Published on: 2017-04-13T01:43:46+00:00
On the Bitcoin-dev mailing list, Oleg Andreev has put forward a proposal for implementing Confidential Transactions on the Bitcoin network. The proposal suggests a new accounting model and representation of numbers, using EC points as Pedersen commitments. The goal is to make the change compatible with the existing system and maintain the 1 MB limit. To achieve this, the proposal introduces two new script versions (version A and version B) and implements six new soft fork rules.One of the key features of the proposal is that it allows for the use of confidential transactions alongside plaintext inputs/outputs using legacy software. This means that users can still participate in confidential transactions without having to upgrade their software. The proposal also utilizes the same UTXO set, further ensuring compatibility.In terms of transaction structure, the proposal suggests sticking confidential values directly into the existing format. It also introduces a range proof, which can be either confidential or non-confidential. Additionally, the transaction witness can include an excess value and cleartext amount for a miner's fee.The proposal has a side effect that benefits miners. As they are the ones minting the confidential coins, they have the ability to sell them at a premium. This creates an incentive for miners to support the feature and work on improving the performance of rangeproof validation.To enhance scalability, the proposal suggests compressing on-chain transactions using mimblewimble cut-through. However, implementing more complex support from miners to merge outputs representing "plaintext value bank" would require further development of non-malleable TxID, which excludes miner-adjustable export/import outputs.Overall, the proposal offers a comprehensive plan for implementing Confidential Transactions on the Bitcoin network. It takes into account compatibility with existing systems, introduces new script versions and soft fork rules, and provides incentives for miners to support and improve the feature. By utilizing the same UTXO set and allowing co-authorship with plaintext inputs/outputs, the proposal ensures that users can participate in confidential transactions without the need for significant software upgrades.
Updated on: 2023-08-01T20:23:03.974157+00:00