📅 Original date posted:2022-02-15
📝 Original message:Hi Rusty,
Please see my post in the other email thread
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-February/019886.html
The differences in this regard are several, and worth understanding beyond
"you can iterate CTV". I'd note a few clear examples for showing that "CTV
is just as powerful" is not a valid claim:
1) CTV requires the contract to be fully enumerated and is non-recursive.
For example, a simple contract that allows n participants to take an action
in any order requires factorially many pre-computations, not just linear or
constant. For reference, 24! is about 2**80. Whereas for a more
interpretive covenant -- which is often introduced with the features for
recursion -- you can compute the programs for these addresses in constant
time.
2) CTV requires the contract to be fully enumerated: For example, a simple
contract one could write is "Output 0 script matches Output 1", and the set
of outcomes is again unbounded a-priori. With CTV you need to know the set
of pairs you'd like to be able to expand to a-priori
3) Combining 1 and 2, you could imagine recursing on an open-ended thing
like creating many identical outputs over time but not constraining what
those outputs are. E.g., Output 0 matches Input 0, Output 1 matches Output
2.
I think for your point the inverse seems to hold: for the limited
situations we might want to set up, CTV often ends up being sufficient
because usually we can enumerate all the possible outcomes we'd like (or at
least find a mapping onto such a construction). CTV is indeed very
powerful, but as I demonstrated above, not powerful in the same way
("Complexity Class") that OP_TX or TXHASH might be.
At the very least we should clearly understand *what* and *why* we are
advocating for more sophisticated designs and have a thorough understanding
of the protocol complexity we are motivated to introduce the expanded
functionality. Further, if one advocates for TX/TXHASH on a featureful
basis, it's at least a technical ACK on the functionality CTV is
introducing (as it is a subset) and perhaps a disagreement on project
management, which I think is worth noting. There is a very wide gap between
"X is unsafe" and "I prefer Y which X is a subset of ''.
I'll close by repeating : Whether that [the recursive/open ended
properties] is an issue or not precluding this sort of design or not, I
defer to others.
Best,
Jeremy
Best,
Jeremy
--
@JeremyRubin <https://twitter.com/JeremyRubin>;
On Tue, Feb 15, 2022 at 12:46 AM Rusty Russell <rusty at rustcorp.com.au>
wrote:
> Jeremy Rubin <jeremy.l.rubin at gmail.com> writes:
> > Rusty,
> >
> > Note that this sort of design introduces recursive covenants similarly to
> > how I described above.
> >
> > Whether that is an issue or not precluding this sort of design or not, I
> > defer to others.
>
> Good point!
>
> But I think it's a distinction without meaning: AFAICT iterative
> covenants are possible with OP_CTV and just as powerful, though
> technically finite. I can constrain the next 100M spends, for
> example: if I insist on those each having incrementing nLocktime,
> that's effectively forever.
>
> Thanks!
> Rusty.
