Connect with us

Crypto News

OP_CHECKSEPARATESIG And Actuaries: Fixing Multiparty Channel Factories

Published

on

Many people these days are finally starting to realize the shortcomings and limitations of off-chain channels limited to two participants, i.e. the Lightning Network, and the necessity to start exploring designs for channels with more than two participants for this direction in scaling to work successfully in the long term. That necessitates accepting new trade-offs, namely that the price for solving some of Lightning’s existing problems by packing more than two people into a shared control arrangement for a UTXO is the creation of a whole new class of problems.

The biggest problem introduced in making the move from two parties to more than two parties is the interactivity requirement. If you have 10 people in a single channel sharing control of one UTXO, you need all 10 parties online at the same time in order to update the state of that base channel. This presents a much worse coordination problem than the current implementation of Lightning channels where only two people need to be online to make use of the channel.

Currently the best thinking regarding this issue is simply to introduce trust into the situation through what is essentially a federation. Lightning (and future multiparty channel systems) work as a self custodial system because the multisig holding funds on chain is n-of-n, requiring 100% of the participants to sign off to change the state of off-chain funds. If you yourself as a member to such an agreement refuse to sign a new update, then it is impossible for your funds to be reassigned in any way. Ignoring the requirement to stay online and watch the blockchain to deal with old states, this security model is equivalent to sole custody on the mainchain. Control of funds cannot be changed from the current state of things without your signature.

Reducing the key threshold from n-of-n to m-of-n completely undermines that security equivalence to sole custody on-chain. It is effectively custodial, in that your key is no longer absolutely and non-negotiably required in order to move control of your funds. ZmnSCPxj (not Zman!) has proposed an interesting solution to the interactivity problem.

OP_CHECKSEPARATESIG

This proposal would require two softforks, SIGHASH_ANYPREVOUT and OP_CHECKSEPARATESIG. The scope of OP_CHECKSEPARATESIG is so small and tiny of a change I would be amazed if there is any serious contention with it, and APO has a relatively large consensus in the ecosystem as a desirable change.

OP_CHECKSIG and OP_CHECKSIGVERIFY are the two main ways signatures are verified in Bitcoin script currently. There are two parts of a signature, the S value and the r value. OP_CHECKSIG(VERIFY) takes the r and S of the signature as one whole argument, and the public key to verify it against as another, for a total of two arguments, and then checks whether the signature is valid or not. OP_CHECKSEPARATESIG takes the public key, the r value, and the S value all as separate arguments (for a total of three), and verifies the signature.

Yes, that is literally the entirety of the proposal. A softfork even simpler and less complicated than CHECKTEMPLATEVERIFY (CTV). Why is this needed? Well, you’ll see here right now.

State Updates Without Everyone Online

A multiparty channel.

This is what the starting state of a very basic multiparty channel would look like. A pre-signed transaction needing Alice, Bob, and Charlie to sign for a UTXO they share control over with an output for each member. If Alice wants to pay Bob while Charlie is offline, the only option she has is to create a pre-signed transaction from her output in the channel state splitting those funds between herself and the payment to Bob like this:

Alice paying Bob.

The problem with this arrangement is that Alice can simply sign a conflicting transaction taking back the payment to Bob at any time and use it before Charlie comes online and everyone updates the channel, and because only her key is needed to do that Bob can do nothing to stop her. We need to have some kind of arbitrator that ensures Alice cannot double-spend Bob when making payments in this way because Charlie is unresponsive.

You could just add a condition requiring that a Actuary (M) also be a keyholder for everyone’s outputs, meaning they would have to sign to approve any transactions spending Alice, Bob, or Charlie’s outputs from the channel state. The problem with that is, now Bob has to trust the Actuary instead of Alice. If the Actuary cooperates with Alice, Bob can still be double spent.

