Is it possible yet to send bitcoin with a defineable time (or block #) delay? - page 2.

NewLiberty

legendary

Activity: 1204

Merit: 1002

Gresham's Lawyer

Quote from: DeathAndTaxes on December 30, 2013, 12:21:08 PM

Quote from: NewLiberty on December 30, 2013, 12:11:03 PM

The idea of a school is a good one.
It is something that could be attached to the conferences that are regularly scheduled all over the planet.
The folks that can teach are certainly there. The facility is there. It may make sense to do classes as an addition to those.

Another great idea in this thread. Maybe this platform (or one like it) could be leveraged ( https://www.hackerrank.com/ ) to support a Bitcoin challenge track?

Something that is a series of "courses" which starts with the basic like installing bitcoind, moving the data directory, configuring config file, etc. Higher level courses could cover RPC calls, pywallet, creating watching only wallets. Highest level courses could cover raw transactions, message internals, modifying the source code, etc.

So many ideas and so few people to do the meaningful and necessary things, this one... education for the motivated, is on the critical path.
Passion * Capability * Opportunity = success, we are short on the capabilities and long on the other ingredients.
This problem is not going away, and is going to get worse, so it is an opportunity worthy of some investment.

DeathAndTaxes

donator

Activity: 1218

Merit: 1079

Gerald Davis

Quote from: NewLiberty on December 30, 2013, 12:11:03 PM

The idea of a school is a good one.
It is something that could be attached to the conferences that are regularly scheduled all over the planet.
The folks that can teach are certainly there. The facility is there. It may make sense to do classes as an addition to those.

Another great idea in this thread. Maybe this platform (or one like it) could be leveraged ( https://www.hackerrank.com/ ) to support a Bitcoin challenge track?

Something that is a series of "courses" which starts with the basic like installing bitcoind, moving the data directory, configuring config file, etc. Higher level courses could cover RPC calls, pywallet, creating watching only wallets. Highest level courses could cover raw transactions, message internals, modifying the source code, etc.

DeathAndTaxes

donator

Activity: 1218

Merit: 1079

Gerald Davis

Quote from: NewLiberty on December 30, 2013, 08:52:36 AM

Quote from: kjj on December 30, 2013, 07:51:07 AM

* As far as I know, there is no easy way to do this step. If people are serious about doing this, I'll see about adding a getpublickey RPC command.

There are so very many reasons for this, beyond just this application.

I agree. GetPubKey would be a great RPC addition. Also thanks for that walkthrough. I may try this out on testnet and later with a token amount of BTC on main net. I would caution anyone looking to "play" with raw transactions you can permanently lose funds by creating flawed raw transactions. Use testnet, build testable software (even if it is just some scripts) to create the raw txs, and only move to main net once fully tested.

NewLiberty

legendary

Activity: 1204

Merit: 1002

Gresham's Lawyer

Quote from: Altoidnerd on December 30, 2013, 11:59:15 AM

Quote from: kjj on December 30, 2013, 11:52:19 AM

Quote from: pa on December 30, 2013, 10:04:24 AM

Wow, thanks! but that is WAY over my head. I'd better go watch the Khan Academy videos. . .

People will come up with pretty tools to make it easier as we go. But for now, the guts are certainly here and do work.

This really can be done by hand though, if you have an urgent need to do it. Decoding a transaction in hex by hand is pretty easy. Just follow the docs and remember that each byte is 2 chars, and that you are counting in hex (in my example below, the pkscript length 19 is in hex and means 16+9=25).

And double check everything before you send anything.


01000000 - version
01 - vin count
 2084ba9f2f0f98bb - prevout hash
 1cf0320ee1c486b5
 9b6b79e243de7596
 d3e44fa087b597aa
 01000000 - prevout index
 00 - signature script length
 ffffffff - sequence
01 - vout count
 00e1f50500000000 - value
 19 - pkscript length
 76a91428f60d621b - pkscript
 5d07b9c2820c11cc
 c6d41146b53a3e88
 ac
00000000 - locktime

One of the problems someone at my skill level has is not exactly knowing what environment I need to be in to even begin to understand what you're going for. This is n00b, but can you recommend a resource? Competence is there, I just haven't really turned the corner on being able to look up what I need when I need it - so that I can manipulate things the way the heroes do.

