1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
|
Delivery-date: Wed, 30 Jul 2025 11:29:51 -0700
Received: from mail-oa1-f55.google.com ([209.85.160.55])
by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
(Exim 4.94.2)
(envelope-from <bitcoindev+bncBDL4XL646QOBBFOJVHCAMGQER7EVVMQ@googlegroups.com>)
id 1uhBYl-0000S5-9e
for bitcoindev@gnusha.org; Wed, 30 Jul 2025 11:29:51 -0700
Received: by mail-oa1-f55.google.com with SMTP id 586e51a60fabf-2ea76b45c6asf23151fac.1
for <bitcoindev@gnusha.org>; Wed, 30 Jul 2025 11:29:51 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1753900185; cv=pass;
d=google.com; s=arc-20240605;
b=RYqlbZzeMyZcVlhttCI95R1zAOhC48txym+pTsQvnuearnKgNv9q5V1MjKwjzK914U
Bb5K8JvowrYlIhqkkpihTUOJeOHijbd6/IS87O9px8mUIMeFI5BGxm+o/CBLgxPBUAay
BZKpB+T0RHTXIuDJER/MLWHZ+M8VgR03l0ESjNqbxk6xegh8amcqcKxkzHwBW6Otv3CE
Nj3r+qlG5bRKHSEw6ptokb1Wa7JUqW6WpT5h1Bdewv9pjItsf/QkXS6xdFyRM2BQ+xBz
gTucWxyYX2ro1T7i+8BGeE+M9Yy9x+nXvheocKXjVFYFCNMw6lIaMYejTpRDUoH7KIBs
YbLw==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:reply-to:mime-version:feedback-id
:references:in-reply-to:message-id:subject:cc:from:to:date
:dkim-signature;
bh=QB17TsizJ3HeDSc7uxoDsFRUBO+XQWjLBH4eYYbj/4o=;
fh=efg6DPdsz1cxqH/e2e+AIZ1/aDw64k8f/o7WDnCLVXk=;
b=ReNqR3AsH62geIouJ7iLYMYxULdjrM/Wv4S6ChbKkzrJ4OXmnfu+bfdw9v89ckHXcb
JzO7apm0Lh/8H4rAWQ5yal0DnlXGhtLR+drEMJqDSXaKkE/PGRutBW8kcH/Wx/cK8YKi
v3d+WQi1QE2K4bbkcI2hgO9/YbVvj4hUa1wD0txYc0DpNX9fTfjBeUINBbF5QSe6z4f/
8WCh1Goc9L2FPqBKOWHmuX2AiW3D6ra8qeSsAazB0DIoGI2z6dtVUWO4k2Earkp7FdT/
QRh8AvCBz4ZUexhh2llmV32hPH1bnDYtIvy7YhUtZ566XPYQOEvt4iEz01Cfln7sua/q
A3qg==;
darn=gnusha.org
ARC-Authentication-Results: i=2; gmr-mx.google.com;
dkim=pass header.i=@protonmail.com header.s=protonmail3 header.b=BzRQTMhp;
spf=pass (google.com: domain of darosior@protonmail.com designates 185.70.43.22 as permitted sender) smtp.mailfrom=darosior@protonmail.com;
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=protonmail.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=googlegroups.com; s=20230601; t=1753900185; x=1754504985; darn=gnusha.org;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:reply-to
:x-original-authentication-results:x-original-sender:mime-version
:feedback-id:references:in-reply-to:message-id:subject:cc:from:to
:date:from:to:cc:subject:date:message-id:reply-to;
bh=QB17TsizJ3HeDSc7uxoDsFRUBO+XQWjLBH4eYYbj/4o=;
b=B4XEPKJPAjhI1xvDqXSnEDEZfqn25GI/IjXHR8Rz7Nf3+/InR5POizAa/Ew6mkhJaG
dip6AQ7Zud6beo2UbVz0BCwk0D1I35k5Bb36lpE7DxiifH7Y89eVw5f+c8Zojt4O72aY
wFtav38ijPWmdHGFvDrlXJ5Qr1VaXw65/Dxcs2CZnct5SE2aoUZRZcbIp2KZDHRekpfA
