Blog entry by Maxwell Galvez
So now we know the whole process of bitcoin functioning and the way Bitcoins can be utilized for making all kinds of real transactions. Bitcoins are exchangeable for fiat foreign money via cryptocurrency exchanges and can be used to make purchases from merchants and retailers that accept them. Greg Sanders: Yeah, if I can jump in. Mark Erhardt: So I’m questioning, one among the issues that appears to leap out once i hear you talking about this is, what if one facet keeps making updates however not concluding it? And we’ve all the time gone again and forth between these, because we don’t know if we should always do a simpler model first and anticipate later to do a way more complex version, or if we should simply jump to the extra complicated version right now. Because we’ve all the time been discussing the fact that announcing, having the channel announcement point to a particular onchain output, was fairly bad for privateness and that we may in all probability do higher. So, those are things that we’ve all the time been simply hand-wavy about how we'd do that in the future. Read More: Amid worth drops and increased regulation, what’s the future of cryptocurrency?
But I don’t think we’ll help you have any form of multiplier, because one of the opposite ideas was that you might additionally simply announce some UTXOs that you simply personal, with the proof that you just personal them, with a complete value of, for instance, 2 bitcoin, and then that may grant you the flexibility to announce as much as X instances that in channels with out having to level to any specific onchain output. I didn’t think it was too bad, however the one key difference right here is that for the cost channels with penalties as at the moment designed, it’s necessitating that you retailer these secret nonces forever till channel close. These charts are cardinal part of the whole affair as with them traders are able to foretell the movement close to accuracy. But, figuring out that the markets by no means close is a useful safeguard to have. When you have one other Lightning-like channel specification that you coded up or a custom channel type, it's also possible to include that on this channel announcement and it'll just work. That’s why we’re not doing that right now, and that’s why most people will just keep saying the output that actually corresponds to the channel in order that when it gets spent, folks truly discover it and may take away it from that graph and know that they cannot route through that channel anymore.
I feel we’re going to follow a simple model, where you allow pointing to any type of output to pay for your channel. PTLC fixes that by making sure that instead of utilizing the preimage of a SHA256 hash and its hash, we’re going to make use of elliptic curve points and their private keys. This could seem pointless provided that BIP32 already supplies prolonged non-public keys (xprvs) that can be shared between signing wallets. Maybe we will start with t-bast. Can the channel stay open when the UTXO will get spent? And on the other hand, how do you make sure that the identical UTXO will not be reused for the announcement; and what happens if that UTXO will get spent? So, will we have to be keeping track of the UTXO actually not being moved whereas it's the stand-in to have introduced the channel? Mike Schmidt: The taproot and MuSig2 channel discussion somewhat leads into the updated channel announcement discussion and the way gossip protocol would must be upgraded with a purpose to help transferring to P2TR outputs. So, we need to vary that, as a result of we'd like to permit taproot, which means allowing additionally input, especially if we use MuSig2; we don’t want to reveal the internal keys.
And proper now, it’s going to make use of the identical cost hash with all these nodes, which implies that if somebody owns two of the nodes in the trail, they're learning data, and that is unhealthy for privacy. Right now, whenever you ship a payment, this cost is going to undergo multiple nodes on the network. Bastien Teinturier: Sure. So proper now, when we announced the channel on the community, we explicitly announced node IDs and the Bitcoin keys that are inside the multisig 2-of-2, and other people verified that the output that we're referencing is definitely locked with the script hash of multisig 2-of-2 of those two keys, so you can only use it with scripts that basically observe the format of Lightning channels with out taproot. Mike Schmidt: Murch or t-bast, every other comments on taproot and MuSig2 channels? Mike Schmidt: Go forward, Murch. Mike Schmidt: Next part from the Summit mentioned PTLCs and redundant overpayments. Bastien Teinturier: Okay, so PTLCs are a change that's allowed by Naver taproot and adaptor signatures.