[Bitcoin-development] Assurance contracts to fund the network with OP_CHECKLOCKTIMEVERIFY

Tier Nolan tier.nolan at gmail.com
Fri May 8 14:56:35 UTC 2015


On Fri, May 8, 2015 at 3:54 PM, Benjamin <benjamin.l.cordes at gmail.com>
wrote:

> AC does not solve the problem. AC works if people gain directly from
> the payment.


Not necessarily.









> Imagine a group of people paying tax - nobody gains from
> paying it. You have to actually need to enforce negative outcomes to
> enable it (jail for tax fraud). Hence in Bitcoin we have the enforced
> subsidy. AFAIK the problem of how to incentivize transaction
> verification without subsidy is unsolved. Who determines a fair price?
> People around here should study more economics, game theory, etc.
> instead of debating low level encodings all the time.
>
> On Fri, May 8, 2015 at 4:15 PM, Tier Nolan <tier.nolan at gmail.com> wrote:
> > Just to clarify the process.
> >
> > Pledgers create transactions using the following template and broadcast
> > them.  The p2p protocol could be modified to allow this, or it could be a
> > separate system.
> >
> > Input: 0.01 BTC
> > Signed with SIGHASH_ANYONE_CAN_PAY
> >
> > Output 50BTC
> > Paid to: <1 million> OP_CHECKLOCKTIMEVERIFY OP_TRUE
> >
> > Output 0.01BTC
> > Paid to OP_TRUE
> >
> > This transaction is invalid, since the inputs don't pay for the output.
> The
> > advantage of the sighash "anyone can pay" field is that other people can
> add
> > additional inputs without making the signature invalid.  Normally, any
> > change to the transaction would make a signature invalid.
> >
> > Eventually, enough other users have added pledges and a valid transaction
> > can be broadcast.
> >
> > Input: 0.01 BTC
> > Signed with SIGHASH_ANYONE_CAN_PAY
> >
> > Input: 1.2 BTC
> > Signed with SIGHASH_ANYONE_CAN_PAY
> >
> > Input: 5 BTC
> > Signed with SIGHASH_ANYONE_CAN_PAY
> >
> > <etc>
> >
> > Input: 1.3 BTC
> > Signed with SIGHASH_ANYONE_CAN_PAY
> >
> > Output 50BTC
> > Paid to: <1 million> OP_CHECKLOCKTIMEVERIFY OP_TRUE
> >
> > Output 0.01BTC
> > Paid to OP_TRUE
> >
> > This transaction can be submitted to the main network.  Once it is
> included
> > into the blockchain, it is locked in.
> >
> > In this example, it might be included in block 999,500.  The 0.01BTC
> output
> > (and any excess over 50BTC) can be collected by the block 999,500 miner.
> >
> > The OP_CHECKLOCKTIMEVERIFY opcode means that the 50BTC output cannot be
> > spent until block 1 million.  Once block 1 million arrives, the output is
> > completely unprotected.  This means that the miner who mines block 1
> million
> > can simply take it, by including his own transaction that sends it to an
> > address he controls.  It would be irrational to include somebody else's
> > transaction which spent it.
> >
> > If by block 999,900, the transaction hasn't been completed (due to not
> > enough pledgers), the pledgers can spend the coin(s) that they were
> going to
> > use for their pledge.  This invalidates those inputs and effectively
> > withdraws from the pledge.
> >
> > On Fri, May 8, 2015 at 11:01 AM, Benjamin <benjamin.l.cordes at gmail.com>
> > wrote:
> >>
> >> 2. "A merchant wants to cause block number 1 million to effectively
> >> have a minting fee of 50BTC." - why should he do that? That's the
> >> entire tragedy of the commons problem, no?
> >
> >
> > No, the pledger is saying that he will only pay 0.01BTC if the miner
> gets a
> > reward of 50BTC.
> >
> > Imagine a group of 1000 people who want to make a donation of 50BTC to
> > something.  They all way that they will donate 0.05BTC, but only if
> everyone
> > else donates.
> >
> > It still isn't perfect.  Everyone has an incentive to wait until the last
> > minute to pledge.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150508/b9fa8756/attachment.html>


More information about the bitcoin-dev mailing list