@super_testnet
123671 stacked

I'm not sure you guys realize this but you've created a way to run a federated lightning node. Lightning dlc payments don't happen without an oracle's say-so. The oracle functions as a transaction gateway: nothing comes in or goes out without his or her approval. It would be cool to see more tooling in this direction. What if node operators could set up and control a suite of one or more oracles who have to sign off on transactions out of their node? They could create setups like ensuring they get 2/4 approval for payments over $200, 3/4 approval for payments over $1000, and 4/4 approval for payments over $5000. Companies would probably like that a lot. But individuals could also use it for 2 factor authentication by running the "main app" on their desktop and an oracle on their phone that needs to approve transactions over a certain amount.

TLDR of how handcrank works

  1. Alice makes a 51 of 51 multisig address with the most recent btc miners who mined a block
  2. She deposits X btc to it after she gets the miners to create a “presigned withdrawal” covenant
  3. She announces her covenant on a sidechain to get X “sidechain bitcoins”
  4. She does stuff on the sidechain and (let’s suppose) loses ownership of her money
  5. A new person claims they now own Alice’s deposit and says they want to withdraw it
  6. The covenant lets 51% of miners send the coins anywhere after a delay of 3 months
  7. Any bitcoin miner can check the new person’s claim and start sending them Alice’s deposit
  8. During the delay, any miner who rejects the claim can reset the delay to add 6 more months
  9. During the delay, the rightful owner is supposed to say where the money should really go
  10. After the delay miners send the money to its rightful owner or take it if they never spoke up

Read the more detailed version here: https://github.com/supertestnet/handcrank/blob/main/README.md

Sidechains are currently possible, current examples include liquid, rootstock, and namecoin. Drivechain lets us do them better.

I'm not sure. Under what circumstances would you want to have a timelock that miners can vote to lengthen? Maybe it could be useful in a vault scenario, where you have your coins in cold storage, but if a thief gets ahold of your private keys, you get time to notice the withdrawal attempt and petition miners to let you withdraw your coins instead (and pause the thief's withdrawal attempt).

Yeah, namecoin was the like the prototype for future sidechains, Satoshi Nakamoto helped conceptualize merge mining when namecoin was originally created, back then it was called BitDNS. It didn't attempt to do a two way peg with bitcoin though, so it's not like modern sidechains in that respect.

In liquid and rootstock there is a group called a federation who runs a multisig bitcoin address. To put money on the sidechain, you're supposed to send money to that multisig address and specify what address on the sidechain belongs to you. The sidechain then detects that you put X bitcoins into the multisig and that same amount shows up in your sidechain address. When you are done using the sidechain you are supposed to burn however many sidechain coins you have at that point and tell the federation what bitcoin address to send the corresponding amount of bitcoins to. Then you trust them to do that, and the fact that it's a multisig is supposed to help reassure you. As long as you trust a sufficient number of the people in the multisig, the federation cannot steal your money without corrupting the people you trust.

Bip300 itself does not have anything obvious in common with any of that, it just creates a new timelock. A bip300 timelock is similar to OP_CHECKSEQUENCEVERIFY, which is the timelock where you can only spend your coins after waiting X blocks. Bip300's new timelock is different because it lets miners increase the value of X through a 51% vote. That way, if two people try to withdraw the same coins from a sidechain whose deposit address uses this timelock, miners have time to decide which one should "win," and their ability to increase the value of X lets them pause one withdrawal attempt, if necessary, to let the other one go through. But since it takes 51% of miners to lengthen the timelock, 51% of miners have to agree on which withdrawal attempt should "win."

It's a pretty clever way for sidechain makers to let bitcoin miners process sidechain withdrawals. One of the things I like about it is that it's a very simple primitive: it just gives us a new type of timelock. All the complicated logic about miner incentives and sidechain game theory is built on top of just a simple little timelock. I think that's cool.

Is there a process or paradigm for analysing the game theory of this and other kinds of changes to Bitcoin?

