Nostr Web Client

This is an interesting response to the debate, and further firms up my sense that the real problem with enacting a covenant soft fork is the lack of a *genuinely compelling* protocol proposal using it.

Don't get me wrong, there are lots of proposals, some of which are useful: vaults seems like the strongest candidate there, but they are not critical to bitcoin's survival/success (important, yes, critical, i suspect no), and congestion control is valuable but neither of these are *genuinely compelling*. Lightning was, and segwit was propelled by its existence.

To illustrate my point, if you go to utxos.org, another proposal it highlights as an example is "Bitcoin Clique". I read the paper yesterday, and the TLDR is a kind of coinpool construct that requires covenants to allow exchange of funds within the pool. It has some neat tricks (repeated trees with double spend prevention through adaptors), but imo it doesn't reach the "compelling" level because: a) it needs an operator, who needs to put up linear collateral b) exit is unilateral, of course, but is very disruptive (so large groups might never work), c) exit onchain footprint is log_2(n) in pool size which sounds great but that is another size restriction. d) fixed denomination coins!

This protocol is cool but "meh" in terms of it ever getting usage.

We need something that feels very 10x (business/marketing speak). I don't think vaults have that feeling, and congestion control definitely doesn't. That's why I believe Sjors is right to mention sidechains/ShieldedCSV (though I think the latter doesn't actually go in this direction).

You might read this and reasonably ask me: "Well, but if you don't know any super-duper compelling usage of covenants yet, why are you so keen on finding them?" It's not easy to explain, but it's an intuition I've developed, that constraining destination might be the last piece of the puzzle (after malleability fix for presigning, then schnorr for musig, mast for script size) that allows offchain contracting to work to its full extent, which I don't care about to do fancy programming in bitcoin, I care about it because I think it's needed for 50x to 500x more *users* of Bitcoin.

TLDR someone needs to find a kickass off chain (L2 if you like) protocol that could 50x the usage of bitcoin using covenants, *without centralization *, then needs to write code and deploy it on say Liquid and signet. Then the conversation changes. Before then, we're probably not going to get vaults etc. (I could be wrong!).

nostr:nevent1qqsthqlm2dkha0meqvhqx6n3suh3f0s2jx9vs4634hj965vgxn0swagpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhsygyxsh477ejn8rwkjv0zen0ncxwe7rj6zpnujx8j9ecgrsj43786lqpsgqqqqqqsdaag06

jungly 1y ago

> TLDR someone needs to find a kickass off chain (L2 if you like) protocol that could 50x the usage of bitcoin using covenants, *without centralization *, then needs to write code and deploy it on say Liquid and signet.

A Federated L2 could be interesting where the federation is not limited to Liquid where the federation is limited to regulated parties.

Instead, what if we have a federation managed by a threshold signature that could grow to 50-100 parties to help execute state changes for coinpool.

Such an federation is possible using a Schnorr Threshold Signature. I am building one for a mining pool, where the federation membership is backed by PoW. How such a federation can minimise trust without PoW is a question I am thinking about these days.

Meanwhile - unashamed link share to my repo: https://github.com/pool2win/frost-federation

Reply to this note

Please Login to reply.

Discussion

waxwing 1y ago

Nice, seems like a good general concept for federation.

For a coinpool, I'm wondering how you fold in a threshold. For exit, unilateral exit has to exist of course. But for state updates generally, I guess *maybe* thresholds help for an optimistic path that therefore doesn't require everyone online? (Whether 1 of N or t of N is different.. i guess it just depends?).

jungly 1y ago

tbh, I am using the federation for a mining pool design, where the payout is a DLC contract. The federation acts as an oracle, and voila, the miner gets a unilateral exit, with DLC backed payout guaranteed as long as 1) miner produces hashrate and 2) federation remains honest and signs the attestation.

I have been wracking my brains to see if we can do anything with the federation for an L2 payment mechanism.

I see two problems, a) without PoW how do you keep federation honest and not start sybil attacking b) does it really do anything useful at all, as you asked the question too. I have this uncanny feeling someone somewhere will figure this out. Threshold signatures are way too cool to not give us an interesting future.