I've been nagging at the idea for a bitcoin school. I would pay for it. I'm 2 years too late to the party and I want to chill with the cool kids so bad.

I'd pay in bitcoin for challenges you guys could write and just moderate passively.

The idea of a school is a good one.
It is something that could be attached to the conferences that are regularly scheduled all over the planet.
The folks that can teach are certainly there. The facility is there. It may make sense to do classes as an addition to those.

Altoidnerd

sr. member

Activity: 406

Merit: 251

http://altoidnerd.com

Quote from: kjj on December 30, 2013, 11:52:19 AM

Quote from: pa on December 30, 2013, 10:04:24 AM

Wow, thanks! but that is WAY over my head. I'd better go watch the Khan Academy videos. . .

People will come up with pretty tools to make it easier as we go. But for now, the guts are certainly here and do work.

This really can be done by hand though, if you have an urgent need to do it. Decoding a transaction in hex by hand is pretty easy. Just follow the docs and remember that each byte is 2 chars, and that you are counting in hex (in my example below, the pkscript length 19 is in hex and means 16+9=25).

And double check everything before you send anything.


01000000 - version
01 - vin count
 2084ba9f2f0f98bb - prevout hash
 1cf0320ee1c486b5
 9b6b79e243de7596
 d3e44fa087b597aa
 01000000 - prevout index
 00 - signature script length
 ffffffff - sequence
01 - vout count
 00e1f50500000000 - value
 19 - pkscript length
 76a91428f60d621b - pkscript
 5d07b9c2820c11cc
 c6d41146b53a3e88
 ac
00000000 - locktime

One of the problems someone at my skill level has is not exactly knowing what environment I need to be in to even begin to understand what you're going for. This is n00b, but can you recommend a resource? Competence is there, I just haven't really turned the corner on being able to look up what I need when I need it - so that I can manipulate things the way the heroes do.

I've been nagging at the idea for a bitcoin school. I would pay for it. I'm 2 years too late to the party and I want to chill with the cool kids so bad.

I'd pay in bitcoin for challenges you guys could write and just moderate passively.

kjj

legendary

Activity: 1302

Merit: 1026

Quote from: pa on December 30, 2013, 10:04:24 AM

Wow, thanks! but that is WAY over my head. I'd better go watch the Khan Academy videos. . .

People will come up with pretty tools to make it easier as we go. But for now, the guts are certainly here and do work.

This really can be done by hand though, if you have an urgent need to do it. Decoding a transaction in hex by hand is pretty easy. Just follow the docs and remember that each byte is 2 chars, and that you are counting in hex (in my example below, the pkscript length 19 is in hex and means 16+9=25).

And double check everything before you send anything.


01000000 - version
01 - vin count
 2084ba9f2f0f98bb - prevout hash
 1cf0320ee1c486b5
 9b6b79e243de7596
 d3e44fa087b597aa
 01000000 - prevout index
 00 - signature script length
 ffffffff - sequence
01 - vout count
 00e1f50500000000 - value
 19 - pkscript length
 76a91428f60d621b - pkscript
 5d07b9c2820c11cc
 c6d41146b53a3e88
 ac
00000000 - locktime

kjj

legendary

Activity: 1302

Merit: 1026

Quote from: NewLiberty on December 30, 2013, 08:52:36 AM

Quote from: kjj on December 30, 2013, 07:51:07 AM

* As far as I know, there is no easy way to do this step. If people are serious about doing this, I'll see about adding a getpublickey RPC command.

There are so very many reasons for this, beyond just this application.

Turns out I don't need to write getpublickey. validateaddress already does it.

pa

hero member

Activity: 528

Merit: 501

Quote from: kjj on December 30, 2013, 07:51:07 AM

First, grab a new address. Have them grab two new addresses. Have them give you one of their new addresses, and the public key* to the other.

Use "bitcoind createmultisig 2 " to create a P2SH address that requires both keys.

Create a raw transaction to this address. Don't broadcast it yet.

(At this point, the raw transaction that you are holding irreversibly transfers coins from your control to a multisig address that requires both of you to redeem.)

Create a raw transaction that redeems this unbroadcast transaction and spends it all** to their other address. The eight zeros at the end are the lock time, in hex. Edit them. Less than 500,000,000 is interpreted as a block number, greater than or equal is interpreted as a unix timestamp. Don't forget to convert to hex.

