📅 Original date posted:2018-05-23
📝 Original message:On Thu, May 24, 2018 at 1:58 AM, Pieter Wuille via bitcoin-dev
<bitcoin-dev at lists.linuxfoundation.org> wrote:
> Thanks everyone who commented so far, but let me clarify the context
> of this question first a bit more to avoid getting into the weeds too
> much.
My understanding of the question is this:
Are there any useful applications which would be impeded if a signing
party who could authorize an arbitrary transaction spending a coin had
the option to instead sign a delegation to a new script?
The reason this question is interesting to ask is because the obvious
answer is "no": since the signer(s) could have signed an arbitrary
transaction instead, being able to delegate is strictly less powerful.
Moreover, absent graftroot they could always "delegate" non-atomically
by spending the coin with the output being the delegated script that
they would have graftrooted instead.
Sometimes obvious answers have non-obvious counter examples, e.g.
Andrews points related to blindsigning are worth keeping in mind.
Gregory Maxwell [ARCHIVE] /
npub1f2…crwet
2023-06-07 18:12:26
in reply to nevent1q…zpza
Author Public Key
npub1f2nvlx49er5c7sqa43src6ssyp6snd4qwvtkwm5avc2l84cs84esecrwetPublished at
2023-06-07 18:12:26Event JSON
{
"id": "417f32916562d20600b2b3fdc9820c39e83278a5a4004d3c1f660e877b6ae150",
"pubkey": "4aa6cf9aa5c8e98f401dac603c6a10207509b6a07317676e9d6615f3d7103d73",
"created_at": 1686161546,
"kind": 1,
"tags": [
[
"e",
"e26b3d683cd7b5bec12686847cb6e45848c3e2dbd7f6b99e59a94b1bc41269f6",
"",
"root"
],
[
"e",
"34f82f51f04a9484d52cdc64ba6535a1f406b5a5983e0f4ddd4a63f7495fc7a8",
"",
"reply"
],
[
"p",
"5cb21bf5d7f25a9d46879713cbd32433bbc10e40ef813a3c28fe7355f49854d6"
]
],
"content": "📅 Original date posted:2018-05-23\n📝 Original message:On Thu, May 24, 2018 at 1:58 AM, Pieter Wuille via bitcoin-dev\n\u003cbitcoin-dev at lists.linuxfoundation.org\u003e wrote:\n\u003e Thanks everyone who commented so far, but let me clarify the context\n\u003e of this question first a bit more to avoid getting into the weeds too\n\u003e much.\n\nMy understanding of the question is this:\n\nAre there any useful applications which would be impeded if a signing\nparty who could authorize an arbitrary transaction spending a coin had\nthe option to instead sign a delegation to a new script?\n\nThe reason this question is interesting to ask is because the obvious\nanswer is \"no\": since the signer(s) could have signed an arbitrary\ntransaction instead, being able to delegate is strictly less powerful.\nMoreover, absent graftroot they could always \"delegate\" non-atomically\nby spending the coin with the output being the delegated script that\nthey would have graftrooted instead.\n\nSometimes obvious answers have non-obvious counter examples, e.g.\nAndrews points related to blindsigning are worth keeping in mind.",
"sig": "58e3426893de14935949a48841b83b54db58155b41a2352621a4fe0c1b72a4be4458cc0f51811953fcca52c9990818596d1332240671b0b20ab62b0e870c6d59"
}