Author: Salvatore Ingala 2023-05-05 21:18:16
Published on: 2023-05-05T21:18:16+00:00
In this email exchange, Johan TorĂ¥s Halseth and Salvatore Ingala discuss the generalization of a construct that allows access to embedded data in inputs and outputs, as well as enforcement of output keys and taptrees. They also discuss how fraud proofs can extend beyond what Script can do, but note that there is plenty that can be done without them. The conversation then shifts to the topic of simulating coin pools using a commitment to the set of pubkeys and amounts owned by participants, along with an output taptree where each participant has their own spending path. The unilateral withdrawal Script can be the same for all participants, with the witness containing the Merkle proof and additional information to identify the leaf in the tree. The data in the leaf can contain a commitment to all relevant participant information, such as balance and pubkey. The discussion concludes with the question of how one would efficiently prove the inclusion/exclusion of data in the commitment. A Merkle tree is suggested as a versatile and efficient solution, with a proof for 128 participants requiring around 250 bytes of witness size.
Updated on: 2023-06-16T03:05:06.094093+00:00