[Bitcoin-development] one-show signatures (Re: The relationship between Proof-of-Publication and Anti-Replay Oracles)

paul snow snow.paul at gmail.com
Mon Dec 22 00:56:28 UTC 2014

On Sun, Dec 21, 2014 at 12:51 PM, Peter Todd <pete at petertodd.org> wrote:

> On Sun, Dec 21, 2014 at 06:10:47PM +0000, Adam Back wrote:
> > Yes you could for example define a new rule that two signatures
> > (double-spend) authorises something - eg miners to take funds. (And
> > this would work with existing ECDSA addresses & unrestricted R-value
> > choices).
> >
> > I wasnt really making a point other than an aside that it maybe is
> > sort-of possible to do with math what you said was not possible where
> > you said "This [preventing signing more than one message] is
> > impossible to implement with math alone".
> Introducing a bunch of clever ECDSA math doesn't change the fact that
> the clever math isn't what is preventing double-spending, clever
> economics is. Just like Bitcoin itself.
> No sense getting people potentially confused by a bunch of complex
> equations that aren't relevant to the more fundemental and much more
> important principle that math alone can't prevent double-spending.

Math alone describes all of Bitcoin's structure; as math is a way to model
reality, it has no limits. Saying Math can't prevent double-spending is
near equivalent to saying it cannot be done.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20141221/15e13227/attachment.html>

More information about the bitcoin-dev mailing list