6GpEUphgA/WtCJSaUDyrNUKl63cDs/EWaKd9s1DJrRFCo9SKxMnKa9IAmPNN+ynwaVDE
Nw1LNWUswDKVsxvSrWU+XBZ+fViKEDnbTWgPnt6GL2o1+bwySx6Q2VaAqqK3GXmERyQU
nc+w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1753900185; x=1754504985;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:reply-to
:x-original-authentication-results:x-original-sender:mime-version
:feedback-id:references:in-reply-to:message-id:subject:cc:from:to
:date:x-beenthere:x-gm-message-state:from:to:cc:subject:date
:message-id:reply-to;
bh=QB17TsizJ3HeDSc7uxoDsFRUBO+XQWjLBH4eYYbj/4o=;
b=HWcDY730FRcFBY3/SvUXCx5xbD2kmWSg6CulIkjxccOZmKGk6jI/tOdlCLCbW8IAKs
zMquq/+5xCUIWjX6WBM+OXi/MlbGHYk+78c6LvzJYqwVA/ZjUtnYLM4GUAZ7HBwcS+FN
Uk3nCouZnLXNY633Rx1/vdKezFkDZkUKHZ5vPJYluhg970mGDCwrETYNBAkZESD2liBn
E++wFDKf5uPUvqlZ4YN+1QA7tlKJ6yfli2t1oyOVdB9/273m3xKvmZYvd1jFLgU4rBl1
Ws6UvfiMM4n214k/Xn2OrY3VCbFlLutxUKX91Nlu1w5mxs5F0fcJNyHoXfZF+Vp97haJ
ajzw==
X-Forwarded-Encrypted: i=2; AJvYcCXQVGofsSQjtoodg0094RysnTTKEM3ZZY17buba5CdVrrd6yg1DYiCll/4XY5+VATq2XNLOHGFbzgAQ@gnusha.org
X-Gm-Message-State: AOJu0YxzxMaw4ziT7ETcq0hkJ2MGgWwdsws2Z8idJF3knvJl75uqYz6Z
Muv/4CUSyBJkdzY9qwr0gh+AOz3W5c/dA47T1NEw+QI9lPKrZWu6Glhz
X-Google-Smtp-Source: AGHT+IGbGkWPSE1DpUjNRN3xj+vtQHM3iO2cXFWQrw0rbeEotKyjr4ThxWzsiXu9BvMRO835V1eRuQ==
X-Received: by 2002:a05:6870:364a:b0:2d6:af0:8d8e with SMTP id 586e51a60fabf-30785a859fcmr2901734fac.2.1753900184697;
Wed, 30 Jul 2025 11:29:44 -0700 (PDT)
X-BeenThere: bitcoindev@googlegroups.com; h=AZMbMZcMYglwh5hbNtqtYBpK8iifi/16RW1zSqG3jgWEnikMVQ==
Received: by 2002:a05:6871:8803:b0:2ea:87da:e554 with SMTP id
586e51a60fabf-306ddc4364als1602525fac.2.-pod-prod-02-us; Wed, 30 Jul 2025
11:29:41 -0700 (PDT)
X-Forwarded-Encrypted: i=2; AJvYcCXIcdWyuqxPboI6jn4uJu5xAwF72RRRywBkiVAGcVXIfxFqesBr6bGH7uZxzqNXDZwZsZx+E0QUMukl@googlegroups.com
X-Received: by 2002:a05:6808:1b21:b0:40a:f48f:2c10 with SMTP id 5614622812f47-43199c82eaamr3065777b6e.10.1753900181096;
Wed, 30 Jul 2025 11:29:41 -0700 (PDT)
Received: by 2002:a05:6504:5318:b0:2bc:427:fa2 with SMTP id a1c4a302cd1d6-2bd8d722e72msc7a;
Wed, 30 Jul 2025 10:35:11 -0700 (PDT)
X-Forwarded-Encrypted: i=2; AJvYcCVT4GDj+VvsOMF+dMCoVyY0aEwGW3zeKtFQyQhaubtTLwl+geC6yLkJOQxK/xW6fFPc2PizhvrY95N1@googlegroups.com
X-Received: by 2002:a05:651c:20cf:10b0:332:3480:cd0a with SMTP id 38308e7fff4ca-3323480d3b4mr1148291fa.10.1753896908721;
Wed, 30 Jul 2025 10:35:08 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1753896908; cv=none;
d=google.com; s=arc-20240605;
b=J/JvSIjWhHikcr/P/W/+VAwweMEMp9rVxiAQAey0IcoHqnacBclpQQn5YQTFo+0A3h
9f1A0hzBWJiHqHp2cBFn5fw9GN+dz+z3TPksyrQXeWVILQKG1HKoBH0f2S/pMssN2hvt