This is where OP_CHECKSEPARATESIG comes in. Here’s how: the r value in a signature is derived from the nonce used to sign. One of the key risks in nonce handling is the risk of key leakage, reusing the same nonce twice for different transactions will leak enough information for someone with both of those transactions to be able to regenerate the private key used. This can be used to take the Actuary role from above and remove trust in them. Whatever key the Actuary uses for this role, they can load with a bond that can be confiscated. From this point we add their key to everyone’s outputs like described above, except specifying in each script exactly what r value has to be used in the signature from M ahead of time. We also have a CSV timelocked path needing only the owner’s key; this way users can always spend their funds however they want if the channel is closed on chain after a timelock.

Now when Alice goes to pay Bob while Charlie is offline using a pre-signed transaction spending her output in the channel, she goes to the Actuary to sign off on it. After the signatures are completed and Bob has a copy of the transaction, he has an immensely stronger guarantee that these funds will not be double spent. If the Actuary collaborates with Alice to double-spend Bob, his key is leaked and the funds he put in a bond can be confiscated. If the channel is closed out on-chain in this state Bob will be able to confirm the transaction co-signed by the Actuary before Alice can double-spend him, because Alice has to wait for a timelock to expire before she can double-spend, Bob doesn’t because the Alice and Actuary spending path has no timelock. This can be added as a clause to every level of the multiparty channel if you nest smaller channels on top as well.

This provides a security model for Alice and Bob to update the multiparty channel without Charlie being online, which while not being strictly speaking trustless, is about as close as you can get without meeting that bar. Bob can have a strong guarantee that he won’t be double spent, which is virtually 100% as long as the bond value the Actuary uses is greater than the payment value, and Alice can make this payment with a guarantee good enough for Bob even though Charlie is offline. This can be used in that likely very frequent situation where not everyone is available to continue processing updates, and cleanly cut-through whenever everyone is online to update the base level of the channel and remove the extra transactions using this scheme.

OP_CHECKSEPARATESIG and the Actuary role it enables in multiparty channels solve a huge problem in actually making the concept of more than two people sharing a channel workable at scale. I’m sure there are plenty of other situations besides multiparty channels where enforcing with a bond that some party only ever signs one version of something. This should be something very seriously considered by Bitcoiners, it provides a big solution to a known problem with no complexity by just slightly changing a tiny aspect of how signatures are verified. 

​ With an OP code arguably simpler than CTV, Actuaries could trustlessly solve the problem of everyone needing to be online to update a channel factory. 

Continue Reading
Click to comment

Leave a Reply

Your email address will not be published. Required fields are marked *

Crypto News

Detroit Aims to Drive Digital Asset Innovation on Day Three of the America Loves Crypto Tour

Published

on

By

Crypto-natives and fans of Detroit rapper Big Sean flocked to the Lager House, just outside of downtown Detroit, for the third stop of the America Loves Crypto Tour. The event provided both an evening of live entertainment and a call to action to get out the crypto vote in the upcoming 2024 elections following previous stops in Arizona and Nevada.

Michigan is considered a battleground state, and the Stand With Crypto Alliance sees the state’s 940,000 bi-partisan Bitcoin and crypto owners — 25,000 of which are Stand With Crypto members — as potentially crucial for the upcoming presidential election. The 2020 election’s margin within Michigan was only about 156,000 voters, which means that crypto voters could well swing the electoral outcomes in 2024.

Local startup founders, university blockchain clubs, former State Representative Ryan Berman (R) and operatives of the Stand With Crypto Alliance took the stage for the third stop on the battleground state roadshow to communicate a simple message: Digital asset owners and entrepreneurs have leverage, and it’s time to make their political voices heard.

The last few years have seen the US Securities and Exchange Commission’s (SEC) inconsistent regulatory actions have a chilling effect on the industry. Adam Zientarski, co-founder of Detroit Ledger Technologies, remarked that he would like to see that change so that “startups can actually be focused on growth and not on moving the company to another country”. On behalf of entrepreneurs in the state, he simply asks regulators to “let them build.”

