110 sats \ 4 replies \ @anon 13 May \ parent \ on: Lyn Alden On Scaling bitcoin
Also, the author of the article (for the previous link) answers your reply about multisig (please see below).
"There are significant differences.
First, the covenant model requires only a single signature every two weeks. That’s 26 signatures per year. In contrast, the cosigner model requires to co-sign every single transaction, which could be millions per year if there are thousands of institutions.
Second, the covenant model tolerates a slow signing process (e.g., it can take a week and use some threshold scheme) because that doesn’t affect transaction speeds. In contrast, in the cosigner model without a hot key you have to wait for the government to complete their cold signing process before you can transact. The longer the waiting time the higher is your opportunity cost. The shorter the waiting time the more complex and fragile is the air-gapped signing."
First, the covenant model requires only a single signature every two weeks. That’s 26 signatures per year. In contrast, the cosigner model requires to co-sign every single transaction, which could be millions per year if there are thousands of institutions.
CISA (cross input signature aggregation). We have it in some form with musig2, but musig2 by itself isn't the full CISA of the future.
As far as the time argument goes, don't you know that our system relies on credit. If you're just waiting on the government sign off, then any business would just credit you until the settlement can go through. Since all your PSBTs would be sent to the government, the risk of a full RBF tx is nil as the government would apply a first seen first signed policy.
Anyway, that's all much more complicated than what governments and businesses are doing today, which is just not letting you withdraw unless you're sending to another whitelisted service.
reply
More CISA nuance
https://cisaresearch.org/
reply
Thank you for your reply but that makes no sense to me. I wouldn't want to be in a position of having a payment in a sort of limbo for two weeks. I'll take my chances with the current risks with multisig rather than potentially make it even worse.
As for the system being based on credit : ... not really. If I sell a product, I want to get the btc before and I want to ship now. I won't be waiting around for two weeks. If I sell my house, I want the btc now, and no limbo.
reply
Sorry, when I said "our system" I meant the banking system, which you're right is not our system, but a government entity or any modern business would not have an issue with it at all.
Here's something to consider. Why do we have a merkle tree secured by hash cash? One of the reasons is so that there is no transaction reversibility. If a government database (or more likely an exchange or other custodian database) is the transaction state, is the authority on whether a tx gets reversed or not, (their signature is required afterall), and your custodian trusts this other custodian not to sign a second tx made by you (as they all do these days), your custodian (which I say custodian because this is a 2 of 2 multi-sig and you don't have enough signatures to spend and you don't have unilateral exit) could sign the unconfirmed on the utxo to allow you to spend it elsewhere.
Here's this put in more simple terms how I could put it on my own.
"What Is A Child Transaction In The Bitcoin Network?
A child transaction can be best understood in relation to its parent transaction. In the Bitcoin network, transactions are linked together in a chain-like structure called a blockchain. When a parent transaction occurs, it creates an unspent output that can be used as an input for subsequent transactions.
These subsequent transactions that spend these unspent outputs are referred to as child transactions."
So, when you receive a tx that is only signed by one signature, your wallet will query the government's node, see the tx in their custom mempool, and it will say its confirmed. Still in the mempool, the wallet will say its confirmed. Its not possible to reverse this tx, because the government mempool won't allow it to be replaced and because it doesn't have the governments signature, its not consensus valid to be mined yet.
(In both a CTV perpetual KYC scheme and this multi-sig perpetual KYC scheme, you'd need a wallet that even complies with this scheme)
In order to even have a CTV address, you need to generate one on your device, the same way you have to generate a taproot address.
You may remember me saying that.
So then your wallet would sign the child transaction of that tx and so and and so forth until the government signer wakes up and signs all of them at once and broadcasts that to be mined.
(p.s. I had to double check with some people I know that you could sign a child transaction of a multi-sig utxo before its parent is fully signed lol)
reply