Pages:
Author

Topic: Taproot proposal - page 21. (Read 11651 times)

legendary
Activity: 2310
Merit: 1422
November 22, 2020, 04:08:26 AM
#89
Are we going to see new P2TR address format with this Taproot proposal update or there is no change for this and we keep well know formats?

The malicious lie underpinning this question was already addressed here: https://np.reddit.com/r/Bitcoin/comments/jwgbu0/mining_pool_operators_independent_miners_i/gd46yy1/

Quote
No wonder that Binance pool is rejecting Taproot,
That isn't true. Coindesk ran an article saying that binance pool was the only top-5 mining pool that hasn't made a public statement of supporting it, I'll never stop being surprised at the level of dishonest narrative spinning that happens in this "industry".

I guess for you it has a completely different meaning and I can sympathize with your mood. Let Coindesk be Coindesk, what can we expect from a media company which completely dismissed bitcoin for almost 4 years in favour of the infamous Blockchain Technology?
Like everyone they had to put their heads down and recognize that the only thing that matter is, of course, bitcoin.
 Wink
staff
Activity: 4284
Merit: 8808
November 22, 2020, 03:12:00 AM
#88
Are we going to see new P2TR address format with this Taproot proposal update or there is no change for this and we keep well know formats?

The malicious lie underpinning this question was already addressed here: https://np.reddit.com/r/Bitcoin/comments/jwgbu0/mining_pool_operators_independent_miners_i/gd46yy1/

Quote
No wonder that Binance pool is rejecting Taproot,
That isn't true. Coindesk ran an article saying that binance pool was the only top-5 mining pool that hasn't made a public statement of supporting it, I'll never stop being surprised at the level of dishonest narrative spinning that happens in this "industry".

legendary
Activity: 2086
Merit: 1282
Logo Designer ⛨ BSFL Division1
November 21, 2020, 03:12:15 PM
#87
Are we going to see new P2TR address format with this Taproot proposal update or there is no change for this and we keep well know formats?

No wonder that Binance pool is rejecting Taproot, and they are now one of the largest mining pool.
hero member
Activity: 2702
Merit: 716
Nothing lasts forever
November 20, 2020, 09:09:30 AM
#86
AntPool signaling BIP8 like SlushPool, that's some news now! Smiley Perhaps, I've been too critical a few weeks ago when I was expecting some skirmish from miners regarding the upgrade. If that's the pace of miners activating Taproot we should get there in a reasonable amount of time.
Some of them eventually had to recognize which is the one and only bitcoin that rules.
Luxor says count me in. Another mining pool has joined the race and will be activating the Taproot upgrade through BIP9.
With this a total of 6 mining pools have already signalled towards activating Taproot.


legendary
Activity: 3948
Merit: 3191
Leave no FUD unchallenged
November 20, 2020, 06:15:42 AM
#85
AntPool signaling BIP8 like SlushPool, that's some news now! Smiley Perhaps, I've been too critical a few weeks ago when I was expecting some skirmish from miners regarding the upgrade. If that's the pace of miners activating Taproot we should get there in a reasonable amount of time.
Some of them eventually had to recognize which is the one and only bitcoin that rules.

I'm working under the impression they're treating it like any other software update.  Some will opt to do it sooner, some a bit later.  I don't get the sense there are any political motivations involved in the decision.  More a question of simply when it's convenient timing to upgrade.

I could be wrong, but I think it might just be a case of people expecting drama when there may not be any.
legendary
Activity: 2310
Merit: 1422
November 20, 2020, 04:35:34 AM
#84
AntPool signaling BIP8 like SlushPool, that's some news now! Smiley Perhaps, I've been too critical a few weeks ago when I was expecting some skirmish from miners regarding the upgrade. If that's the pace of miners activating Taproot we should get there in a reasonable amount of time.
Some of them eventually had to recognize which is the one and only bitcoin that rules.
legendary
Activity: 1512
Merit: 4795
Leading Crypto Sports Betting & Casino Platform
November 19, 2020, 03:28:49 PM
#83
Bitcoin mining pools representing over 54% of the network’s current hashrate have signaled support for the scaling and privacy protocol upgrade Taproot, merged into Bitcoin Core last month.



https://www.coindesk.com/bitcoin-miners-taproot-schnorr-support
legendary
Activity: 2898
Merit: 1823
November 19, 2020, 06:45:11 AM
#82
There are three mining pools which have started to signal support for Taproot/Schnorr activation. Poolin, Slush, and BTC.com.

BTC.com? Isn't that Roger Ver's pool?

