[bitcoin-dev] Generalized covenants with taproot enable riskless or risky lending, prevent credit inflation through fractional reserve

Tamas Blummer tamas.blummer at gmail.com
Tue Jul 2 06:38:55 UTC 2019 

Good morning Eric and ZmnSCPxj,

> On Jul 2, 2019, at 05:45, ZmnSCPxj <ZmnSCPxj at protonmail.com> wrote:
> 
> Good morning Eric, and Tamas,
> 
>> In the case of tracking an asset that becomes worthless at a specific time, one could value a record of ownership, and the ability to trade ownership of the asset during the period. Consider colored coin type tracking of a theater ticket for a specific show, where the ticket is worthless by the end of the show.
> 
> As it happens, I was playing around with another idea I am developing.
> And it involves something very much similar, but distinct.
> 
> In particular, currencies are worthless unless exchanged for things of value to existent beings.
> And the discovery of things of value is enabled by advertising.
> The idea I am developing, is that of a "Bitcoin Classified Ads Network", wherein ordinary P2PKH UTXOs (or P2WPKH equivalents) embed a commitment to an advertisement.
> A secondary network of nodes (separate from the Bitcoin network) transmits the actual advertisements, as well as the UTXOs being used to commit to them.
> This secondary network would then reject/purge advertisements once the UTXO is spent on the Bitcoin blockchain.
> This makes advertising costly (for the opportunity cost of locking some money in a UTXO until one has acquired actual paying custom) while reducing impact on Bitcoin blockchain space (commitment to the advertisment is in the same space as the ownership of the coin).
> Changing the advertisement one makes is possible, at the cost of paying for a transaction in the Bitcoin blockchain to spend the old UTXO and publish a new UTXO now committing to the new advertisement.
> 
> Of note is that I also derived that it would be beneficial, for some HODLers to offer their funds for the purpose of making these advertisements.

All above aligns with my intuition that: on one side giving up temporary control of UTXOs represent opportunity cost and on the receiver side having temporary control can unlock utility they would pay for.
If the techical setup is trustless and return of control to those who gave it up temporarilty is certain, then this in combination means that HODLer are able to earn riskless interest by giving up control of their UTXOs temporarily.


> Some service or product provider would agree with an advertiser to lock some coins of the advertiser for a limited amount of time, in exchange for payment upfront, with the coin address committing to the indicate advertisement of the service or product provider.
> This can be done by paying to a 2p-ECDSA (or with Schnorr, MuSig) public key, with the service/product provider embedding a commitment to its advertisement to its own key, and a pre-signed `nLockTime` transaction that lets the advertiser recover the money.
> 
> This is in fact a similar use to the "theater ticket" case you mentioned, yet distinct.
> In the case of the Bitcoin Classified Ads Network, it is the intermediate addresses used before reclamation by the advertiser that is valuable, as they also serve as commitments to advertisements, attesting to the (probable) validity of the advertisement and making spam have a cost.
> Given that nodes of the Bitcoin Classified Ads Network will have memory limits, advertisements whose "lockup-rate" (i.e. the amount of value of the backing UTXO, divided by the size of the advertisement) are low could be evicted from memory before advertisements with high lockup-rate, and thus be less likely to propagate across the network.
> Thus service/product providers would want to increase their "marketing budget" to be less likely to be evicted from nodes of the Bitcoin Classified Ads Network, which is beneficial as it increases the minimum practical lockup-rate needed to spam the network, thus making spam costly.
> 
> My current plan is that the provider can contact the advertiser in order to effect changes to their advertisement.
> Then the provider and the advertiser sign a new timelocked reclamation transaction, then sign a transaction moving from the old advertisement to the new advertisement (presumably there is some protocol for ensuring the advertiser gets paid for this, such as an HTLC that can be triggered by an onchain payment or by an LN payment; I have the details in my processing space but require some time to serialize to human-readabe format).
> 
> Arguably, this example seems to show that generalized covenants are not needed in fact, if transfers of coin require paying to the issuer/lender of the coin.
> Generalized covenants allows the provider (or ticket-holder in your example) to effect transfers from one advertisement to another (or one ticket-holder to another in your example) without cooperation with the advertiser (or ticket-issuer in your example).
> This would be otherwise needed if we lock using a 2-of-2 address that has a timelocked transaction to reclaim the funds.

Yes, your example does not need the covenant as the one who gave up temporary control is still involved in any motion of the UTXO, therefore able to enforce own interest that reclaiming the UTXOs remains possible.

A covenant is needed only if it is against the interest of all parties involved in transfers of the UTXO, in which case consensus must enforce that it is carried forward.
The added strength of the covenant is that the one who gives up temporary control does not have to be involved in using the UTXO until it is given back.

Note that the advertizing service provider would need temporary access to UTXOs of signficant value, so opportunity cost and thereby cost of advertizing becomes significant.
Covenants would allow the separation of the advertizing service from HODLer funding it with significant UTXOs.
HODLer could give temporary control to the service and the service could broker those to others, but the original HODLer was sure to receive the UTXOs back and the HODLer would not be bothered with the operation of the service.

The covenant I proposed would add an alternate taproot validation path stacked onto previously existing ones.
This means that one could give others temporary access for a shorter time period than one’s own temporary access.
One could however not override the delayed access secured for the HODLer.

Does this remind you of something? Yes, the service provider would act like a bank, matching depositor, the HODLer, with those who need temporary control of UTXO for advertizing purposes.
This shows why temporary control with covenant can be understood as loan in a full reserve banking, which started my exploration of this topic.

Current technical means do not allow trustless and hands-off coordination of provider of UTXOs (that is capital) with provider of arbitary services that monetize the use of Bitcoin’s unforgable registry.
In other words we need covenants to enable Bitcoin applications to trustlessly and flexibly deal with foreign capital.

One other thing the consensus would have to ensure is that inputs with covenants are merged only into outputs with same covenant.
Which makes UTXOs with a particular covenants obey rules earlier known for colored coins and transactions moving it form a distinct embedded chain.
Adding same covenant establishes fungible coinbases of same embedded chain and dropping the covenant makes them again fungible with common UTXOs.

I could not be more excited of what boost this could give to the Bitcoin economy, unlocking the use of its unforgeable registry to track any asset with the same security guarantees it offers for its own cash token.

Best to you,

Tamas Blummer


> 
> Regards,
> ZmnSCPxj

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: Message signed with OpenPGP
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20190702/4f51afba/attachment.sig>

More information about the bitcoin-dev mailing list