[Bitcoin-development] Proposal: soft-fork to make anyone-can-spend outputs unspendable for 100 blocks

Peter Todd pete at petertodd.org
Sat Jun 1 20:58:53 UTC 2013


On Sat, Jun 01, 2013 at 08:34:29PM +0000, Luke-Jr wrote:
> On Saturday, June 01, 2013 7:30:36 PM Peter Todd wrote:
> > scriptPubKey: <data> OP_TRUE
> > 
> > ...
> > Along with that change anyone-can-spend outputs should be make IsStandard()
> > so they will be relayed.
> 
> Data does not belong in the blockchain. People running nodes have all 
> implicitly agreed to store the blocks for financial purposes, and storing data 
> is a violation of that social contract. Proof-of-stake may be arguably 
> financial, but I'm sure there must be a way to do it without spamming people 
> against their consent.

We have no way of preventing this, so ensure it's done in a way that
minimizes harm. For instance, my zookeyv key-value consensus system can
be implemented using transactions with txout pairs of the following
form:

Let H(d) = RIPEMD160(SHA256(d))

txout_k*2  : OP_DUP H(key) OP_EQUALVERIFY
txout_k*2+1: OP_DUP H(value) OP_EQUALVERIFY

With an additional rule to allow for references to previous sacrifices
with txouts of the form:

txout_n: OP_DUP H(txid:vout) OP_EQUALVERIFY

This is perfectly compatible with Gregory Maxwell's address pre-image
fix to data-in-chain storage, and at the same time is completely
unblockable by making such transactions more expensive - the whole point
is to prove you've sacrificed funds.

Yet another reason why increasing the blocksize is madness.

-- 
'peter'[:-1]@petertodd.org
0000000000000018235c41836eb88ea45343c746a3704c5a155bb90c7d2d9a48
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 490 bytes
Desc: Digital signature
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20130601/857d9a1c/attachment.sig>


More information about the bitcoin-dev mailing list