Locktime is ignored when all inputs are already final, so you need to find the sequence numbers of the inputs. For this, you need to parse the transaction a bit, but this is easy to do by hand. They are eight Fs at the end of each input. Change at least one of them (to anything else).

Now decode your raw transaction to make sure you edited it right. Verify that "locktime" is what you want, and that at least one vin sequence number is less than 4294967295. Use signrawtransaction to add your own signature.*** Send it to them to sign. Have them return the now fully signed transaction so that you can decode it again to make sure it is complete.

(This new transaction transaction can, when the lock expires, spend the funds held by the multisig without your help.)

Now use sendrawtransaction to broadcast the first transaction, and give the locked transaction to the gift recipient.

The final state is that the gifted bitcoins are now in a transaction that you can only spend by getting them to sign a new transaction, but they now hold a transaction that you've already signed that will allow them to spend it to their own wallet.

You can also do this all yourself, and provide them with the WIF of the two keys generated for them, along with the final signed transaction. If you delete all traces of the privkeys and WIFs, you end up in the same place.

There are also variations you could do, like having them sign (or signing yourself if you are going that way) a second locked transaction that will allow you to recover the gift if not used.

* As far as I know, there is no easy way to do this step. If people are serious about doing this, I'll see about adding a getpublickey RPC command.

** Try really hard to guess how much of a fee you'll need in the future. Too low and it might never confirm. Too high and you might be giving away a lot of money.

*** You can change the order here. If you provide the redeemscript from the P2SH address created earlier, they can do the initial signing.

Wow, thanks! but that is WAY over my head. I'd better go watch the Khan Academy videos. . .

pa

hero member

Activity: 528

Merit: 501

If one of you Bitcoin coders could implement time-locked transactions in a fool-proof, rock-solid way, I'd gift 5% of my bitcoin to friends/family, and then send 90% of my bitcoin to myself at some point in the distant future to make sure I don't do something foolish in the short-term, like selling them in the dark days of FUD ahead. I'd keep 5% in cold storage to play around with.

I'd much rather trust a time-locked script (with an easy GUI) and the blockchain as a "custodian" of my bitcoin than a bank or a law firm or a hosted wallet or even a paper wallet that requires that I physically secure it.

Altoidnerd

sr. member

Activity: 406

Merit: 251

http://altoidnerd.com

Quote from: NewLiberty on December 30, 2013, 08:52:36 AM

Quote from: kjj on December 30, 2013, 07:51:07 AM

* As far as I know, there is no easy way to do this step. If people are serious about doing this, I'll see about adding a getpublickey RPC command.

There are so very many reasons for this, beyond just this application.

For some FUD fun, I'm trying to imagine the economic consequences if a holder of an enormous share of coins set such a condition and specified a final state for the coins at a time made public for all to see. Meanwhile the world watches an ominous timer tick on and nobody can do a thing about it.

It's one thing when fontas claims there will be a huge dump in the trollbox. Grain of salt. It's another thing when a massive dump is guaranteed by cryptography.

NewLiberty

legendary

Activity: 1204

Merit: 1002

Gresham's Lawyer

Quote from: kjj on December 30, 2013, 07:51:07 AM

* As far as I know, there is no easy way to do this step. If people are serious about doing this, I'll see about adding a getpublickey RPC command.

There are so very many reasons for this, beyond just this application.

kjj

legendary

Activity: 1302

Merit: 1026

First, grab a new address. Have them grab two new addresses. Have them give you one of their new addresses, and the public key* to the other.

Use "bitcoind createmultisig 2 " to create a P2SH address that requires both keys.

Create a raw transaction to this address. Don't broadcast it yet.

(At this point, the raw transaction that you are holding irreversibly transfers coins from your control to a multisig address that requires both of you to redeem.)

Create a raw transaction that redeems this unbroadcast transaction and spends it all** to their other address. The eight zeros at the end are the lock time, in hex. Edit them. Less than 500,000,000 is interpreted as a block number, greater than or equal is interpreted as a unix timestamp. Don't forget to convert to hex.

Locktime is ignored when all inputs are already final, so you need to find the sequence numbers of the inputs. For this, you need to parse the transaction a bit, but this is easy to do by hand. They are eight Fs at the end of each input. Change at least one of them (to anything else).