Yes, twitter threads

Seriously though, forums like stacker news and bitcoin twitter and podcasts are where this stuff typically gets hashed out. Experts in the subject matter are brought on to give their opinions and node operators listen in, sometimes ask questions, and ultimately decide whether or not to install the soft fork software on their nodes. It's how it's been done since the OP_P2SH softfork in the days when everyone hung out on bitcoin talk forums. Now we're spread around further and there are node operators all over the world, so the number of forums is bigger, but it's basically the same process. Bring in experts, ask them questions, make informed decisions. And sometimes sell hats to drum up support for your "side."

  • Liquid
  • Rootstock
  • Namecoin

I'm not sure why there's no monero sidechain but if there was I would add it to the list. I don't think anyone really cares about another one beyond those. I would add a big block sidechain too, but liquid and rootstock already support big blocks, so they take care of that.

Could you please give me the strongest and most important reasons for why this proposal is important for Bitcoin?

It's an improvement over the current way we do sidechains by making them more censorship resistant. That's all I've got. It's not a magical panacaea that "saves bitcoin" from huge and important problems. It's more like taproot, which was very good but not something we added because bitcoin would die without it. Take all the things we can do right now with sidechains, and to all of those things, apply the adjective "now more censorship resistant!" That's what drivechain gives us.

BTW on your airplane analogy, I think you are saying that NFTs and defi are the heavy concrete blocks, and what I am saying is that drivechain does not add them to bitcoin. It puts them on separate airplanes, but now the guys who work on our airplane get paid better, because they get the money from the tickets people paid to get on those other airplanes. With that money, they are in a better position to keep us more safe and secure. But our airplane didn't change (well, it barely changed -- bip300 is a very simple softfork that just adds a new type of timelock). It's still as sleek and fast as ever.

If we assume these are real concerns for Bitcoin, is BIP300 the only answer?

No

Or are we trying to make BIP300 be all things for all people

I only want it to be one thing for some people. Not all people will want to use any new softfork. Drivechain would only be for people who trust miners to hold their coins while they use a sidechain.

Regarding privacy, does Lightning and other L2 not solve this?

They definitely help but I don't think lightning solves privacy. Widespread use of coinjoin probably solves it, but coinjoins are large transactions and they take up a lot of blockspace. Some people like to do them on sidechains, and some people would like to do that but they don't trust the sidechains that currently exist. I'd like to help them coinjoin on a sidechain they trust.

There will always be enough revenue for miners to secure the network

I agree

Would you not say that most of the world will be onboarded via Lightning as their 'bank account'

I don't think that is likely yet, not until lightning's reliability improves. (For me, as a daily user of lightning, about 10% of my transactions fail.) One of my hopes and dreams for lightning development is that various attempts to improve the network may lead to the discovery of scaling technology that is even better than lightning. If that happens, maybe that will onboard most of the world. But with lightning working the way it does right now, it is pretty unreliable as a payment method, at least in my experience, and therefore I don't think most of the world would like it very much if they tried to use it. I think they'd even prefer to go back to visa, if they had to use lightning as it exists right now. But that just means there are opportunities to improve lightning! It's gotten so much better over the years and I think it will continue to improve.

Do you have any specific arguments that can only be solved by drivechains?

Not "only," no. I think there are usually multiple approaches to solve problems in bitcoin and several of them can work together to solve its remaining issues. Drivechain is one thing that helps us solve some problems. It helps with scalability, it helps with privacy, it helps with new script functions, but it's not a panacaea for everything, and I don't think it's a perfect, final solution for the things it helps with. But let not the perfect be the enemy of the good. Drivechain helps make better sidechains, it brings more fee revenue to miners, and it does not harm me or (hopefully) anyone else. That's good enough for me to want it.

Assuming I understand you properly now, I think that if a set of miners tries to steal from a drivechain, and another set tries to stop them, that is an example of contention. Bitcoin's censorship resistance relies on its ability to work amidst contention. If it can't operate in a situation where one group tries to censor another group's blocks, then it is not fit for purpose, because that is part of the real world bitcoin is designed for.

What I think should happen in that case is this: the set of miners with 51% hashrate will win by slowly extending the chain farther than the other set of miners. The other set of miners will have to capitulate because at some point the cost of performing their attack exceeds the reward. The moment that happens, it proves that bitcoin's method of working through reorgs works. If it doesn't happen, and we just get constant reorgs over and over, that proves that bitcoin's method of working through reorgs has a problem that must be fixed.