QUwB6Z0Tt3osM3Q+if9j4LfxVvxCq0Bv/DEiueDc1jU7iCilw7mifo8CzW7EYhLhNZ0x
d6KnwcTa6jOsz4NQCho2Oqrzlj0WI5nTqwbreN+6sAT6/7sW0lo9vykOLIdpQ+vd+RHR
w0VebYDhv+wZNcuDIimCQC0vT7FUdLToSD5nYvFA2LxFx937Kk79Qyv7ZHP045wrejE2
TUdg==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
h=content-transfer-encoding:mime-version:feedback-id:references
:in-reply-to:message-id:subject:cc:from:to:date:dkim-signature;
bh=R7zwbro/cGt9w2DY2/x7Rc3awCni5A9NZ5fH/azbQDo=;
fh=+pfhCjGFOCI47A0hi67oE1fGxzvKgNr7ZltUA6AXolw=;
b=cE8DkwegZUcxFxwQyh4khTbDxKQH91hk2dsg6olfTsVyOUj4XI3RbTRl4uq6tiZd/z
J8lgw+AZWEjIJUOKBK4OvHgTdfBw+5ZIFS9qTAuIWPuXiW0/wW/cGQYWVOFd8KXvWwck
ZPGAK9lbv8hXBKAPuO+if0QVynEN0cC0rAAgFhVH6LLGfrCm5ULtM0sEFC2wTfVF5/o1
P4ahkroVp+VmOIF7hzcTWW1qugbrDybskw9uSSFMEUWw4W0pSwZCJ6W30EwAFRISrv9u
DU+/Kk/TNhwzS5NXuq3UXwYXaCamhSCNne2DbHGHiEFeqA2JYFvsJ5o0t3lRGq54hkpo
wtdA==;
dara=google.com
ARC-Authentication-Results: i=1; gmr-mx.google.com;
dkim=pass header.i=@protonmail.com header.s=protonmail3 header.b=BzRQTMhp;
spf=pass (google.com: domain of darosior@protonmail.com designates 185.70.43.22 as permitted sender) smtp.mailfrom=darosior@protonmail.com;
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=protonmail.com
Received: from mail-4322.protonmail.ch (mail-4322.protonmail.ch. [185.70.43.22])
by gmr-mx.google.com with ESMTPS id 38308e7fff4ca-331f41ce93bsi3040811fa.4.2025.07.30.10.35.08
for <bitcoindev@googlegroups.com>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Wed, 30 Jul 2025 10:35:08 -0700 (PDT)
Received-SPF: pass (google.com: domain of darosior@protonmail.com designates 185.70.43.22 as permitted sender) client-ip=185.70.43.22;
Date: Wed, 30 Jul 2025 17:35:02 +0000
To: Sjors Provoost <sjors@sprovoost.nl>
From: "'Antoine Poinsot' via Bitcoin Development Mailing List" <bitcoindev@googlegroups.com>
Cc: James O'Beirne <james.obeirne@gmail.com>, Greg Sanders <gsanders87@gmail.com>, Bitcoin Development Mailing List <bitcoindev@googlegroups.com>
Subject: Re: [bitcoindev] A Taproot-native (re-)bindable transaction bundle proposal
Message-ID: <ZVpECz43S3fTL1NKxxHANGsvtOJmQJmstZ6Xa9laLg7WkdmiLL10yqKgVjsOb0GZFkEpz4vaBfN-uy3mu7kFT41QFTuXD3a_tSoLpSIbIGs=@protonmail.com>
In-Reply-To: <4E54B8EA-9BE8-4660-AA29-72E14C3AADF5@sprovoost.nl>
References: <26b96fb1-d916-474a-bd23-920becc3412cn@googlegroups.com> <CAPfvXf+E0YDzqY_jsGVoc4KKh_Kgsp-p20wNAD05tv_rMNG2sA@mail.gmail.com> <_POzkO7sHDURx6skGAWsrxN_UUtN_6Ak6donzVhmzYzAV6Ej22jBnE2baxM_WtqxW2RNvDjze72kOVgowNhqGSJ1dg5m_HTO3FuG6QM5daw=@protonmail.com> <4E54B8EA-9BE8-4660-AA29-72E14C3AADF5@sprovoost.nl>
