First up, I want to recognize that this is an uncomfortable topic! Bitcoin is inevitably changing towards user-pays, and that's not all positive. But facts we don't like are still facts: can't engineer a solution if we can't think about the problems.

There are three kinds of bitcoiners.

A. Those who can afford any fee.

B. Those who can afford a UTXO, but not often.

C. Those who can't afford a UTXO.

Nobody worries about the A group (and in the early days, that was everyone). Obviously Lightning (my area!) caters to the B group, and we want it to be as large as possible. To do this we can (1) make lightning as resiliant as we can so onchain spends are rare, (2) make bitcoin as efficient as possible so we can cram as much as we can into what we have.

(1) Making lightning more resilient and reliable is engineering. Lots of people working on this, even before we get soft-forks which could help further.

(2) More efficiency has two benefits: obviously if your own onchain spends are 20% smaller, that's 20% cheaper. But if *everyone's* onchain spends are 20% smaller, that means fees are lower *for everyone* too (and it's non-linear). So we really care about all Bitcoin usage! Some things are obvious wins: Taproot so you can avoid even putting the script onchain in many cases, FROST so you can cram your 2 of 3 or other scheme into a single key and signature. We know we want to get more aggressive with sharing one signature across multiple inputs (Cross Input Signature Aggregation), but that needs a lot more research, and a soft-fork.

But even with all these, the math is clear: some people, even if you somehow gave them their wealth in a UTXO, it couldn't afford its own fees to spend. The C group is real. Spoiler alert: we don't have an answer for this! But let's look at some approaches people have tried.

Firstly, there are attempts to move these people into the B group: give them long enough that maybe fees will reach a point they can afford. This seems unlikely to me:

1. As fees increase everyone will start doing the work to take advantage of low fee times, and that itself means that low-fee times won't be so low.

2. These schemes tend to increase onchain footprints, so they need fees to drop a lot to overcome that (typical is 2x the transaction size, so you need fees to halve to gain anything).

3. If you really can't afford the fee, you probably also can't afford to wait.

4. You still haven't actually dealt with those who really, really can't afford the fees. Ever.

Another suggestion is that someone (e.g. a lightning service provider) will lock up funds which would cover fees, in case something goes wrong. This doesn't work economically, because nobody is paying $100 for a $5 user (not at scale), but it doesn't even work mathematically: the reason some people will have small UTXOs is because there are not enough sats for 10 billion people with any realistic distribution.

There are two basic approaches left:

1. Group people, so they fall into the B category (i.e. onchain tx is possible, but expensive).

2. Trust someone, but rely on incentives.

1. Grouping people is possible, but they need to work together if somenthing goes wrong. So grouping inside a community is probably better than grouping with randos.

For example, there are various tree-of-transaction schemes where you go onchain only if the coordinator fails/goes rogue, and how much it costs you depends on whether anyone near you in the tree pays to get themselves out. These are basically free if nothing goes wrong (one UTXO required for thousands of users!). But this is subject to ghettoization, where the coordinator makes sure all the C people are grouped together, knowing none of them can afford the transactions they need to get their funds back. It's particularly bad because the coordinator can insert its own fake "whales" to make it look like it's not ghettoized.

You can play with incentives here, too: more research needed. The details matter!

2. Relying on incentives.

As a simple example, lightning-connected e-cash mints. They can't rug individuals very easily, they have to rug everyone together (or go fractional and rug the last ones to exit). Maybe with enough anonymity and reputation, these would be Good Enough.

More ambitious would be a single UTXO held for multiple people by a coordinator. Can we make it so that if a coordinator is dishonest, you can force them to burn your funds? Maybe burn more than your funds (ie. a bond)? Won't get your money, but it aligns incentives so they're not motivated to rug you. The details here really matter!

There's a cute scheme which has been proposed where the coordinator pays a temporary bond, and asserts that they actually have everyone's signature to transfer the funds. If nobody challenges within a week, they get the bond back and the funds move. If someone challenges, all the signatures are put onchain, and if they're not all valid, the bond gets half-burned and half-given to the (successful) challenger. This is hard to make work, though. Someone needs to get the money to challenge (hard if you don't have the money in the first place, plus it's hard to prove to someone you *didn't* sign something!), and then make sure nobody gets the challenge bond before them (in particular, a dishonest coordinator, seeing the game is up, completes the successful challenge *themselves* and gets half their bond back), and make sure someone can't grief and delay the settlement indefinitely or bankrupt the coordinator.

