pull down to refresh

Why would anyone use OP_RETURN over inscriptions, aside from fees?
1260 sats \ 6 comments \ @DarthCoin 2 May bitcoin
This is a post from bitcoin dev Sjors Provoost on Bitcoin Stackexchange and I repost it here for broader audience:
Some (proposed) protocols use fake public keys to put additional data in the transaction output, when it doesn't fit in the 80 byte OP_RETURN limit.
But why don't they just use the inscription mechanism and put it in the witness?
(someone asked me this, and I think it's worth clarifying, so I'll answer myself)
There's two reasons:
  1. OP_RETURN is actually cheaper for smaller payloads, see When is OP_RETURN cheaper than OP_FALSE OP_IF? But this is of trivial concern for smart contracts like bridges, which move huge amounts of value around.
  2. Some protocols require certain data to be available before the transaction is spent. Since the witness is only revealed at spending time, it would be too late. These system care about data availability and are not price sensitive. They want to maximise the chances of getting relayed. So even though a large OP_RETURN is already pretty easy to relay, and even though that's actually cheaper, they're happy to pay a bit more in fees and use fake public keys instead, just to be on the safe side.
write
preview
related posts
212 sats \ 4 replies \ @justin_shocknet 2 May
The better question is, why would anyone put arbitrary data on the chain when they could put it literally anywhere else and just timestamp a hash of it?
reply
160 sats \ 1 reply \ @petertodd 2 May
You do not understand what Citrea is doing.
They're not storing data or committing data. They're provably publishing data. They need to do this because their protocol needs to ensure that other actors in the protocol get that data in the non-cooperative case.
Lightning does the same thing: if an HTLC transaction goes on chain, collecting the HTLC forces you to publish the pre-image on the chain, ensuring he next person in the path can find the pre-image and use it themselves to collect their HTLC.
reply
10 sats \ 0 replies \ @justin_shocknet 2 May
Guilty, was generalizing... Citrea ref #969690
reply
45 sats \ 0 replies \ @DarthCoin OP 2 May
🎯
reply
1 sat \ 0 replies \ @TheCharlatan 2 May freebie
Indeed, but the reality is that sadly people are doing it.
0 sats \ 0 replies \ @LibertasBR 2 May
So let them remove the limit? I'm not really that knowledgeable about the technical side of things, I'm watching the debate and trying to understand why it's as bad as they say or why it doesn't make sense to have the limit as others say.
reply