pull down to refresh
So this is just my understanding.
It allowes for Hashed based signatures which would mitigate the quantum threat. It would introduce covenants, which solve the scalability issue, and my theory is that by solving the scaling issue, the security budget gets solved at the same time with adoption.
I know there's a large data weight involved, but it's my thought that CAT will allow that extra weight to be absorbed.
I'm definitely not calling CAT a silver bullet, and I understand that there's other friction involved, but, that's the fun of having these conversations.
As far as which of the three, if I had to pick one, it would be the quantum threat. You could reduce the hashrate of the entire network by 50% and still have practically zero threat of a 51% attack. I think there's a fairly large runway, and I also think it's actually possible that some level of homeostasis occurs and the network just finds a natural balance that maintains a high level of security.
Right, so your assertions are:
- We can introduce lattices or something similar with
OP_CATwhile at the same time using it with Schnorr-tricks to get covenants. I don't think this would be very efficient, but it may be possible to hack a thing here and there. - Covenants somehow will create demand. My question to you about that is still open above: what will you do with Bitcoin that you currently do not when you have it? Or will covenants allow you to orange pill easier? How? This is the one question no one seems to be able to really answer.
- CAT will allow that extra weight to be absorbed. What do you mean? There's 4MB. If everyone fills their tx with 100x the data to do a lattice-based sig, then you have 100x less space. I don't see how magically,
OP_CATwill turn 4MB into 400MB? Must be my fever making me dumb haha. - The security budget gets solved at the same time with adoption. At the cost of pricing out 99 of 100 bitcoiners. Because that's what "security budget" is if you take away subsidy: the price you and I pay for a L1 transaction.
Ahh, I think maybe we crossed some wires. I don't necessarily think covenants will create demand. I think we will need them to meet the eventual demand. As it stands right now, I don't know that we would need to soft fork this exact instant.
As far as absorbing the extra weight, a ZK roll up can take 100,000 data heavy transactions and process them off chain. It then uses a much smaller mathematical proof of that batch on L1. So it takes 400mb of transactional data, and compresses the settlement proof into a few kilobytes. So, to your first point, that's why unlocking layer 2 roll ups is important. We wouldn't need to do all of the work on layer one, so the efficiency isn't as big of a deal.
As far as pricing out 99 of 100 bitcoiners goes, you and I wouldn't be paying the massive fees. The roll up sequencer pays the fee, and because it's batching 100,000 individual transactions our cost on the l2 is .005c and the miners still get the big pay out.
Right, we get to the crux of the answer to your 3 problems:
- Scaling issues get solved through compression. Correct.
- Security budget cliff does not get solved unless
<magic>. Compression reduces fee pressure, no matter how you put it. - Quantum only gets solved for those on the rollup. To protect your coin, you MUST switch to another network. (And then it is no longer your coin.)
PS: In the case of OP_CAT, you must mean Starkware and I thought I saw the hand of them / their affiliations in some of the things you write. Did you check how their network is going? Their lil token?
So what this means is:
- We get "infinite"-ish transaction space, but the cost of providing this space is sitting at the sequencers, not at the Bitcoin miners.
- Because of this, the Bitcoin miners will not be helped much, and most likely even be hurt. Money flows will mutate from a fee payment to a miner, to a fee payment to a sequencer.
- At low subsidy, miners will be incentivized to form a price cartel and to centralize further.
What isn't solved? Bitcoin's problems.
No, i mean BIP 347. I wasn't aware that this was some weird ploy to accuse me of being a shit coiner....
I'm legitimately bummed out man. Just forget it.
I didn't say you were a shitcoiner?
PS: In the case of OP_CAT, you must mean Starkware and I thought I saw the hand of them / their affiliations in some of the things you write. Did you check how their network is going? Their lil token?
Maybe i'm completely off base, but I can't see any other translation to that paragraph
First if all, I'm not pounding a war drum for OP_CAT. I came here with multiple solutions to discuss. I specifically stated that I want to talk to someone who is more technically minded than me about it.
- Scalability solved.
- The reason this is suggested solution by the BITCOIN community, (people like Andrew Poelstra of blockstream, and authored by Ethan Heilman who is heavily involved in BIP 360, as well as being responsible for mathematically destroying shitcoins), is because it allows payments to miners to scale.
The sequences aren't a middle man between L2 and L1, they are the ones that collect and aggregate all of the small fees in order to pay the massive transaction costs to the miners.
Yes, scaling would initially hurt miners, look up Jevons Paradox. But the whole basis is that you could on board the entire planet, and L1 would be sustained by the massive economic weight of all of those transactions.
- Because OP_CAT allows you to combine pieces of data directly in Bitcoin Script, it allows developers to build complex new signature schemes that rely only on hashes, rather than elliptic curves. Specifically Lamport signatures or Witernitz signatures so NO you're not required to switch to another network.
A true ZK-rollup on Bitcoin wouldn't be a federated, custodial sidechain. A covenant mathematically guarantees your unilateral right to force-exit your UTXO back to L1 at any time, without the sequencer's permission. It inherits Bitcoin's base-layer security.
If you don't like this solution, fine. If there's problems with this solution, fine. But this IS a solution and it IS supported by prominent people within the BITCOIN community.
Thanks for the conversation.
Oh, and i forgot to mention. The very first version of OP_CAT was authored by well known shit coiner Satoshi Nakamoto, who disabled it due to an attack vector that it created that has longe since been fixed.
No worries.
I was and still am interested where you got the impression that
OP_CATfixes everything, and I still don't know, haha. Yes, it's a powerful primitive to have, also if you look at the greater set that is being proposed for restoration inBIP-441, but it has a lot of tradeoffs if you're actually going to use it to permanently solve problems and I don't think that it will concurrently solve all 3 of the problems you mentioned; maybe it could help solving each individually, in a quirky and expensive way, at the cost of the other 2.That's what bothers me about most of the discourse that say "it's either
xoryand it has to happen"; it's a lot of repetition of narratives that magically lost all sense of tradeoffs and caveats. But despite all the remarkable conspiracy theories, I'm rather confident that if there was a solution to all 3 your criteria without any tradeoffs at all, it would have been PR'd and merged by now.I'll ask my last question: if you had to choose between your 3 problems and you could only solve one, which one would you pick, and why?