[bitcoin-dev] OP_VAULT: a new vault proposal \ stacker news ~bitcoin

[bitcoin-dev] OP_VAULT: a new vault proposal lists.linuxfoundation.org/pipermail/bitcoin-dev/2023-January/021318.html

829 sats \ 9 comments \ @k00b 9 Jan 2023 bitcoin

1448 sats \ 8 replies \ @petertodd 9 Jan 2023

I'm really skeptical of these vault proposals.

Basically what vaults are is ultimately just notification mechanisms: the thief has to broadcast their intent to take the money, giving you a time window to move it to a pre-defined "backup" address.

The problem is, how much better than multisig is this, really? If the thief got your primary address, are you really sure they won't get the backup too? How do you know the backup actually works? How can you be sure you'll actually be notified when your device was compromised? Etc. Etc. Etc.

Meanwhile, efforts to make good, user friendly, multisig wallets just aren't very advanced or widespread. I fear that vaults are much more interesting to Bitcoin Core devs than boring old multisig. So we're getting an disproportionate amount of effort on them instead of just making multisig wallets better.

1406 sats \ 1 reply \ @benthecarman 10 Jan 2023

I think the interest comes because multisig is hard. This basically allows you to have 2 single sig wallets and a safe bridge between them. This way you can spend when you need to but if they get comprised you can go dig out your keys from your backyard and actually use your worst-case scenario wallet.

This does use spks, not keys, so it is completely composable with multisig

354 sats \ 0 replies \ @petertodd 10 Jan 2023

Vaults are hard too. And the operational requirements to actually use them effectively are much more onerous: if you're not monitoring your vault periodically, what's the point? Multisig meanwhile is fine with true cold storage.

26 sats \ 0 replies \ @chungkingexpress 10 Jan 2023

This is a good point.

There is an important risk / benefit consideration to run at this point in the game.

As a non-developer the heuristic I use is "What is the absolute minimum that is required on the base protocol for Bitcoin to succeed and not degrade?"

There is a sentiment that is common with my developer friends who get excited and motivated to push ahead with 'making things'. This is totally admirable usually, but we are dealing with something a lot more grave here: the future of the world's money.

Every single new thing that is added to Bitcoin increases the attack surface as more and more focus comes on it. Vaults, OP_CTV, drivetrains, covenants, all of this stuff feels like we are touching things before the paint is dry.

Has enough time been given to consider the longterm risks here? Have essays and books and in-depth explorations been written on what covenants and vaults will mean 30+ years from now from a social, technical, political perspective? Could the top nefarious minds and governments in the world formulate an attack strategy (either technical or social) against this new thing that was not previously possible?

I know this seems a bit extreme, but if we assume it is the future of the world's money, every single decision matters.

I feel we only have so much time before Bitcoin ossifies and changes to base protocol become much slower or otherwise stop altogether. Therefore anything that is not absolutely mission critical needs to be skipped over or deferred to layer 2 by default, unless there is a very clear cut and overwhelming argument for it.

The steelman here is in the case that hyperbitcoinization takes place, and there are huge nation states and actors managing unimaginable amounts of wealth, do they need the added security of the vault function? Or is this something that really should be taken off-chain with private innovation in key management and multi-sig wallets etc?

Is it better to have an unforgiving and absolute austere base protocol or to have safety nets in place?

...Just my musings from a less technical and more social perspective, but at this point it is all far bigger than just code and a lot is at stake.

10 sats \ 4 replies \ @k00b OP 10 Jan 2023

When you put it that way, it does feel like vaults are a lateral move security-wise.

Vaults appear more user friendly though. I can imagine my dad understanding and feeling comfortable with how a vault works. When I explain mutli-sig, I usually end up reaching for nuclear codes/keys as a metaphor.

363 sats \ 0 replies \ @chungkingexpress 10 Jan 2023

I feel like the reality is that most non-bitcoiners in the world will be onboarded using L2 and likely will never touch a UTXO.

Trying to make things 'easy' or to build in 'safety nets' to base layer is the wrong move I think. I think it is better to build vaults and covenants etc in L2 somehow: If there is a market for it people will use it.

Base protocol needs to be unforgiving and absolute. You either have the keys or you don't. If keys are taken and funds are moved, that is just the way it is.

353 sats \ 2 replies \ @petertodd 10 Jan 2023

I'm not so sure your dad would be comfortable with vaults if you explained how they worked correctly... The name "vault" has nothing to do with how they actually work.

Multisig is much simpler to explain properly. And it has direct real world analogies like multi-signature bank accounts.

0 sats \ 1 reply \ @k00b OP 10 Jan 2023

I didn't mean the vault analogy is apt (although I have to admit it's good marketing). If-this-then-that UX does seem more straightforward than multi-sig combinatorics even if it's mostly a placebo.

Honestly, this is the first I've heard of multi-sig bank accounts. I need more money.

353 sats \ 0 replies \ @petertodd 10 Jan 2023

“even if it's mostly a placebo”

We should be creating real solutions. Not placebos.