-
Notifications
You must be signed in to change notification settings - Fork 52
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Research: v5 transaction format #122
Comments
Latest spitball for v5 TXs (given Limits/BigInt work):
|
bitjson
changed the title
Research: detached signatures with cross-input signature aggregation
Research: v5 transaction format
Aug 14, 2024
Adding to spitball (revisiting byte saving ideas from here):
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Just opening this issue to have a URL to share until I and/or another contributor get around to implementing a demo of cross-input signature aggregation in detached signatures, presumably as part of a v5 transaction format proposal. Also implicit/optional sequence numbers (but not locktime to avoid disincentivizing re-org resistance), probably some solution for fractional satoshis, maybe implied OP_RETURNs, and compactUint everything else. (And consider enabling or requiring v5 TXs to support UTXO Hash Sets.)
A key goal is to reduce the size/cost of CashFusion transactions, e.g. the largest one so far was ~40KB, with 261 inputs and 114 outputs1. Replacing each signature in this TX with a reference to a detached signature (e.g.
OP_1
) would save261 * 64 = 16,704 bytes
(minus the aggregated, detached signature itself), bringing the transaction size down to ~24KB (41% savings). The savings are also greater for transactions with more inputs than outputs, so the overall effect will also encourage (privacy-preserving) UTXO set consolidation.Also worth noting that we could save an additional
261 * 33 = 8,613 bytes
(down to ~15KB, for 62% total savings) if all inputs switched to P2PK rather than P2PKH. Between the funding output (the change output of the last TX) and fusion input, each user saves 24 bytes of public key hash and P2PKH overhead.There are some privacy considerations on the P2PK usage: you don't want to leak which output is the "change" if you're paying to P2PKH, but if the funding transaction was already using PayJoin, there was no meaningful cost to negotiating P2PK addresses rather than P2PKH. We can also expect 1) network wide P2PK usage to increase due to the cost savings and 2) if some popular wallets support both P2PK and P2PKH (esp. mixed use) the difference stops being useful as a privacy-breaking heuristic (wallets could even juggle funds between them to throw off naive trackers).
Chaingraph Queries
Paste into https://try.chaingraph.cash/:
Result:
Note: until we improve performance of this sort of query, you need a trusted instance to find/filter CashFusion transactions:
The text was updated successfully, but these errors were encountered: