I just posted my initial feedback on Taro to the bitcoin-dev mailing list. I'll summarize it in this thread.
Taro closely resembles RGB, a protocol I studied extensively, so I'm more familiar with the limitations of both designs than most, and was able to point them out.
2/7 First, let me say this is a valuable protocol. It basically allows tokens to exist inside of BTC's blockchain in a way that minimizes (but doesn't eliminate) on-chain block space usage, while still benefitting fully from Bitcoin's security. None of my points change that.
Feb 21, 2022 • 9 tweets • 3 min read
1/8 Antoine and Gleb (@ffstls) just posted their excellent CoinPool paper.
What is it about? Simply put: multi party UTXO ownership.
I had the pleasure of receiving an early copy. I'm sharing my technical summary below. Hopefully it can help others in their understanding.
👇
2/8 CoinPool allows unilateral withdrawal from a UTXO with multiple owners while avoiding the factorial state blowup issue.
i.e. ABCD -> BCD -> CD -> D differs from ABCD -> ABD -> BD -> D, etc. Too many states to pre-sign!
This is achieved with op_merklesub and sighash_group.
Dec 14, 2021 • 7 tweets • 2 min read
1/7 I often hear people say they want SNARKs (STARKs/zk-sync/zk-rollups) for #Bitcoin, but most are confused what that even means. Common misconceptions are that SNARKs provide something like 100x scaling and that this one "simple" change would enable any functionality they want.
2/7 Let's talk functionality first. SNARKs have only one function: non-interactive witness aggregation. Witness data is e.g. what proves that Alice satisfied the contract that allows her to send money to Bob. SNARKs can compress this data so it takes up much less bandwidth/CPU.
One aspect of #Bitcoin scaling is channels, e.g. 2-of-2 in Lightning or bigger groups in Lightning channel factories or payment pools.
The trade-off is that you can remain off-chain as long as you interact with the channel members.
02/12
This interactivity is difficult to scale. If 1 person in a channel of 100 people goes offline, the only way to move your money is to go on-chain – quite the pickle!🥒
Luckily, #statechains provide a non-interactive way to swap out of a channel. No cooperation required!
Oct 27, 2019 • 5 tweets • 2 min read
1/5 On this week's @UnhashedPodcast we talked to @hasufl about his paper on mining security, and it was incredibly insightful. In this thread I will summarize the core of the argument, which will hopefully show you why the full interview (linked at the bottom) is a must-listen!
2/5 The key finding is that the sunk cost of mining -- which is currently about 50% of the expected revenue over a 2 year period -- is what incentivizes miners to behave honestly. They have essentially pre-bought half the BTC they will mine during this period.
Apr 10, 2019 • 9 tweets • 2 min read
1/9 Blocks WILL be full sooner or later. We're not making smart use of block space, so we're likely to experience a bumpy fee ride until people adjust their behavior. It's human nature to want to deny unpleasant truths, but it's better to be ready. Here's what you need to know👇
2/9 It costs miners virtually nothing to add a transaction. Block space is given to the highest bidder - if nobody bids, it's practically free. If you think mass replicated immutable blockchain data is at least worth something, then it logically follows that blocks WILL be full.
Feb 27, 2019 • 4 tweets • 3 min read
1/4
Update your @Ledger hardware wallet ASAP if you haven't already! Last month Ledger released v1.5.5, stating that it contained a "critical security fix on the Bitcoin app" ( ledger.fr/2019/01/16/led… ). I wondered how serious it was, and today I found out the answer...😮
2/4 @LappoSergey from @MyceliumCom found the bug, with some help from @LeoWandersleb. He quietly released a blog post detailing the bug, and it's VERY serious.
The Ledger can be fooled into sending away ALL funds from ALL your accounts, with NO warning from the device...🤐
Aug 12, 2018 • 6 tweets • 2 min read
1/6 How full nodes ACTUALLY work. Running a #bitcoin full node means you are FULLY verifying EVERY transaction on the network, PAST and PRESENT. This is crucial for trustlessness: YOU check everything. A lot of alt coin "full" nodes fail to satisfy this definition. 2/6 Full nodes give users FULL control over the network, no matter what miners do. Your full node will ONLY accept a completely VALID blockchain. Hard forks won't affect you unless you explicitly choose to replace your full node software.
Jul 29, 2018 • 8 tweets • 4 min read
1/8 Thread on why #bitcoin Soft Forks preserve consensus. Confused why people prefer Soft Forks over Hard Forks? Do Soft Forks somehow seem coercive? Do you feel like Hard Forks aren't such a big deal? Then read this! 2/8 A proper (non-evil) #SoftFork does not negatively impact users that don't upgrade. This is important, because it preserves the consensus we had before the fork. Don't like the changes? Don't upgrade. No harm done.