In an interview with Bitcoin Magazine, former Michigan State representative and Attorney General candidate Ryan Berman echoed similar thoughts on the role of regulation.

“You can’t predict what is going to happen in this technology space, but we want to make sure people can innovate and have the tools necessary without government blocking them,” Berrman said. “Detroit has been on a rebound over the last couple of decades. It would be beneficial and put Michigan on the map to say ‘Hey, we want to welcome these types of companies, we want innovation.’”

Berrman went on to emphasize the economic importance of fostering innovation in the state:

“Here, at this event, we’ve heard from these entrepreneurs from the University of Michigan, [which] has half of their student body from out of state. The other half is in-state kids from our big schools – currently, our students leave the state looking for jobs. What can we do to keep our students here? Technology is at the forefront.

Crypto Education: Not Just For Elected Officials

Technological innovation took the driver’s seat during the America Loves Crypto’s stop in The Motor City, and what stuck out was the cultural interest in Bitcoin and crypto co-mingled with the pride many Detroiters, in particular college students, have for their state of residence. President of the University of Michigan Blockchain Club Evan Solomon received raucous applause from the crowd when shouting out his alma mater.

College students and educational institutions, a particular point of pride for Michigan, seem to be paying strong attention to Bitcoin and crypto during this election season. Speaking with Bitcoin Magazine, Solomon proudly shared that his on-campus club has received support from the prestigious Ross School of Business to host an event with 25 visiting organizations in attendance.

Yet, Solomon also remarked that clear regulation is “the single most important thing” when it comes to fostering talent and strengthening the industry in the state. When students consider what careers or companies to pursue post-college, the stigma of over-regulation is a major factor. But the tides are turning and Solmon is optimistic following a 2023 meeting with U.S. Senator Gary Peters (D), saying: “I thought the reception was great, they wanted to hear us out, and they wanted to hear about the applications.”

Code And Law: Constitutional Battles for Developers

Bitcoin and crypto are in the State of Michigan not just a matter of revenue and economic development, but of important constitutional considerations for more than 940,000 Michigan crypto owners.

Berman, who has a background in law, explained that overlapping First, Second and Fourth Amendment considerations have informed his perspective on crypto. Specifically, he argued that 3D printing files for creating firearms are as much a Second Amendment constitutional right as they are issues of free speech and privacy, and he sees overlap with cryptocurrency in that regard now that developers of open source privacy tools are also being prosecuted.

“Freedom of speech is what our Founding Fathers were all about. Publishing a manual can be bad if somebody uses it for a bad purpose, but [in the case of 3D-printed guns] there’s plenty of legitimate purposes as well. But even if there aren’t any, it doesn’t matter what the purpose is, it’s all about freedom, it’s all about the First Amendment. I’m totally an advocate for not only the Second and First Amendments, but the Fourth Amendment in particular when you’re talking about encrypted communications.”

America Loves Crypto continues its road show this week and the following in Milwaukee, Philadelphia and Washington D.C. Attendees can RSVP for these free events where they will be able to register to vote while connecting with like-minded folks ahead of election day this November.

​ The Motor City and State of Michigan see opportunity in creating a business-friendly environment for the Bitcoin and crypto industry, welcoming the Stand With Crypto Alliance. 

Continue Reading

Crypto News

Bitcoin Surges to $60,000 as Markets Brace for Potential Fed Rate Cut

Published

on

By

Bitcoin has climbed back to $60,000, fueled by anticipation of a Federal Reserve interest rate cut expected next week. Bitcoin’s rally comes as markets prepare for the possibility of a 25-50 basis point rate reduction, a move that many believe could further boost BTC and risk-on investments.

BREAKING: $60,000 #Bitcoin 🚀 pic.twitter.com/pualhxdQOU

— Bitcoin Magazine (@BitcoinMagazine) September 13, 2024

Earlier this summer, Federal Reserve Chair Jerome Powell hinted that a rate cut could come as early as September. Speaking on June 12th, Powell noted that the central bank would consider lowering rates once they were confident inflation was moving back toward their 2% target. This week’s announcement that U.S. inflation has dropped to 2.5%, lower than expectations, has potentially paved the way for such a move.

JUST IN: 🇺🇸 Fed Chair Powell says an interest rate cut could come as soon as September 👀 pic.twitter.com/RuIFqVZqSC

— Bitcoin Magazine (@BitcoinMagazine) July 31, 2024

The Federal Reserve announce its decision this coming Wednesday, September 18, at the next scheduled Federal Open Market Committee (FOMC) meeting. A rate cut could provide additional momentum for Bitcoin, which has already risen more than 125% over the last year.

Just yesterday, the European Central Bank cut its key interest rate by 0.25 percentage points, following the Bank of Canada’s decision to also reduce its policy rate by 25 basis points last week.

​ Bitcoin touches $60,000 ahead of a potential interest rate cut by the Federal Reserve, signaling market optimism amid falling reported inflation data. 

Continue Reading

Crypto News

Bitcoin Price Action: What to Expect Next

Published

on

By

Bitcoin’s recent price movements have caused concern among investors about what might come next. However, by looking at key indicators such as the 200-week moving average, Pi Cycle Top Indicator, and the Golden Ratio Multiplier, we can gain insights into potential support and resistance levels for Bitcoin.

Leaning Bearish?

In recent weeks, Bitcoin’s price has fluctuated, dipping as low as $53,000 before stabilizing in the middle of our newly formed $50,000 to $60,000 range. If this bearish price action is to continue and price breaks to lower lows the 200-week moving average heatmap (blue line), a historically critical support level, is currently close to $39,000 but fast approaching $40,000 (white line). This round psychological level also aligns with the Bitcoin Investor Tool (green line), which has also converged with the 200-week moving average, could serve as potential downside targets.

Figure 1: Converging levels of support at $40,000 if bearish price action continues.

Nearby Targets

Above current price there are several important levels closer to the current price that investors need to keep an eye on. The Pi Cycle Top Indicator (upper orange line) suggests a crucial resistance level around $62,000, based on the 111-day moving average. The Golden Ratio Multiplier (lower orange line) indicates that the 350-day moving average, currently around $53,000, has been a solid level of support during this market cycle, especially as this is close to the technical $52,000 support and significant psychological support of $50,000.

Figure 2: Nearby support between $53,000 and $50,000, with immediate resistance between $60,000 and $62,000.

More Chop?

In the short term, Bitcoin could very well continue ranging between the low $50,000 region and the $60,000 resistance, similar to the range we had formed between $70,000 and $60,000 that led to fairly stagnant price action for a majority of 2024. Despite recent downturns, Bitcoin’s long-term outlook is still promising. In the past, Bitcoin has experienced similar periods of fluctuating prices before eventually reaching new highs. However, this process can take some time, potentially weeks or even months, before a sustainable trend reversal occurs following periods of low volatility.

Figure 3: Monthly volatility is rapidly decreasing, potentially as BTC finds a new range between $50,000 and $60,000. View Live Chart 🔍

Conclusion

For long-term investors, it’s important to remain calm and not be swayed by day-to-day price changes. Over-trading often leads to poor decisions and losses, and the key is to stick to a strategy, whether it involves accumulating at support levels or taking profits at resistance.

Bitcoin’s recent price action has not been ideal, but with some simple technical analysis and a clear understanding of support and resistance levels, investors can prepare and react rather than over overreact to natural market fluctuations.

For a more in-depth look into this topic, check out our recent YouTube video here: Bitcoin Price Action: What to Expect Next

​ Bitcoin’s Path Forward: Insights into Price Targets, Support, and Resistance Zones 

Continue Reading

Shadow Banned

Copyright © 2023 mesh news project // awake, not woke // news, not narrative // deep inside the filter bubble