Now decode your raw transaction to make sure you edited it right. Verify that "locktime" is what you want, and that at least one vin sequence number is less than 4294967295. Use signrawtransaction to add your own signature.*** Send it to them to sign. Have them return the now fully signed transaction so that you can decode it again to make sure it is complete.

(This new transaction transaction can, when the lock expires, spend the funds held by the multisig without your help.)

Now use sendrawtransaction to broadcast the first transaction, and give the locked transaction to the gift recipient.

The final state is that the gifted bitcoins are now in a transaction that you can only spend by getting them to sign a new transaction, but they now hold a transaction that you've already signed that will allow them to spend it to their own wallet.

You can also do this all yourself, and provide them with the WIF of the two keys generated for them, along with the final signed transaction. If you delete all traces of the privkeys and WIFs, you end up in the same place.

There are also variations you could do, like having them sign (or signing yourself if you are going that way) a second locked transaction that will allow you to recover the gift if not used.

* ~~As far as I know, there is no easy way to do this step. If people are serious about doing this, I'll see about adding a getpublickey RPC command.~~ Use validateaddress (see below).

** Try really hard to guess how much of a fee you'll need in the future. Too low and it might never confirm. Too high and you might be giving away a lot of money.

*** You can change the order here. If you provide the redeemscript from the P2SH address created earlier, they can do the initial signing.

Edit 2013-12-30 16:20 - changed first footnote. Thanks sipa.

NewLiberty

legendary

Activity: 1204

Merit: 1002

Gresham's Lawyer

Quote from: coinrevo on December 30, 2013, 06:19:45 AM

Quote from: kjj on December 30, 2013, 12:34:34 AM

You can set a lock time, but it isn't as cool as you'd like.

The network won't remember your locked transaction for you, so you have to give them the raw transaction to be broadcast in the future. Oh, and unless you delete the keys, you can always double spend it away during the lock time.

Could you elaborate? What would it take to implement this, so that it makes sense? I thought at least basic scripts are working (although I haven't seen them used).

I think a locktime would be the first basic smart contract. This is not entirely accurate then: https://en.bitcoin.it/wiki/Contracts, in terms of how much has been implemented.

This is something we have been working at also within the Bitcoin specie project. A sort of nlock_time+BIP38 certificate for gifting / point-of-sale transactions. It could also function as a sort of savings bond or bearer bond.
We are looking at having something ready early in 2014, but no formal announcements are made yet.

coinrevo

member

Activity: 70

Merit: 10

Quote from: kjj on December 30, 2013, 12:34:34 AM

You can set a lock time, but it isn't as cool as you'd like.

The network won't remember your locked transaction for you, so you have to give them the raw transaction to be broadcast in the future. Oh, and unless you delete the keys, you can always double spend it away during the lock time.

Could you elaborate? What would it take to implement this, so that it makes sense? I thought at least basic scripts are working (although I haven't seen them used).

I think a locktime would be the first basic smart contract. This is not entirely accurate then: https://en.bitcoin.it/wiki/Contracts, in terms of how much has been implemented.

Altoidnerd

sr. member

Activity: 406

Merit: 251

http://altoidnerd.com

Quote from: pa on December 29, 2013, 05:42:40 PM

I would like to gift bitcoin to friends/family without being able to rescind the gift but with them having no access to the bitcoin until it is has fully appreciated (ten years, let's say).

Can I do this with a bitcoin transaction or does it require a trusted third party to take custody of the bitcoin?

This is what cryptography is all about. I'm excited to see a creative solution for this.

kjj

legendary

Activity: 1302

Merit: 1026

You can set a lock time, but it isn't as cool as you'd like.

The network won't remember your locked transaction for you, so you have to give them the raw transaction to be broadcast in the future. Oh, and unless you delete the keys, you can always double spend it away during the lock time.

pa

hero member

Activity: 528

Merit: 501

I would like to gift bitcoin to friends/family without being able to rescind the gift but with them having no access to the bitcoin until it is has fully appreciated (ten years, let's say).

Can I do this with a bitcoin transaction or does it require a trusted third party to take custody of the bitcoin?

Topic: Is it possible yet to send bitcoin with a defineable time (or block #) delay? - page 2. (Read 5342 times)