[Bitcoin-development] Consensus-enforced transaction replacement via sequence numbers
pete at petertodd.org
Wed May 27 10:58:05 UTC 2015
On Wed, May 27, 2015 at 08:18:52AM +0000, Gregory Maxwell wrote:
> On Wed, May 27, 2015 at 7:47 AM, Peter Todd <pete at petertodd.org> wrote:
> > Equally this proposal is no more "consensus enforcement" than simply
> > increasing the fee (and possibly decreasing the absolute nLockTime) for
> You've misunderstood it, I think-- Functionally nlocktime but relative
> to each txin's height.
> But the construction gives the sequence numbers a rational meaning,
> they count down the earliest position a transaction can be included.
> (e.g. the highest possible sequence number can be included any time
> the inputs are included) the next lower sequence number can only be
> included one block later than the input its assigned to is included,
> the next lower one block beyond that. All consensus enforced. A
> miner could opt to not include the higher sequence number (which is
> the only one of the set which it _can_ include) it the hopes of
> collecting more fees later on the next block, similar to how someone
> could ignore an eligible locked transaction in the hopes that a future
> double spend will be more profitable (and that it'll enjoy that
> profit) but in both cases it must take nothing at all this block, and
> risk being cut off by someone else (and, of course, nothing requires
> users use sequence numbers only one apart...).
I understand that part.
I'm just saying it's not clear to me what's the functional difference in
practice between it and having both parties sign a decreasing absolute
nLockTime. For instance, you and I could setup a payment channel using
the following transaction t0:
1.0 BTC: PT -> 1.0 BTC: PT && (GM || <expiry> CLTV)
1.0 BTC: GM -> 1.0 BTC: GM && (PT || <expiry> CLTV)
After <expiry> both of us are guaranteed to get our funds back
regardless. I can then give you funds by signing my part of t1a:
t0.vout <PT sig> <blank> -> 0.5 BTC: PT
t0.vout <blank> <PT sig> -> 1.5 BTC: GM
nLockTime = <expiry - 1>
You can then give me funds with t1b:
t0.vout <blank> <GM sig> -> 1.5 BTC: PT
t0.vout <GM sig> <blank> -> 0.5 BTC: GM
nLockTime = <expiry - 2>
etc. etc. We can close the channel by signing a non-nLockTime'd tx at
any time. If you don't co-operate, I have to wait, and hope I get my tx
mined before you get yours.
What I'm not seeing is how the relative nLockTime that nSequence
provides fundamentally changes any of this.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 650 bytes
Desc: Digital signature
More information about the bitcoin-dev