2. Does anyone have insight into the best format for the section in
snapshot.bin that contains funds unlocked by multisig and other complex scriptPubKeys?
Keep in mind that multsig can either be in the form of "native" multisig (script is in the output) or P2SH (scripthash is in the output).
P2SH is the easier format to handle. It would be recorded in the snapshot identically to PubKeyHash balances. Claiming the credit would require a more complex message as you would need at a minimum the redeemscript as well as the require number of signatures.
This will require some thinking. Perhaps for m-of-n support, the "claim to" string could be signed by m of n addresses and the string + all the signatures could be wrapped and broadcast to the spin-off network. The nodes would look up the address, read the redeem rules from the snapshot.bin file, and ensure that a sufficient number of correct signatures was present.
But are there other common redeem scripts besides the standard single-address script and m-of-n multisig (native and P2SH)? I realize we could implement the full bitcoin transaction verification procedure to handle arbitrary scripts, but I was hoping to avoid this if possible.
Maybe I missed it but what is the reason for not just having the spinoff client handle the claim tx? Is it that you want to avoid importing bitcoin private keys into a different client?
Yes, the idea is that the user shouldn't have to download the client (and trust it with his private keys) in order to claim his share of the spin-off pre-mine. Someone like my dad could figure out how to use his blockchain.info wallet to produce a bitcoin-signed message of a plain-text string, and he would probably feel comfortable signing it if the text he was signing actually made sense to him, but I can't see him downloading a new client and importing his private keys.
I actually think this is quite important. I think we want it to be as frictionless as possible for users to claim their spin-off (for example, so that they could send it to an exchange to sell, or transfer to another user).
EDIT: Also, this might open-up the door to scams where "spin-off claiming" services convince uneducated users to give up their private keys.