More research needed, here, too.

Summary

A longer post than I had expected to write. And it's buried in the middle of a thread nobody will read. (I do this sometimes. I suck at marketing I guess!)

Sub-fee bitcoin amounts will have tradeoffs, involving trusting someone who has more money than you (at least, in someone's competence, even if their *financial* incentives can be made to match yours). This is difficult to build well, and not a very exciting thing to build today, so it hasn't really happened (custodial things are much, much easier!).

This is also a key reason I believe we need to make Bitcoin more expressive: if we can do *more* with our own UTXOs, we can build better solutions. And by "we" I mean "someone smarter than me" of course!

Feedback welcome!

Bitcoin doesn't need governments to win. It doesn't need governments to stack it. It doesn't need to ask for help.

Instead, the bar is much lower. Bitcoiners, in their preferred jurisdiction, would benefit by not being hassled by their government. They'd like to be able to buy it without problems. They'd like to be able to pay for energy and equipment and mine it in peace. They'd like be able to write open source code without facing legal problems. They'd like to be able to operate reputable businesses related to it. If they can't, then some of them will move as necessary.

It's helpful for the ecosystem to have non-hostile jurisdictions in the world. And for those that can't move without great sacrifice (i.e. most people), it's helpful for them that whatever jurisdiction they are in, is non-hostile.

So it's good that bitcoin is getting into the Overton window. The industry has some power now. Bitcoin benefits from builders and educators and advocates. It benefits from those who do their best to prevent the worst legislative outcomes against self-custody, against privacy, against running a business, against mining, etc.

But Bitcoin doesn't need to pander to them to proactively support us, and bitcoiners should recognize the sliminess of politician incentives when they come to pander to us. While it's in their best interest to build national reserves if they actually figure this thing out, we don't need them to build reserves.

I think that's the helpful line. That's where the signal is. To the extent that we minimize how much we are tread on, and build multi-national accepting footholds to pivot around, we gradually build what we want to exist.

We ask to be treated fairly, we use our resources to help ensure that we are, and to the extent that we are not then we adjust as necessary.

didn’t know you were here! love nunchuk! Will read

The crazy bitcoin security side of me can’t really use bitkey in its current state but damn it’s cool and easy to use. Feels like a more streamlined version of nunchuk. I wish it was a bit more transparent. Right now it’s completely opaque, you can’t see the multisig wallet descriptor. The rock could just be a fancy blinking light with for all i know.

It’s clearly an all-in-one solution. It doesn’t seem that it’s intended to be used as a standalone signer. I would totally use it if I could use it that way. Maybe thats coming in the future.

Right now you have to trust that the on-device key, bitkey, and their server is all securely separated. The whole point of multisig to me is to have compartmentalized trust, but bitkey seems to be using it mainly as a recovery scheme if you lose your device, since there is no seed phrase import step

I was at least able to verify that it is using multisig, but was only able to by sending a transaction, otherwise it’s all a black box and I have to trust them.

One thing you can’t deny is that if you trust that they have implemented everything the right way, it’s a very slick and simple solution for most people.

Would I recommend this for people looking to store their life savings? Probably not, at least not until it becomes more transparent.

What they mean about using two hardware keys? Two keys in the same hardware device or two different devices?

can you use your own node with nunchuk?

#[0] Bob did very well holding on to those zaps

Exactly 😂 . We definitely let him have screen time. But typically we encourage him to do something more educational. He is a huge Lego nerd and when we discovered Minecraft he went down a rabbit hole. When he does have screen time (usually limited to at most an hour) he typically builds with his friends or watches YouTube videos about how to build different things.

He also plays guitar and knows to not even bother asking for a screen until he’s practiced for at least 20 minutes. Once that’s done he often watches YouTube guides on how to play new songs. Sometimes he just gets into it and plays for an hour.

So… I think the big difference is in quality of screen time. Passive versus active. And we see the same in Nostr and social media. Passive doom scrolling on Twitter versus active community building here. 🤙

LOL. Output descriptors are underrated, miniscripts won’t be because I don’t think there is any alternative safe way of handling taproot complex scripts ;)