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20220215/3c2a5425/attachment.html>;
Jeremy Rubin [ARCHIVE] /
npub1xu…fzef0
2023-06-07 23:03:24
in reply to nevent1q…5lzm
Author Public Key
npub1xukrzempxc95ags094lgrfvnvwm7gkuwj3d98qwrzgsynskyhp9qkfzef0Published at
2023-06-07 23:03:24Event JSON
{
"id": "7012744be8fc82b9f976b95d909d3677cd7cc21f94e2648eb094e873c0c73f0f",
"pubkey": "372c316761360b4ea20f2d7e81a59363b7e45b8e945a5381c3122049c2c4b84a",
"created_at": 1686179004,
"kind": 1,
"tags": [
[
"e",
"452992012bb05a59b05452f7bb44645a0965d1a20372b47355e5d904fc3bc381",
"",
"root"
],
[
"e",
"684db87dee9b6a442982b8fe3eeba9129071760b44d95f6843297564ee4ec264",
"",
"reply"
],
[
"p",
"13bd8c1c5e3b3508a07c92598647160b11ab0deef4c452098e223e443c1ca425"
]
],
"content": "📅 Original date posted:2022-02-15\n📝 Original message:Hi Rusty,\n\nPlease see my post in the other email thread\nhttps://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-February/019886.html\n\nThe differences in this regard are several, and worth understanding beyond\n\"you can iterate CTV\". I'd note a few clear examples for showing that \"CTV\nis just as powerful\" is not a valid claim:\n\n1) CTV requires the contract to be fully enumerated and is non-recursive.\nFor example, a simple contract that allows n participants to take an action\nin any order requires factorially many pre-computations, not just linear or\nconstant. For reference, 24! is about 2**80. Whereas for a more\ninterpretive covenant -- which is often introduced with the features for\nrecursion -- you can compute the programs for these addresses in constant\ntime.\n2) CTV requires the contract to be fully enumerated: For example, a simple\ncontract one could write is \"Output 0 script matches Output 1\", and the set\nof outcomes is again unbounded a-priori. With CTV you need to know the set\nof pairs you'd like to be able to expand to a-priori\n3) Combining 1 and 2, you could imagine recursing on an open-ended thing\nlike creating many identical outputs over time but not constraining what\nthose outputs are. E.g., Output 0 matches Input 0, Output 1 matches Output\n2.\n\nI think for your point the inverse seems to hold: for the limited\nsituations we might want to set up, CTV often ends up being sufficient\nbecause usually we can enumerate all the possible outcomes we'd like (or at\nleast find a mapping onto such a construction). CTV is indeed very\npowerful, but as I demonstrated above, not powerful in the same way\n(\"Complexity Class\") that OP_TX or TXHASH might be.\n\nAt the very least we should clearly understand *what* and *why* we are\nadvocating for more sophisticated designs and have a thorough understanding\nof the protocol complexity we are motivated to introduce the expanded\nfunctionality. Further, if one advocates for TX/TXHASH on a featureful\nbasis, it's at least a technical ACK on the functionality CTV is\nintroducing (as it is a subset) and perhaps a disagreement on project\nmanagement, which I think is worth noting. There is a very wide gap between\n\"X is unsafe\" and \"I prefer Y which X is a subset of ''.\n\nI'll close by repeating : Whether that [the recursive/open ended\nproperties] is an issue or not precluding this sort of design or not, I\ndefer to others.\n\nBest,\n\nJeremy\n\n\n\n\nBest,\n\nJeremy\n--\n@JeremyRubin \u003chttps://twitter.com/JeremyRubin\u003e\n\n\nOn Tue, Feb 15, 2022 at 12:46 AM Rusty Russell \u003crusty at rustcorp.com.au\u003e\nwrote:\n\n\u003e Jeremy Rubin \u003cjeremy.l.rubin at gmail.com\u003e writes:\n\u003e \u003e Rusty,\n\u003e \u003e\n\u003e \u003e Note that this sort of design introduces recursive covenants similarly to\n\u003e \u003e how I described above.\n\u003e \u003e\n\u003e \u003e Whether that is an issue or not precluding this sort of design or not, I\n\u003e \u003e defer to others.\n\u003e\n\u003e Good point!\n\u003e\n\u003e But I think it's a distinction without meaning: AFAICT iterative\n\u003e covenants are possible with OP_CTV and just as powerful, though\n\u003e technically finite. I can constrain the next 100M spends, for\n\u003e example: if I insist on those each having incrementing nLocktime,\n\u003e that's effectively forever.\n\u003e\n\u003e Thanks!\n\u003e Rusty.\n\u003e\n-------------- next part --------------\nAn HTML attachment was scrubbed...\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20220215/3c2a5425/attachment.html\u003e",
"sig": "fdc5467be84b3e4cf277b2e39470c5b70d3f27eb02d2c44500531018dfa11187ce37f8a3fc0b62eb808c6109fb1c64e05a35bd84c4fe686554b492dd7bf4c0e5"
}