Feedback-ID: 7060259:user:proton
X-Pm-Message-ID: c6bda4990a3729bde2fb042584be48839eee24c6
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
X-Original-Sender: darosior@protonmail.com
X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass
header.i=@protonmail.com header.s=protonmail3 header.b=BzRQTMhp;
spf=pass (google.com: domain of darosior@protonmail.com designates
185.70.43.22 as permitted sender) smtp.mailfrom=darosior@protonmail.com;
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=protonmail.com
X-Original-From: Antoine Poinsot <darosior@protonmail.com>
Reply-To: Antoine Poinsot <darosior@protonmail.com>
Precedence: list
Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com
List-ID: <bitcoindev.googlegroups.com>
X-Google-Group-Id: 786775582512
List-Post: <https://groups.google.com/group/bitcoindev/post>, <mailto:bitcoindev@googlegroups.com>
List-Help: <https://groups.google.com/support/>, <mailto:bitcoindev+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/bitcoindev
List-Subscribe: <https://groups.google.com/group/bitcoindev/subscribe>, <mailto:bitcoindev+subscribe@googlegroups.com>
List-Unsubscribe: <mailto:googlegroups-manage+786775582512+unsubscribe@googlegroups.com>,
<https://groups.google.com/group/bitcoindev/subscribe>
X-Spam-Score: -1.0 (-)
Hi Sjors,
I am not discounting that argument, i addressed it. To reiterate, i believe (as do others apparently) that unless
there is a good reason not to we should only add new features in the latest, sanest, version of the scripting system.
Furthermore, Bitcoin's last soft fork aimed to provide a way to have the output type not leak any information about
the receiver's spending conditions (as well as possibly reducing information leak at spend time, too). In the last
upgrade, Bitcoin users opted in to a design such as using Tapscript would be indistinguishable at reception time,
at the price of making Tapscript spends slightly more expensive. Incentivizing to use older, distinguishable, output
types by adding new features there (thereby even making it cheaper to use than proper Tapscript) would be completely
inconsistent with this. For what it's worth, this was also recently discussed by one of the Taproot authors in the
context of BIP360: https://delvingbitcoin.org/t/changes-to-bip-360-pay-to-quantum-resistant-hash-p2qrh/1811/11.
Therefore, our starting position when considering upgrades to the scripting system should be to keep to Tapscript.
I am happy to change my mind about making OP_TEMPLATEHASH and/or OP_CSFS available in P2WSH, but i have yet to see
a compelling reason to do so.
