Replying to Avatar waxwing

This is an interesting response to the debate, and further firms up my sense that the real problem with enacting a covenant soft fork is the lack of a *genuinely compelling* protocol proposal using it.

Don't get me wrong, there are lots of proposals, some of which are useful: vaults seems like the strongest candidate there, but they are not critical to bitcoin's survival/success (important, yes, critical, i suspect no), and congestion control is valuable but neither of these are *genuinely compelling*. Lightning was, and segwit was propelled by its existence.

To illustrate my point, if you go to utxos.org, another proposal it highlights as an example is "Bitcoin Clique". I read the paper yesterday, and the TLDR is a kind of coinpool construct that requires covenants to allow exchange of funds within the pool. It has some neat tricks (repeated trees with double spend prevention through adaptors), but imo it doesn't reach the "compelling" level because: a) it needs an operator, who needs to put up linear collateral b) exit is unilateral, of course, but is very disruptive (so large groups might never work), c) exit onchain footprint is log_2(n) in pool size which sounds great but that is another size restriction. d) fixed denomination coins!

This protocol is cool but "meh" in terms of it ever getting usage.

We need something that feels very 10x (business/marketing speak). I don't think vaults have that feeling, and congestion control definitely doesn't. That's why I believe Sjors is right to mention sidechains/ShieldedCSV (though I think the latter doesn't actually go in this direction).

You might read this and reasonably ask me: "Well, but if you don't know any super-duper compelling usage of covenants yet, why are you so keen on finding them?" It's not easy to explain, but it's an intuition I've developed, that constraining destination might be the last piece of the puzzle (after malleability fix for presigning, then schnorr for musig, mast for script size) that allows offchain contracting to work to its full extent, which I don't care about to do fancy programming in bitcoin, I care about it because I think it's needed for 50x to 500x more *users* of Bitcoin.

TLDR someone needs to find a kickass off chain (L2 if you like) protocol that could 50x the usage of bitcoin using covenants, *without centralization *, then needs to write code and deploy it on say Liquid and signet. Then the conversation changes. Before then, we're probably not going to get vaults etc. (I could be wrong!).

nostr:nevent1qqsthqlm2dkha0meqvhqx6n3suh3f0s2jx9vs4634hj965vgxn0swagpz4mhxue69uhhyetvv9ujuerpd46hxtnfduhsygyxsh477ejn8rwkjv0zen0ncxwe7rj6zpnujx8j9ecgrsj43786lqpsgqqqqqqsdaag06

Avatar
Rusty Russell 1y ago

Agreed. SIGHASH_NOINPUT has a clear use case, but got mired in the fact that it opens covenants.

None of these proposals offer compelling use cases (ie beyond, basically, refining lightning) because they are all incremental. They cater to users who *don't want to* use a UTXO, not those who *can't afford to*. And that's likely to be a narrow band of users, in the long term.

The only protocol I can conceive of which *does* give something to sub-UTXO users is a group structure where all the funds can be burned if any user proves the coordinator misbehaved (Christian Decker named this a "Nero protocol", which I like). But proving every kind of misbehavior, including failure to respond, is a very big, maybe impossible, ask. TBH, I haven't tried...

Reply to this note

Please Login to reply.

Discussion

Avatar
waxwing 1y ago

On noinput/APO, that's interesting, perhaps even a good counter to my point. Do you think that its potential use for covenants is actually the reason it hasn't reached a concrete soft fork proposal (hence muddying the waters or smth)?

It always felt like a very powerful change, and to the extent any of these things could be dangerous, it is so more than say ctv. Or is it that eltoo *also* is not reaching the threshold of "10x" (colloq. speaking).