Basically, I'm suggesting that the transaction be accepted into the mining queue, but not mined until the recipient endorses the transaction, verifying that the destination address is still valid, active, and proper. Failure to get an endorsement will result in the transaction being cancelled and the funds being returned to the sender.
I see. From the OP I was confused about what you were trying to accomplish with the handshake. Got it now, thanks for clarifying.
No sweat on that... I often have a hard time organizing my thoughts and getting them out properly. Heck, that last reply took me a while to crank out.
The concept of a handshake... it means different things in different contexts... I never even thought about the network-layer handshake as referenced by genjix.
Endorsement would be a better term here maybe.... the same way a merchant endorses a check to ensure that it gets deposited into the right account when he drops them off at the bank.
You covered a lot of topics.
First sending Bitcoins to an invalid address is nearly impossible. Addresses have a 32bit checksum and client will refuse to send coins to an address which is malformed. Sending coins to an incorrect but valid is so rare to be impossible (1 in 4.3 billion).
As far as preventing transactions. That isn't possible but since individual coins can be tracked one could return the coins to sending address (possibly having to pay transaction fee). This is no different than other forms of payment.
From a legal standpoint (outside the blockchain & protocol) you could have a "holding account" where payments are sent and then the receiver transfers them from holding account to their internal account which would constitute acceptance. The sender could return payments they don't accept to the sending address (although that creates problems w/ systems like Mt.Gox where sending & receiving addresses aren't linked).
I've read many of your posts and I know you have a great handle on what Bitcoin is and what it can do. I also know you're pretty well aware of what Bitcoin isn't and what it can't do. I'm very pleased to have you jump into the discussion.
My post did touch on a few different areas of bitcoin, but really only a single topic... endorsement of a transaction before it's made, the handshake.
On the sending side... I think it would be nice to have a safety net to prevent sending coins to any address that would be the equivalent of destroying coins. The reason (invalid, lost keys, whatever) doesn't matter.
On the receiving side, I think it would be useful to be able to reject inputs from source you don't want to be associated with. To use a real-world analogy, let's say I mailed you a check and you deposited that check, there's a record of the transaction. If you later discover that you should not have accepted funds from me, you can issue a refund, but there's still a record of you accepting funds from me in the first place. If my name is Osama and your name is Obama, that would be a very bad thing... you should have checked the sender before accepting the transaction. Perception is everything and 20/20 hindsight won't save you from the black eye, no matter what you do with that money.
To use a non-financial analogy, anyone can come knocking on your door, but that doesn't mean that you have to let them into your home. With bitcoin, you don't have that option, if someone sends you coin, that coin is in your wallet.
Still this requires everything on the senders end and doesn't help if the sender/address/wallet is "gone". To allow either party to control the "pending payment" you need multi-sig.
1) Create a script w/ a 1 of 2 key option. Signing w/ 1 key (sender) returns payment to sender address (can be different than payment address). Signing w/ other key (receiver) forwards payment on to seller's payment addresss.
2) Create a p2sh address for the script.
3) Send payment to p2sh address.
4a) Receiver accepts: Receiver signs and payment is forwarded to their internal address.
4b) Receiver rejects: Receive leaves payment in limbo and sender signs to return payment themselves.
I can see where this would work for acceptance on the part of the receiving party in a friendly transaction, which would be kinda silly, as the receiver is expecting coin and would gladly accept it. Here's a box, and here's a key to open it. We still haven't dealt with the fact that the transaction itself might be unwelcome in the first place.
Ok, so I'm a rank newbie here, and while I think I understand the principles behind P2SH, I may be missing something in the implementation, so correct me if I'm wrong in stating that P2SH, as implemented by either BIP, provides a
security mechanism to curtail the unauthorized spending of bitcoin.
If P2SH existed a week ago, could it have been used to prevent the Linode heist? I think so... slush's system would have generated the initial transactions, which would require him to counter-sign the final release. Problem solved.
If P2SH existed 6 months ago, could it have been used to prevent Mt.Gox from tossing 2600 coins into the BitBucket? I don't think so, they would have signed away to meet the P2SH requirements, but that would have done nothing to validate or verify the receiving addresses.
So, I think it's fair to say that P2SH is security, while endorsement is more of a safety, but one that could be completely transparent to the end users, unless they choose to interact with it (manually endorsing payments to specific addresses)
There is no way AFAIK to automate this at the blockchain level (i.e. return if not signed in 100 blocks) but clients at both ends could be setup to auto-sign and forward based on conditions (i.e. merchant auto accepts and forwards if payment matches a valid order, sender auto-returns any payments not accepted in 24 hours).
That likely is the closest you would get to what you proposed. Support p2sh so we can have multi-sig transactions for this (and hundreds of other purposes).
Even with my limited understanding of the whole Bitcoin system, I'd agree with you that it wouldn't be possible to implement this into the block chain right now, but at this point, I'm hoping to garner enough interest that maybe this mechanism could be fleshed out, coded, tested, and ready to go when the next big fork comes around.
My only question comes in terms of compatibility at the client level... would it be possible to generate a backwards compatible bitcoin address with option bits before the checksum? I ask, because I'm not yet seeing any other way to do this completely in-band, and I can already think of at least 2 flags: REQUIRE_ENDORSEMENT and AUTO_ENDORSE (for offline/paper wallets).
Actually, I lie. I can think of a couple more flags for safeguarding incoming transactions, but that would be completely outside the scope of this particular thread. I'm sure if you thought about all the ways we exchange money, property, and goods in the real world, I'm sure you can think of a few flags to help provide additional safety, accountability and security.