[bitcoin-dev] Smart Contracts Unchained

[ZmnSCPxj]

Good morning Aymeric,

> Hi,
>
> Apparently you are not a fan of ethereum, as far as I can tell ethereum
> sidechains look like a mess with stupid tokens/transactions flooding the
> network while they are completely centralized, but some bitcoin
> sidechains can easily compete with this too, like Tether, don't even
> understand how anyone can give some credit to that stuff the way it is
> implemented, and if bitcoin fails that would be the same as for ethereum

I prefer to be more precise in my terminology.
Colored coins are not the same as sidechains, and there are colored coins and then there are colored coins.
This mechanism does not propose some change in colored coins.
An important aspect of colored coins is that one can foist them on somebody else to extract things of real value from them, but this mechanism is more strongly for a fixed set of participants.

I strongly suspect that Bitcoin will outlast Ethereum, but that is rather not very related to this topic.

> Most likely everyone would agree if the escrow disappears, but not sure
> at all, let's imagine 1 to N put 10K on the table for a game, they
> update the states and at the end N wins everything, N is rich and don't
> care finally if the others cheaters have their coins locked (and to lose
> 10K), same with setting up a new escrow to resolve the conflict
>

Indeed.
Still, the option to do so exists, and sometimes all that is needed for humans to do the right thing, is to be given the option to do so.

> I think that you should highlight this (and what private key corresponds
> to E + h(E | s) * G, not sure it's trivial for everybody), probably a
> way to get this more decentralized is to reward the escrows (what is the
> interest here for people to run a smart contract platform?)

I assumed both were obvious, but I suppose a few more words about those would not be amiss.

>
> For lightning, maybe it's a question of wording, I consider it as a
> sidechain AND methods that can be used by other sidechains, as well as
> the others you quoted, even if only two people in the world use
> lightning, it is still decentralized, because it sustains itself alone

Again, I prefer precision in my terminology.
For me, a sidechain is a blockchain of some sort.
In particular, a kind of Merklized singly-linked list containing representations of transformations of state, is how I define blockchain to be.

No such Merklized singly-linked list exists in Lightning Network, thus I do not consider it, "blockchain".
And thus I do not consider it "sidechain", as a sidechain is a blockchain.
Current LN does use "shachains" by Rusty, but shachains are not Merklized singly-linked lists, but are instead a kind of inverse mountain range structure.

Still, one might consider both federated sidechains and Lightning Network to have a "federated" offchain structure.
This is because the coins on the Bitcoin blockchain are locked to a multisignature and activity is not recorded on the Bitcoin blockchain.
However, in LN, each channel is a 2-member federation (you and a counterparty) and the mechanism in LN requires consensus (2-of-2) rather than a quorum (m-of-n).
This greatly increases the security of LN: the owner of funding on an LN channel can always refuse to sign an update if the other member of the federation is taken over.
Compare this to the quorum that typical federations have, where takeover of a sufficient quorum is enough to steal funds from the remaining federation.
https://zmnscpxj.github.io/offchain/safety.html

Regards,
ZmnSCPxj