Author: Christian Decker 2011-08-24 19:05:42
Published on: 2011-08-24T19:05:42+00:00
On August 24, 2011, Gavin Andresen initiated a discussion on the Bitcoin-development mailing list about the fastest way to secure bitcoin wallets. He proposed that multi-signature transactions were the best approach to achieve this goal and asked for consensus from the community. ByteCoin suggested splitting a private key between two people using zero-knowledge proofs, but Gavin assumed it was not the fastest method due to its complexity. Instead, he requested open-source, patent-free, and thoroughly-tested code for DSA-key-splitting.Gavin also proposed adding an RSA-like scheme to enable m-out-of-n signatures. He suggested distributing shares of the key as points on a curve with the actual key as a 0-value. If ECDSA allowed something similar, there would be no need to change anything. He shared a draft proposal for low-level 'standard' transactions that required 2 or 3 keys to sign and discussed the possibility of introducing new 'standard' multisignature transactions to relay and include them in blocks.However, some members raised concerns about defining new bitcoin addresses, which would have to be 2 or 3 times bigger than current addresses and incompatible with old clients. They suggested enabling opcodes to make new bitcoin addresses smaller and backward compatible and scheduling a block chain split for N months from now. Gavin worried that if they waited to do things right, there might be no consensus on the exact digest function or whether to introduce a new opcode for arbitrary boolean expressions involving keypairs. Ultimately, Chris encouraged exploring alternative directions to maintain backward compatibility and allow multisignature.
Updated on: 2023-05-26T20:32:52.946075+00:00