Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Investigate possibility of sign-to-contract scheme for RGBv2 #65

Closed
3 tasks
dr-orlovsky opened this issue Oct 6, 2020 · 1 comment
Closed
3 tasks

Investigate possibility of sign-to-contract scheme for RGBv2 #65

dr-orlovsky opened this issue Oct 6, 2020 · 1 comment
Labels
*censorship* Issues important for censorship resistance [DBC] Deterministic bitcoin commitments *privacy* Issues important for privacy matters proposal New proposals question Further information is requested [RGB] Specs related to client-validated state management system *scalability* Issues important for scalability *security* Security-related issues WIP Work in progress
Milestone
RGBv2

Comments

@dr-orlovsky
Copy link
Member

dr-orlovsky commented Oct 6, 2020
edited
Loading

Copy of discussion from RGBv1 audit:

@dr-orlovsky> do you remember why we originally stick to pay-to-contract and not sign-to-contract commitments?

@fedsten> there were some issues with the multisig, as the co-signer may easily destroy the tokens by not putting the commitment in his signature

@dr-orlovsky>
yes, this applies to pay-to-contract multisig, and was solved by LNPBP-2, where we commit to the sum of keys, so at least one of the signers must produce correct signature. Now, with switching sign-to-contract will:

  • allow wallets not to keep tweaking information and simplify situations when tweak has to go into output owned by some other party
  • make LNPBP-3 redundand and will solve fee problem (lexicographic ordering of inputs/outputs etc), however it will result in generally larger anchors (since all commitments to all assets from some output must go into the same input, and not distributed across all witness transaction outputs)
  • on the other hand we would not need to store output script information as the part of anchor data, so final impact on the size of the client-validated-data probably would not change

@fedsten> that indeed the problem was only due to the old design on multisig commitments
rgb-archive/spec#10

@giacomozucco> Yes, i remember the same. some divergence in security model between bitcoin multisig and rgb multisig (always manageable, but potentially confusing, since the security assumptions would radically change, while with p2c they stayed more consistent). Also, I remember some incompatibility between the s2c commitment model and eltoo. Which wouldn't be a big deal if not for the fact that the commitment scheme is one of the things we can't easily change anymore.

@dr-orlovsky> yes. But now with LNPBP-2 this should not be a problem anymore

@giacomozucco> Yes, it would be much simpler in many ways

@dr-orlovsky> Thank you, I think we will need to provide rational for that decision in the spec anyway. Not sure that it will conflict with Eltoo, so I will leave this issue opened

@giacomozucco> Ack
@dr-orlovsky dr-orlovsky added question Further information is requested [RGB] Specs related to client-validated state management system [DBC] Deterministic bitcoin commitments *privacy* Issues important for privacy matters *censorship* Issues important for censorship resistance *security* Security-related issues proposal New proposals WIP Work in progress *scalability* Issues important for scalability labels Oct 6, 2020
@dr-orlovsky dr-orlovsky added this to the RGBv2 milestone Oct 6, 2020
@dr-orlovsky dr-orlovsky changed the title Investigate possibility of sign-to-contract scheme instead of pay-to-contract in RGBv2 Investigate possibility of sign-to-contract scheme for RGBv2 Oct 6, 2020
@dr-orlovsky
Copy link
Member Author

Not required anymore once we have a Tapret commitments

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
*censorship* Issues important for censorship resistance [DBC] Deterministic bitcoin commitments *privacy* Issues important for privacy matters proposal New proposals question Further information is requested [RGB] Specs related to client-validated state management system *scalability* Issues important for scalability *security* Security-related issues WIP Work in progress
Projects
None yet
Milestone
RGBv2
Development

No branches or pull requests
1 participant
@dr-orlovsky