📅 Original date posted:2016-01-26
📝 Original message:This is a bad idea. OP_RETURN attachments are tolerated (not encouraged!) for
the sake of the network, since the spam cannot be outright stopped. If it
could be outright stopped, it would not be reasonable to allow OP_RETURN. When
it comes to the payment protocol, however, changing the current behaviour has
literally no benefit to the network at all, and the changes proposed herein
are clearly detrimental since it would both encourage spam, and potentially
make users unwilling (maybe even unaware) participants in it. For these
reasons, *I highly advise against publishing or implementing this BIP, even if
the later mentioned issues are fixed.*
On Tuesday, January 26, 2016 1:02:44 AM Toby Padilla wrote:
> An example might be a merchant that adds the hash of a plain text invoice
> to the checkout transaction. The merchant could construct the
> PaymentRequest with the invoice hash in an OP_RETURN and pass it to the
> customer's wallet. The wallet could then submit the transaction, including
> the invoice hash from the PaymentRequest. The wallet will have encoded a
> proof of purchase to the blockchain without the wallet developer having to
> coordinate with the merchant software or add features beyond this BIP.
Such a "proof" is useless without wallet support. Even if you argue it could
be implemented later on, it stands to reason that a scammer will simply encode
garbage if the wallet is not checking the proof-of-purchase upfront. To check
it, you would also need further protocol extensions which are not included in
this draft.
> Merchants and Bitcoin application developers benefit from this BIP because
> they can now construct transactions that include OP_RETURN data in a
> keyless environment. Again, prior to this BIP, transactions that used
> OP_RETURN (with zero value) needed to be constructed and executed in the
> same software. By separating the two concerns, this BIP allows merchant
> software to create transactions with OP_RETURN metadata on a server without
> storing public or private Bitcoin keys. This greatly enhances security
> where OP_RETURN applications currently need access to a private key to sign
> transactions.
I don't see how this has any relevance to keys at all...
> ## Specification
>
> The specification for this BIP is straightforward. BIP70 should be fully
> implemented with two changes:
>
> 1. Outputs where the script is an OP_RETURN and the value is zero should be
> accepted by the wallet.
> 2. Outputs where the script is an OP_RETURN and the value is greater than
> zero should be rejected.
>
> This is a change from the BIP70 requirement that all zero value outputs be
> ignored.
This does not appear to be backward nor even forward compatible. Old clients
will continue to use the previous behaviour and transparently omit any
commitments. New clients on the other hand will fail to include commitments
produced by old servers. In other words, it is impossible to produce software
compatible with both BIP 70 and this draft, and implementing either would
result in severe consequences.
> As it exists today, BIP70 allows for OP_RETURN data storage at the expense
> of permanently destroyed Bitcoin.
It is better for the spammers to lose burned bitcoins, than have a way to
avoid them.
Luke
Luke Dashjr [ARCHIVE] /
npub1tf…rfq0n
2023-06-07 17:48:06
in reply to nevent1q…qa5g
Author Public Key
npub1tfk373zg9dnmtvxnpnq7s2dkdgj37rwfj3yrwld7830qltmv8qps8rfq0nSeen on
wss://relay.noswhere.comPublished at
2023-06-07 17:48:06Event JSON
{
"id": "7955882484b41954e2562e11cee25312de47a79d48abd55c09b4835d49a8829d",
"pubkey": "5a6d1f44482b67b5b0d30cc1e829b66a251f0dc99448377dbe3c5e0faf6c3803",
"created_at": 1686160086,
"kind": 1,
"tags": [
[
"e",
"368032d333e01794ac3e7b97c278de084cce6e6228857d943836fb1a934a5739",
"",
"root"
],
[
"e",
"76d622db55903bf44e0434a751580fc913f33068a5d97e80c7ea3d9ed0ebc3ca",
"",
"reply"
],
[
"p",
"d94a4049e1eafdb70a0dc089351c47ae335f75b3408012d8495d51889ad9a292"
]
],
"content": "📅 Original date posted:2016-01-26\n📝 Original message:This is a bad idea. OP_RETURN attachments are tolerated (not encouraged!) for \nthe sake of the network, since the spam cannot be outright stopped. If it \ncould be outright stopped, it would not be reasonable to allow OP_RETURN. When \nit comes to the payment protocol, however, changing the current behaviour has \nliterally no benefit to the network at all, and the changes proposed herein \nare clearly detrimental since it would both encourage spam, and potentially \nmake users unwilling (maybe even unaware) participants in it. For these \nreasons, *I highly advise against publishing or implementing this BIP, even if \nthe later mentioned issues are fixed.*\n\nOn Tuesday, January 26, 2016 1:02:44 AM Toby Padilla wrote:\n\u003e An example might be a merchant that adds the hash of a plain text invoice\n\u003e to the checkout transaction. The merchant could construct the\n\u003e PaymentRequest with the invoice hash in an OP_RETURN and pass it to the\n\u003e customer's wallet. The wallet could then submit the transaction, including\n\u003e the invoice hash from the PaymentRequest. The wallet will have encoded a\n\u003e proof of purchase to the blockchain without the wallet developer having to\n\u003e coordinate with the merchant software or add features beyond this BIP.\n\nSuch a \"proof\" is useless without wallet support. Even if you argue it could \nbe implemented later on, it stands to reason that a scammer will simply encode \ngarbage if the wallet is not checking the proof-of-purchase upfront. To check \nit, you would also need further protocol extensions which are not included in \nthis draft.\n\n\u003e Merchants and Bitcoin application developers benefit from this BIP because\n\u003e they can now construct transactions that include OP_RETURN data in a\n\u003e keyless environment. Again, prior to this BIP, transactions that used\n\u003e OP_RETURN (with zero value) needed to be constructed and executed in the\n\u003e same software. By separating the two concerns, this BIP allows merchant\n\u003e software to create transactions with OP_RETURN metadata on a server without\n\u003e storing public or private Bitcoin keys. This greatly enhances security\n\u003e where OP_RETURN applications currently need access to a private key to sign\n\u003e transactions.\n\nI don't see how this has any relevance to keys at all...\n\n\u003e ## Specification\n\u003e \n\u003e The specification for this BIP is straightforward. BIP70 should be fully\n\u003e implemented with two changes:\n\u003e \n\u003e 1. Outputs where the script is an OP_RETURN and the value is zero should be\n\u003e accepted by the wallet.\n\u003e 2. Outputs where the script is an OP_RETURN and the value is greater than\n\u003e zero should be rejected.\n\u003e \n\u003e This is a change from the BIP70 requirement that all zero value outputs be\n\u003e ignored.\n\nThis does not appear to be backward nor even forward compatible. Old clients \nwill continue to use the previous behaviour and transparently omit any \ncommitments. New clients on the other hand will fail to include commitments \nproduced by old servers. In other words, it is impossible to produce software \ncompatible with both BIP 70 and this draft, and implementing either would \nresult in severe consequences.\n\n\u003e As it exists today, BIP70 allows for OP_RETURN data storage at the expense\n\u003e of permanently destroyed Bitcoin.\n\nIt is better for the spammers to lose burned bitcoins, than have a way to \navoid them.\n\nLuke",
"sig": "4d5cede0fa091539810c4113889ff3b7a6f3d0c72da36b33107c3a206a3ce03d0265b4456f27965f5331fda84252705820935b7a5683a309d82b1b30d62059cd"
}