[Bitcoin-development] New standard transaction types: time to schedule a blockchain split?

Thu Aug 25 18:31:49 UTC 2011

On Thu, Aug 25, 2011 at 3:39 AM, Michael Grønager <gronager at ceptacle.com> wrote:
the customer to bypass the clerk and have 3 key addresses, or could we
just leave it to the/a client to implement the multisign transaction
after the money has been received - as a transfer to a safe? This
would greatly simplify the problem and cover the vast majority of use
cases. Not covered in this is huge single transfers where the intruder
of a single key system finds it profitable to reveal their intrusion
by grabbing the entire wallet.

Obviously these things don't need to be hard coupled, since they're
useful independently.   But I don't agree with the premise that being
able to pay directly into an escrow using an address isn't essential
at least as an eventual feature.

The bank analogy falls down because in our threat model people are
replacing the bank teller with a convincing facsimile (malware turning
your computer against you).  Funds can be stolen in a microsecond, so
any exposure isn't good.

Again, I'm not arguing to delay anything— just pointing out that the
ability to have usable addresses (they can be long) that encode a
couple escrow destination.

Perhaps just an address type that can encode any payment script?  User
provides the inputs, sets the outputs plus and additional outputs, and
signs. Client refuses to pay to an address if the resulting
transaction fails IsStandard.

On Thu, Aug 25, 2011 at 1:18 PM, Gavin Andresen <gavinandresen at gmail.com> wrote:
> 2) How often will the 1-of-3 and 3-of-3 cases be used? I included them
> just for completeness, but perhaps they should be dropped for now so
> there is less code to write and test.  I just don't imagine there are
> many cases where you have exactly three parties and 1-of-3 or 3-of-3
> are required to spend.

3-of-3 in particular seems somewhat important to me (group trust
accounts).  I'd really rather not drop use cases unless we're not
confident that they can't be tested sufficiently simply because it'll
just mean another cycle of testing later someday to test them and,
honestly, a more uphill argument as the usecases get narrower and
narrower.

I'll spend some cycles testing whatever cases make it in.