now) whenever it kicks in after 15, 50 or 100 years should be decided as early as possible.

Are CheckLockTimeVerify transactions accepted yet? I thought most special transactions were only accepted on Testnet... In any case we should be able to scan the blockchain and look for any such transaction. And I hate to make this more complex, but maybe re-issuing the tx from coinbase could be an option?

--
Thomas

On 22/08/17 06:58 PM, Rodney Morris via bitcoin-dev wrote:
Thomas et.al.

So, in your minds, anyone who locked up coins using CLTV for their child to receive on their 21st birthday, for the sake of argument, has effectively forfeit those coins after the fact?  You are going to force anyone who took coins offline (cryptosteel, paper, doesn't matter) to bring those coins back online, with the inherent security risks?

In my mind, the only sane way to even begin discussing an approach implementing such a thing - where coins "expire" after X years - would be to give the entire ecosystem X*N years warning, where N > 1.5.  I'd also suggest X would need to be closer to the life span of a human than zero.  Mind you, I'd suggest this "feature" would need to be coded and deployed as a future-hard-fork X*N years ahead of time.  A-la Satoshi's blog post regarding increasing block size limit, a good enough approximation would be to add a block height check to the code that approximates X*N years, based on 10 minute blocks.  The transparency around such a change would need to be radical and absolute.

I'd also suggest that, similar to CLTV, it only makes sense to discuss creating a "never expire" transaction output, if such a feature were being seriously considered.

If you think discussions around a block size increase were difficult, then we'll need a new word to describe the challenges and vitriol that would arise in arguments that will follow this discussion should it be seriously proposed, IMHO.

I also don't think it's reasonable to conflate the discussion herein with discussion about what to do when ECC or SHA256 is broken.  The weakening/breaking of ECC poses a real risk to the stability of Bitcoin - the possible release of Satoshi's stash being the most obvious example - and what to do about that will require serious consideration when the time comes.  Even if the end result is the same - that coins older than "X" will be invalidated - everything else important about the scenarios are different as far as I can see.

Rodney


--------------2A9529CF4B0EC9677BF25BE2--