Tracker, https://taprootactivation.com/
That's a small start: currently, those three pools contribute an overall of 25% of global hashing power. By the way, BTC.com is from Bitmain.
It's interesting to notice the already very different approaches of the first three pools signaling the upgrade:
  • Poolin - BIP9 (the same BIP for SegWit that went through tough times where the upgrade need to be activated before a specific time reaching a set threshold)
  • Slush Pool - BIP8 (UASF that would also activate the upgrade at a specific future date or block height no matter the threshold reached)
  • BTC.com - BIP8 + BIP9

Let's see when other pools join the party.


Another Chinese pool, F2Pool, has started to signal for activation as well. One of the largest pools with BTC.com, part of the mining cartel.

It might be a smooth process without any drama and politics, but Slush's BIP8 for insurance. Cool
legendary
Activity: 2380
Merit: 17063
Fully fledged Merit Cycler - Golden Feather 22-23
November 18, 2020, 11:04:23 AM
#81
 Another summary from BTC Times:

Mining Pools Poolin, Slush & BTC.com Announce Support for Taproot

Quote
According to Taproot-Activation, a website launched by Poolin, three large mining pools have announced their support for the upgrade: Poolin, Slush Pool, and BTC.com. According to BTC.com, the three pools collectively manage around 25% of the Bitcoin network's total hash rate.

The pools currently support different activation processess.

Also nice link to https://taprootactivation.com/





legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
November 18, 2020, 06:08:21 AM
#80
That's a small start: currently, those three pools contribute an overall of 25% of global hashing power.

From another perspective 2 of them (Poolin & BTC.com) are 2nd & 3rd with biggest hashrate, which is good start IMO.
legendary
Activity: 2310
Merit: 1422
November 18, 2020, 02:49:33 AM
#79
There are three mining pools which have started to signal support for Taproot/Schnorr activation. Poolin, Slush, and BTC.com.

BTC.com? Isn't that Roger Ver's pool?

Tracker, https://taprootactivation.com/
That's a small start: currently, those three pools contribute an overall of 25% of global hashing power. By the way, BTC.com is from Bitmain.
It's interesting to notice the already very different approaches of the first three pools signaling the upgrade:
  • Poolin - BIP9 (the same BIP for SegWit that went through tough times where the upgrade need to be activated before a specific time reaching a set threshold)
  • Slush Pool - BIP8 (UASF that would also activate the upgrade at a specific future date or block height no matter the threshold reached)
  • BTC.com - BIP8 + BIP9

Let's see when other pools join the party.

 
legendary
Activity: 2898
Merit: 1823
November 18, 2020, 01:37:24 AM
#78
There are three mining pools which have started to signal support for Taproot/Schnorr activation. Poolin, Slush, and BTC.com.

BTC.com? Isn't that Roger Ver's pool?

Tracker, https://taprootactivation.com/
staff
Activity: 4284
Merit: 8808
October 25, 2020, 09:54:47 AM
#77
Am I getting it wrong thinking that "schnorr" is just an improved way of doing EC signatures, while "taproot" is an extension to the scripts interpreter?

Because reading some publications (and this forum topic), one could get an impression that schnorr and taproot are synonyms, whilst for me they are two different features. Although, I understand that they are planned to be deployed and activated together.

Schnorr without taproot isn't really that useful: it makes it simpler and safer to write threshold signatures but that's it-- you can already threshold signatures using burdensomely complicated client software.  And threshold signatures by themselves don't even do that much-- they let you make signatures somewhat smaller but only when you don't need to be able to tell which parties signed.   It's better --- but perhaps not worth the trouble of a consensus change by itself.

Taproot without schnorr isn't really that useful: without threshold signatures, which are burdensomely complex to write software for without schnorr, it only lets you have a single party key at the top (which is pretty useless.)

There is a third logical part of taproot,  which is the merkelized script. This part is probably the most useful of the three on its own, but it's much more useful in combination.  With it you can use trees of N of Ns to make thresholds work usefully even when you need to be able to tell which parties signed, and  N of Ns are much easier to deal with than arbitrary thresholds, because the latter requires interactive secret key generation.

In order to have the property where arbitrary complex scripts are normally indistinguishable from one-of-one payments you need all three.  They also can't just be independently implemented: taproot changes the pubkey that goes into schnorr verification to commit to the merkelized script.

There were other techniques proposed, including graftroot (allows you to add scripts to an output after someone has already paid to it), and improved signature flags--  but those were possible to implement independently without leaving the rest not very useful.  There were also a number of next steps like signature aggregation which would have been best implemented in combination but were still left out because the three main features of the taproot bip were still useful without it.

