[Bitcoin-development] BIP - Hash Locked Transaction

Peter Todd pete at petertodd.org
Fri Apr 25 20:14:03 UTC 2014

On Fri, Apr 25, 2014 at 11:06:37PM +0300, Alex Mizrahi wrote:
> It is also useful for betting: an oracle will associate a hash with each
> possible outcome, and when outcome is know, it will reveal a corresponding
> preimage which will unlock the transaction.
> This approach has several advantages over approach with multi-sig script:
> 1. oracle doesn't need to be involved in each specific transaction
> 2. resolution is same for everyone who makes a bet on a specific event
> outcome
> 3. no need for two-way communication
> 4. no need for a special protocol: oracle might publish unlocking preimage
> on a web page, and participants will manually enter it into their clients

Actually I did some work looking at this problem a few months ago and
other than somewhat larger transactions it looks like implementing
oracles by having the oracle reveal ECC secret keys works better in
every case. Notably the oracle can prove they really do have the key by
signing a challenge message, and with some ECC math the transaction can
include keys that have been derived from the oracle keys, blinding what
purposes the oracle is being used for from the oracle itself.

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 685 bytes
Desc: Digital signature
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20140425/03d4db96/attachment.sig>

More information about the bitcoin-dev mailing list