Either way, I don't think drivechain creates this problem, rather it helps us prepare for it ahead of time, because if the real world's economies adopt bitcoin, such contentions are inevitable, and I for one would like to know that bitcoin can handle them.

I think I see what you mean now, by "mine the next block" I think you mean "build on top of whichever block was most recently mined prior to the reorg," whereas when I say "mine the next block" I mean "increase the number of blocks in the blockchain, regardless of the contents of your blocks."

something like coinpools is a much better approach

I agree with this, I would actually use a coinpool whereas I wouldn't use a drivechain. Coinpools are non-custodial and kind of like a lightning channel, just with more than 2 keyholders. But I also want drivechain to be an option for people.

they will likely be reorging out blocks that stop them from stealing

Can you reorg without extending the chain? I don't think so, the reorged chain has to be longer than the previous one or nodes will reject the reorg. So they still have to extend the chain in order to steal. I think I must be misunderstanding you.

With drivechains miners no longer have the incentive to mine the next block, there is a greater incentive to mine steal from drivechains.

I think they can only take the drivechain funds by mining a block containing a transaction that moves those funds into their own pockets. So they still have to mine the next block. Do you mean they have no incentive to mine the next sidechain block?

The goal we can hopefully all agree is to create the hardest money, that is censor-resistant and ultimately becomes the global standard.

Yes, agreed.

Along the way there are many distractions that may come up, “let’s add this thing and that thing”, and before we know it we have a kitchen sink of shit that has a larger attack surface, fragments Bitcoin, and presents unknown problems.

Yes, that would be bad. I don't think drivechain is an example of a kitchen sink thing. Its simplicity and its focus on "let just do one thing well" is one of its strengths.

Would shitcoin drivechainers now have a say in Bitcoin dev and consensus? Would they start pushing unwanted changes to Bitcoin since they now have their foot in the door?

I don't think drivechain gives them a foot in the door. It puts them on a sidechain. "Make your mess on a sidechain" is my message to people who want to make unwanted changes to bitcoin. Drivechain lets us benefit from their madness, because anything you do on a blockchain has a fee attached. With today's altcoins, those fees benefit altcoin miners and stakers. With drivechain, those fees go toward bitcoin miners and help secure our coins.

Yes, bad people will try to change bitcoin to suit their scammy desires. That's how they operate and they won't stop. (#ChangeTheCode, anyone?) But drivechain doesn't help them do it more, instead, to the extent that bad people use drivechain, it takes their fees and uses them to secure our coins.

What if drivechains enable shitcoins that would otherwise go away? That would mean the shitcoin enemy is now within he gates of Bitcoin’s security model? How can we then say “Bitcoin not Crypto” at that point?

I don't think drivechain puts the enemy in bitcoin, I think it relegates them to a sidechain. The reasons why altcoins die natural deaths still apply to drivechains. For an altcoin to survive, it has to attract users, who (typically) quickly find that the altcoin is just a utility token that is there to take their money and offer them nothing in return. At least on drivechains the fees go to bitcoin miners instead of to scammers. That's a definite improvement.

Bitcoin just needs to be perfect money, not a smart contract platform, not an NFT token defi casino.

Putting those things on drivechains instead of on bitcoin helps me secure my coins without adding smart contract rules or nft silliness to bitcoin. If people are going to pay ridiculous fees to make nfts and gamble on defi, I'd rather those fees go to securing my coins than go to ethereum scammers.

Unless there is a much deeper analysis and study done on the impact of drivechains I am very skeptical.

I appreciate and value your skepticism and I hope posts like this are the kind of analysis and research you are looking for. I'm doing my best. :)

Other ecash system support locking scripts and unlocking scripts on ecash tokens. The coordinator only honors a token transfer if the sender proves they are authorized to unlock their ecash token by passing in a valid unlocking script. For examples, see here:

https://twitter.com/CashuBTC/status/1577221973150572544

https://twitter.com/btcplusplus/status/1535357328140148737

The latter example even expands upon bitcoin script by supporting the entire Simplicity language from blockstream. Can discrete payments do something similar and honor token transfers only if a credential holder unlocks that credential with a script?