I only found test vectors in bip340_test_vectors.csv - but they seem to be only checking sign_schnorr() and verify_schnorr() functions.
Are there any new test for entire scripts and transactions?
Looks like all the new testing is done with the python framework. I'll prod Pieter to add old style vectors.

They are over here: https://github.com/bitcoin-core/qa-assets/blob/master/unit_test_data/script_assets_test.json
legendary
Activity: 2053
Merit: 1356
aka tonikt
October 25, 2020, 08:44:22 AM
#76
Am I getting it wrong thinking that "schnorr" is just an improved way of doing EC signatures, while "taproot" is an extension to the scripts interpreter?

Because reading some publications (and this forum topic), one could get an impression that schnorr and taproot are synonyms, whilst for me they are two different features. Although, I understand that they are planned to be deployed and activated together.
legendary
Activity: 2053
Merit: 1356
aka tonikt
October 25, 2020, 07:32:11 AM
#75

I only found test vectors in bip340_test_vectors.csv - but they seem to be only checking sign_schnorr() and verify_schnorr() functions.

Are there any new test for entire scripts and transactions?

legendary
Activity: 2898
Merit: 1823
October 23, 2020, 04:16:54 AM
#74
I want to add just a comment. Some people may be mistaking that Taproot will be able to make CoinJoin transactions harder to see, although, Taproots hide scripts and making multisig indistinguishable but it does not directly do anything for CoinJoin.” So, what I know for now about taproot is that it will make multisig transactions to look like single key transactions.


Some Bitcoin tumblers and Wasabi/Samourai should start developing/testing, and see what they can build for "offchain mixing". I believe that could give a lot of users a very valid reason to start using Lightning.
staff
Activity: 4284
Merit: 8808
legendary
Activity: 2053
Merit: 1356
aka tonikt
October 21, 2020, 06:58:47 AM
#72
Will there be any taproot related tests added to the src/test/data ?
legendary
Activity: 2310
Merit: 1422
October 20, 2020, 09:21:11 AM
#71
So taproot removes the distinction between single party spends and multisig too (which can include lightning input spends which don't actually use CSV/CLTV, even if they have it available).  Indistinguishable threshold signatures may not, however, be usable for all multisig usage because the threshold signature requires a little more interaction between signers and because in some cases you really want the public record to reflect which participants out of the threshold actually participated.

Of course, and that's actually a very elegant way to put it. Thanks gmaxwell, keep contributing here for us to really get into all-bitcoin-tech-things. And, really, thank you both for your two posts as now I believe I have a much clearer picture regarding what Taproot activation would mean. Thank you so much!
staff
Activity: 4284
Merit: 8808
October 20, 2020, 07:25:36 AM
#70
just to clarify, schnorr sigs are also needed to remove the distinction between single-sig and multi-sig, as signature aggregation (not possible with ECDSA sigs) reduces all the signatures from separate parties in a Multi-sig address to one (the signatures _are_ calculated separately, but the participants then literally add the signatures together to produce a single signature that validates the transaction)

without schnorr's sig-agg, multi-sig txs would still require the minimum quantity of sigs defined as the threshold minimum in the scriptSig, and more than one signatures necessarily means more than one signer Wink (unless you're using multi-sig as a security measure where you sign with 2+ devices, taproot/schnorr protects that kind of user from revealing their security practices also)

Terminology danger!

Signature aggregation refers to the case where the verifier (the blockchain) knows a bunch of different pubkeys and you prove that they all approved a transaction using a single aggregated signature.  This is the often talked about thing that taproot doesn't include that would help make multi-input transactions much smaller.

Threshold signatures and _key_ aggregation are where some participants cooperate to produce a single key which some threshold of them can sign for, but which to the network just looks like a single party signing.  Taproot allows this, and it's what allows you to make multisig like usage which is indistinguishable from single key.

So taproot removes the distinction between single party spends and multisig too (which can include lightning input spends which don't actually use CSV/CLTV, even if they have it available).  Indistinguishable threshold signatures may not, however, be usable for all multisig usage because the threshold signature requires a little more interaction between signers and because in some cases you really want the public record to reflect which participants out of the threshold actually participated.

Quote
But atypical scripts will still be just as noticeably different as before, the only difference being that alternate paths (i.e. OP_OR sections within the script) will not be recorded to the blockchain, only the path that is actually used to spend the output from the address is written to chain.

Yes, but almost always you can restructure a script as "[All the parties agree]  OR [Complicated script thing]". If you can do this, you can put an N of N pubkey at the top, and if the parties cooperate, the parties can cooperate and just sign and and the fact that "complicated script thing" exists at all will not be exposed.

The only time the existence of a complicated script would be exposed is if some parties don't cooperate (E.g. because they're offline).
 
Pages:
Jump to: