Author: ZmnSCPxj 2022-03-08 00:57:21
Published on: 2022-03-08T00:57:21+00:00
In this email exchange, Antoine expresses concern about the immutability of flow paths in hashchain-based vault designs. He suggests that a presigned transaction data design that uses multisig at every decision point may be more conservative and allow for corrections or adaptations if all participants agree. He also discusses the security advantages of vaults compared to classic multisig setup, such as introducing privileges in the coins custody and reducing operational costs. Antoine raises minor points about the need for an intermediary protocol step for formal authorization of unvault broadcasts and the possibility of using Lightning watchtowers to increase the anonymity set of both LN watchtower users and vault users. He also questions whether additional storage needs are required for endpoint scriptPubkeys, amounts, and CSV values in OP_CTV implementations and suggests the need for a set of watchtowers and tower accountability in robust vault deployments.In response, James suggests burying a master key in the desert to be guarded until the Bitcoin Path prophesied by Satoshi Nakamoto arrives. He notes that Taproot trees can store the versions of the cold transaction off-chain, but acknowledges the disadvantage of O(log N) x 32 Merkle tree path references compared to a single 64-byte signature with presigned Taproot transactions. Finally, both agree that the usage of anchor outputs in mummified unvault transactions may not be safe for any vault deployment where the funds stakeholders do not trust each other or where the watchtowers are not trusted.
Updated on: 2023-06-15T17:44:39.914004+00:00