Best,
Antoine Poinsot
On Wednesday, July 30th, 2025 at 12:06 PM, Sjors Provoost <sjors@sprovoost.nl> wrote:
>
>
> Regarding the (lack of) support of v0 SegWit, James O'Beirne wrote:
>
> > To date I haven't heard any concrete downside of including witness v0
> > support for an opcode like this other than "it's marginally more to
> > think about during review."
>
>
>
> I wouldn't discount that argument though. It's very nice to not have to think about any of the problems that v1 (taproot) already fixed. We know that review has been a major bottleneck for these proposals.
>
> That said, it may be useful to have a "patch" for both the BIP text and the implementation that does support v0. I'm sure it's a lot less scary than pre-SegWit support.
>
> > One concrete impediment to Taproot adoption among custodians is the lack
> > of native HSM support for the Schnorr signature scheme. It's reasonable
> > to believe that some already-deployed HSM contexts may never get to
> > Taprootability.
>
>
>
> I find it worrying that companies claiming to build military grade ultra secure hardware, that are used protect hundred of billions of dollars, have refused to implement Schnorr signatures for 5+ years now.
>
> It also means they can't support MuSig2 and instead have to use ECDSA signature aggregation. They also can't support script path spending, which isn't great for privacy.
>
> I guess we'll have to wait until enough other crypto chains migrate to Schnorr so there's enough trade volume to justify paying an engineer to spend two weeks fixing this firmware.
>
> That said, I don't use such services (for more than a few minutes) and I don't think we should "force" people to upgrade by stubbornly not supporting v0.
>
> - Sjors
>
> > Op 11 jul 2025, om 20:37 heeft 'Antoine Poinsot' via Bitcoin Development Mailing List bitcoindev@googlegroups.com het volgende geschreven:
>
>
> [...]
>
> > Your second main criticism concerns the lack of Segwit v0 support. You start by cherry-picking some
> > data about Taproot's usage, so i'll ask you to please keep the discussion honest here. You state
> > that between 0.1% and 0.75% of all bitcoins in existence are held in P2TR outputs, and use this
> > figure to conclude the "overwhelming majority of value transfer in bitcoin is still happening in
> > a pre-Taproot script context". This non-sequitur reads as though you'd already settled on the
> > conclusion and were reaching for data that might appear to support it. In 2024 and 2025 between 20%
> > and 40% of all onchain transfers used Taproot[^0] (vs between 1% and 3% for P2WSH). Even
> > considering the value of these transfers gives a pretty clear trajectory: since the beginning of
> > 2024 the percentage of BTC getting locked into P2TR outputs quadrupled from 2.2% to 8.5%[^1] (the
> > percentage for P2WSH was steady from 16.4% to 16.8%).
> >
> > I strongly believe our default position should be to only enable new features in the latest
> > iteration of the scripting system. While Segwit v0 fixed the most important quirks of legacy Script,
> > Taproot/Tapscript finishes this work by removing the remaining instances of quadratic hashing,
> > enforcing by consensus more malleability-related standardness rules, being compatible with batched
> > validation today and a possible future CISA, and finally presenting the slight but still good to
> > have privacy improvement that all outputs look the same before being spent (and sometimes even after
> > being spent although it's harder to achieve). We should not provide new features for an outdated
> > scripting context unless we have a strong reason to.
> >
> > I don't think you provide a strong reason not to stick to Tapscript. You claim that many industrial
> > players would not be able to use OP_TEMPLATEHASH but you don't back it up with anything
> > demonstrating those companies 1) desire to use OP_TEMPLATEHASH and jointly 2) are somehow unable to
> > upgrade from P2WSH to Taproot.
>
>
> --
> You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
> To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/4E54B8EA-9BE8-4660-AA29-72E14C3AADF5%40sprovoost.nl.
--
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/ZVpECz43S3fTL1NKxxHANGsvtOJmQJmstZ6Xa9laLg7WkdmiLL10yqKgVjsOb0GZFkEpz4vaBfN-uy3mu7kFT41QFTuXD3a_tSoLpSIbIGs%3D%40protonmail.com.
|
