Author: Chris Belcher 2019-07-30 21:27:17
Published on: 2019-07-30T21:27:17+00:00
In a Bitcoin mailing list, David A. Harding raised concerns about the risks of timelocking bitcoins, specifically regarding fork coins and transitioning to new security mechanisms. As an alternative, he suggested using coin age, which measures the value of an unspent transaction output (UTXO) multiplied by the time since it was confirmed. Coin age is more difficult for attackers to acquire, as it reflects past patience rather than future sacrifice, and is flexible with different policies. Using coin age would also require less block space compared to timelocks that need new on-chain transactions every few months. JoinMarket could accept all three methods of proving a sacrifice, including burning, timelocking, and aging. It is possible that makers might first lock coins for six months to create a fidelity bond that they can immediately use, then leave the coin unspent after the timelock expires and use its age as the fidelity bond. Harding considered burning coins because it is mathematically simple, but doubted anyone would do it in practice.To address the potential attack against aged coins using address reuse, a condition for aged coins is that their address has not been reused. If the coin is on a reused address, the value of the fidelity bond becomes zero. The BIP158 users who saved their past filters to disk can use them to determine which blocks subsequent to the one including the UTXO may contain a spend from it. However, since a UTXO can be spent in the same block, they would always need to download the block containing the UTXO, or alternatively, the script could contain a 1-block CSV delay ensuring any spend occurred in a later block. If BIP158 filters become committed at some point, this mechanism would be upgraded to SPV-level security.
Updated on: 2023-06-13T20:22:27.361550+00:00