Talking to some people about OP_VAULT today. Any questions you have that you want the answers to?
Discussion
1. Is it really “reactive” security if you have to be proactive and secure both the vaulting backup and the fallback backup?
2. Seems like miniscript could get similar benefits with no soft fork and more flexibility, yeah?
(Might have phrased some of that incorrectly)
1. It's reactive security because you can still take action after your bitcoin has moved on chain. This does not currently exist in the bitcoin protocol. If your private key gets popped it's game over immediately.
2. Miniscript allows you to define far more flexible conditions that must be met to spend your coins. It doesn't mean improved security over the existing options, just that you can apply existing security measures in more scenarios. OP_VAULT adds a whole new layer to your security setup.
Is it possible to do any kind of vaulting with some clever taproot script path spends? If so, what are the fundamental differences of that vs vaulting with OP_VAULT and what improvements does it provide?
OP_VAULT is a covenant, which does not currently exist in bitcoin. A covenant is a condition that controls what addresses your coins can move to once they leave their current resting place (locking script). Currently in bitcoin, once the locking script is satisfied, the coins are free to be sent to any address (or burned or sent to miners).
You can achieve a similar effect with the current bitcoin protocol by creating a signed transaction and throwing away the private key. But this solution is inherently complicated, inflexible, and it's impossible to prove that it was done correctly after the fact. These obstacles mean that it probably will never achieve widespread adoption.
OP_VAULT is a dramatic simplification of this process that adds back all the flexibility you lose in the pre-signed transaction case. And it is dead simple to prove on-chain. Simplicity is tantamount to security.
OP_VAULT IS a terrible idea
https://www.reddit.com/r/Bitcoin/comments/11so39n/op_vault_is_a_proposed_upgrade_to_bitcoin_you_can/
What concerns do you have? The post you linked to says that a problem is that people have to secure their backup keys. Later in the thread, people raise the common concern with covenants about them being used to put restrictions on withdrawals, which has been debunked.
This concerns, OP_vault can be miss used by exchanges will harm individual users. Is it possible?
https://www.reddit.com/r/Bitcoin/comments/11so39n/comment/jcfzezr/
no, its not possible for an exchange to push conditions into your coins. Your wallet has to commit to the conditions to generate the address
The original reddit post meant that OP_VAULT could be misused as a new type of multi-signature. The correct way to use it is to have both paths belong to one party. But there is a possibility of misuse, one paths belongs to the exchange and one path belongs to the user. Exchanges will promote such addresses on their apps and wallets, and this promotion is easy
Some thoughts
1. bip345 introduced a new utxo which is new, unprecedented, and not in a minor scope. Change is Too big.
2. bip345 seeks fast activation, and inevitable activation, but after only one month, it seems that the author has made significant changes to it, including detail implementation. Too hurry.
3. only discuss the benefits without reciprocity, and avoid discussing the disadvantages of its misuse. Compares are Not even for other time lock method
4. It is very beneficial for institutional users, but not friendly enough for individual users, which exacerbates inequality. A simple one like watch tower is not practically implementable for most of the individual users
1. The change is much smaller than other soft forms and is a well-scoped change (vs a large sweeping change). It does not introduce new utxos. It introduces new ways to encumber coins
2. The activation for bip345 is currently unspecified. It is not seeking a one month activation.
3. Im not sure what you mean about the other lock time. What are the downsides you want to have discussed?
4. I disagree. OP_VAULT would let individual HODLers massively upgrade their security without a lot of operational complexity. Individual users could have a single phone wallet or hardware wallet that implements a vault and falls back to more complex recovery paths. So you could have the ease of use of something like blue wallet but the theft resistance of a multisig
1. bip345 introduces 'covenant' a new utxo, non-deterministic utxo, doesn't it?
2. from GitHub and Twitter comments, bip345 behaves too hurry, but 1 month ago the author made a lot of changes with the help of others didn't he?
3. bip345 introduces new features, in terms of security comparisons, any progress over timelock-multi-signature address? And bip345 repeatedly disparages the time-lock protocol(bip65), and claims itself to be the 'perfect ultimate wallet solution', which is too suspicious, isn't it?
4. bip345 needs a watch-tower all the time to look at the on-chain txs, how can an individual do that? Technically(mobile phone) not allowed, time (need work, sleep, vocation) not allowed for an individual, isn't it?