So now we know the entire strategy of bitcoin functioning and the way Bitcoins can be utilized for making all sorts of real transactions. Bitcoins are exchangeable for fiat currency via cryptocurrency exchanges and can be used to make purchases from merchants and retailers that settle for them. Greg Sanders: Yeah, if I can jump in. Mark Erhardt: So I’m wondering, one among the problems that appears to jump out once i hear you speaking about this is, what if one aspect retains making updates but not concluding it? And we’ve at all times gone again and forth between those, as a result of we don’t know if we should do a simpler version first and watch for later to do a much more advanced model, or if we must always just bounce to the extra complicated version proper now. Because we’ve at all times been discussing the fact that asserting, having the channel announcement level to a particular onchain output, was fairly unhealthy for privacy and that we could probably do higher. So, youtu.be these are issues that we’ve all the time been simply hand-wavy about how we would try this sooner or later. Read More: Amid value drops and elevated regulation, what’s the future of cryptocurrenc
But I don’t think we’ll can help you have any sort of multiplier, because one among the opposite ideas was that you could also simply announce some UTXOs that you personal, with the proof that you personal them, with a complete worth of, for example, 2 bitcoin, and then that would grant you the ability to announce as much as X occasions that in channels with out having to level to any particular onchain output. I didn’t suppose it was too dangerous, but the one key difference right here is that for the cost channels with penalties as at present designed, it’s necessitating that you retailer these secret nonces forever till channel close. These charts are cardinal a part of the entire affair as with them traders are ready to foretell the movement close to accuracy. But, understanding that the markets by no means close is a useful safeguard to have. When you've got one other Lightning-like channel specification that you coded up or a customized channel sort, you may also embody that in this channel announcement and it'll simply work. That’s why we’re not doing that right now, and that’s why most people will simply keep saying the output that basically corresponds to the channel in order that when it gets spent, people really notice it and may take away it from that graph and know that they cannot route via that channel
re.
I believe we’re going to stick to a easy model, where you permit pointing to any type of output to pay on your channel. PTLC fixes that by ensuring that instead of utilizing the preimage of a SHA256 hash and its hash, we’re going to use elliptic curve points and their private keys. This may seem unnecessary given that BIP32 already gives extended non-public keys (xprvs) that can be shared between signing wallets. Maybe we can start with t-bast. Can the channel stay open when the UTXO will get spent? And then again, how do you be sure that the identical UTXO shouldn't be reused for the announcement; and what happens if that UTXO will get spent? So, will we must be retaining observe of the UTXO actually not being moved while it's the stand-in to have introduced the channel? Mike Schmidt: The taproot and MuSig2 channel discussion somewhat leads into the updated channel announcement dialogue and the way gossip protocol would should be upgraded with a view to support shifting to P2TR outputs. So, we need to change that, because we'd like to permit taproot, which suggests permitting additionally input, particularly if we use MuSig2; we don’t need to reveal the in
keys.
And right now, it’s going to use the identical cost hash with all these nodes, which means that if somebody owns two of the nodes in the path, they are learning information, and this is bad for privacy. Right now, whenever you ship a payment, this cost goes to undergo multiple nodes on the network. Bastien Teinturier: Sure. So proper now, when we introduced the channel on the network, we explicitly introduced node IDs and the Bitcoin keys which might be contained in the multisig 2-of-2, and folks verified that the output that we are referencing is definitelyscriptd with the script hash of multisig 2-of-2 of those two keys, so you possibly can soscriptse it with scripts that actually observe the format of Lightning channels with out taproot. Mike Schmidt: Murch or t-bast, every other feedback on taproot and MuSig2 channels? Mike Schmidt: Go ahead, Murch. Mike Schmidt: Next section from the Summit mentioned PTLCs and redundant overpayments. Bastien Teinturier: Okay, so PTLCs are a change that's allowed by taproot and adaptor signatures.