For bitcoin to be self sovereign, you must hold your own keys to a utxo.
If too many new people want bitcoin, getting a utxo will become very difficult, costly, time-consuming.
Perhaps, in the future, billions can have keys to a utxo without the negatives you mention
Keys are abundant, blockspace is scarce
I strive for a future where you can acquire a key to a utxo without paying a large cost to create tthat utxo, and thus, without paying a large cost for blockspace
I suspect "blockspace cost" can be divided among a utxo's keyholders so finely that every member considers their share of the cost low and reasonable. Musig utxos, coinjoins, my bitpac software, and Ark seem like promising steps in this direction.
I also suspect ownership of a utxo can be transferred without moving that utxo at all. Lightning demonstrates this. I suspect statechains can be improved upon to do it even better, and I hope one day to make joinpools that do it too.
This sounds like a good future. I'm on board.
The distinction between having a key to a utxo and the key is good.
I wonder though if the same concerns about a lack of self-sovereignty would get raised in the case of multiple people sharing utxos.
Imagine a fedimint where every "minting" also added a key to the multisig holding the mint's bitcoin. So for each ecash token there was a proportionate key (key share?). In my ignorance this sounds like a very horrible mess, but with fancy cryptography all things are possible.
How do we feel about ecash where all token holders are also guardians (key holders in the multisig)?
it sounds like a mess to me too but there might be something there
One of the programs I want to eventually write is one where 15 people jointly control a utxo in a 15-of-15 multisig. But before anyone puts money in the multisig, I want to give every keyholder a "backout transaction" signed by every other keyholder, that way everyone can get their money out without any further interaction from the other keyholders.
Then I want to use the tricks lightning introduced so that each keyholder can "revoke" their backout transaction if and only if they get a "new" one with a different sized payout, also signed by every other keyholder. That would allow for a kind of self-custodial ecash mint where everyone keeps each other honest and you only have to trust yourself (and bitcoin's standard trust assumptions). Just like ecash, you could make instant/free transfers within the mint, and use a "lightning bridge" to make lightning-fast transactions "out" of the mint. But unlike current ecash models, you wouldn't have to give up custody of your funds to achieve this.
Like lightning, the tradeoff would be that everyone in the multisig has to be online to cosign internal transfers, though in lightning this is easier because there are only 2 people in the multisig, and it's easier to get 2 people to "behave" (i.e. stay online) than it is to get 15 people to behave.
My program would also probably get wacky in this situation: if any keyholder goes offline for a while, either accidentally or because they are a troll, no one can make internal transfers anymore til that person comes back online and behaves. The only things you can do are exit or wait. But it's interesting and I think people might like it anyway, if only because it would be new and different.
If I make it I might market it as a self-custodial ecash mint. But I suspect it wouldn't get very popular because (1) people hate running software that has to stay online all the time (2) a mint is not very useful with only a few users (3) if you add lots of users to make it more useful, you increase the likelihood of someone going offline and taking the whole thing down. Still, it would be easier to solve those problems if the software existed, so I defo want to make it at some point.