Pieter Wuille [ARCHIVE] on Nostr: 📅 Original date posted:2013-07-23 📝 Original message:On Tue, Jul 23, 2013 at ...
📅 Original date posted:2013-07-23
📝 Original message:On Tue, Jul 23, 2013 at 12:17 PM, Andreas Schildbach
<andreas at schildbach.de> wrote:
> Sweeping paper wallets is a common feature request. People switch to
> centralized services just for getting that.
That means they value convenience more than the trust-freeness of a
decentralized solution. The only way to avoid that is by making sure
the decentralized one is convenient enough. But relying on
unauthenticated data itself is equally bad - it means you lose
whatever benefit the decentralization had.
> It is my understanding that for the usecase, an address-indexed UXTO is
> enough. So you probably don't need to worry about script-indexed for now.
The difference between script-indexed and address-indexed is
absolutely trivial compared to the effort needed to implement and
maintain such authenticated trees by all full nodes. Restricting
things at the network level (which doesn't even know about a thing
like an address) to address-based indexes is ridiculous IMHO.
> Security issues could be mitigated by applying trust to the REST server,
> e.g. because its your own or the one of your apps vendor. Of course,
> link-level security would be needed for this (e.g. SSL).
Sure, once you introduce trust, a lot can be done. But it's not really
Bitcoin anymore in that case - it's relying on a third party to do the
heavy indexing for you. And if that is the best-scaling solution, sure
- but I don't think we should encourage that. Or at least, we should
first search for alternatives. And encourage infrastructure that
doesn't require it.
> Paper wallets that include the necessary additional information is
> something I have been thinking about. I see some issues:
>
> - Paper wallets are already quite widespread. You still won't be able to
> sweep those.
> - Some people like to "top up" a paper wallet or even just sweep a
> portion of it. That would not be possible, and in some cases even lead
> to loss of coins because of the "involuntary fee" you described.
Yeah, those are inherent problems with how there are used today. But
today there is also little problem - the UTXO set is tiny.
> - Does the necessary info fit into a QR code?
Absolutely, though a slightly bigger one.
--
Pieter
Published at
2023-06-07 15:04:57Event JSON
{
"id": "cdb1406a2e3a44f561d43a6cf5e0f193c0787c2b083d880eb8b2069429939731",
"pubkey": "5cb21bf5d7f25a9d46879713cbd32433bbc10e40ef813a3c28fe7355f49854d6",
"created_at": 1686150297,
"kind": 1,
"tags": [
[
"e",
"2548e3bbd5806f0a91f1440e5be19b1893f723d052860cba20b98f557d042316",
"",
"root"
],
[
"e",
"c021c793c1e9ffad803d33a81db8781e51718356d5edf1f2eb31a1ba6b5d308c",
"",
"reply"
],
[
"p",
"3215b3d77dff1f84eeb5ad46fb1206a8d1657b3ea765a80b5489ece3a702d2bc"
]
],
"content": "📅 Original date posted:2013-07-23\n📝 Original message:On Tue, Jul 23, 2013 at 12:17 PM, Andreas Schildbach\n\u003candreas at schildbach.de\u003e wrote:\n\u003e Sweeping paper wallets is a common feature request. People switch to\n\u003e centralized services just for getting that.\n\nThat means they value convenience more than the trust-freeness of a\ndecentralized solution. The only way to avoid that is by making sure\nthe decentralized one is convenient enough. But relying on\nunauthenticated data itself is equally bad - it means you lose\nwhatever benefit the decentralization had.\n\n\u003e It is my understanding that for the usecase, an address-indexed UXTO is\n\u003e enough. So you probably don't need to worry about script-indexed for now.\n\nThe difference between script-indexed and address-indexed is\nabsolutely trivial compared to the effort needed to implement and\nmaintain such authenticated trees by all full nodes. Restricting\nthings at the network level (which doesn't even know about a thing\nlike an address) to address-based indexes is ridiculous IMHO.\n\n\u003e Security issues could be mitigated by applying trust to the REST server,\n\u003e e.g. because its your own or the one of your apps vendor. Of course,\n\u003e link-level security would be needed for this (e.g. SSL).\n\nSure, once you introduce trust, a lot can be done. But it's not really\nBitcoin anymore in that case - it's relying on a third party to do the\nheavy indexing for you. And if that is the best-scaling solution, sure\n- but I don't think we should encourage that. Or at least, we should\nfirst search for alternatives. And encourage infrastructure that\ndoesn't require it.\n\n\u003e Paper wallets that include the necessary additional information is\n\u003e something I have been thinking about. I see some issues:\n\u003e\n\u003e - Paper wallets are already quite widespread. You still won't be able to\n\u003e sweep those.\n\u003e - Some people like to \"top up\" a paper wallet or even just sweep a\n\u003e portion of it. That would not be possible, and in some cases even lead\n\u003e to loss of coins because of the \"involuntary fee\" you described.\n\nYeah, those are inherent problems with how there are used today. But\ntoday there is also little problem - the UTXO set is tiny.\n\n\u003e - Does the necessary info fit into a QR code?\n\nAbsolutely, though a slightly bigger one.\n\n-- \nPieter",
"sig": "5f2b6dcc6310d7bd6eee36541580ac1b8ce997a7cad10678deb82f5c18b343567511712994b1f0a003605e38438dadd4c8e750b3c204a03b14633b255ce9cb47"
}