[bitcoin-dev] Safer NOINPUT with output tagging

Johnson Lau jl2012 at xbt.hk
Tue Feb 19 19:22:07 UTC 2019


This only depends on the contract between the payer and payee. If the contract says address reuse is unacceptable, it’s unacceptable. It has nothing to do with how the payee spends the coin. We can’t ban address reuse at protocol level (unless we never prune the chain), so address reuse could only be prevented at social level.

Using NOINPUT is also a very weak excuse: NOINPUT always commit to the value. If the payer reused an address but for different amount, the payee can’t claim the coin is lost due to previous NOINPUT use. A much stronger way is to publish the key after a coin is well confirmed.

> On 20 Feb 2019, at 3:04 AM, Luke Dashjr <luke at dashjr.org> wrote:
> 
> On Thursday 13 December 2018 12:32:44 Johnson Lau via bitcoin-dev wrote:
>> While this seems fully compatible with eltoo, is there any other proposals
>> require NOINPUT, and is adversely affected by either way of tagging?
> 
> Yes, this seems to break the situation where a wallet wants to use NOINPUT for 
> everything, including normal L1 payments. For example, in the scenario where 
> address reuse will be rejected/ignored by the recipient unconditionally, and 
> the payee is considered to have burned their bitcoins by attempting it.
> 
> Luke




More information about the bitcoin-dev mailing list