Re: [bitcoindev] op_ctv still has no technical objections - 'moonsettler' via Bitcoin Development Mailing List

Bitcoin Development Mailinglist
 help / color / mirror / Atom feed

From: "'moonsettler' via Bitcoin Development Mailing List" <bitcoindev@googlegroups.com>
To: Erik Aronesty <erik@q32.com>
Cc: Bitcoin Development Mailing List <bitcoindev@googlegroups.com>
Subject: Re: [bitcoindev] op_ctv still has no technical objections
Date: Fri, 19 Dec 2025 14:58:19 +0000	[thread overview]
Message-ID: <ZDIGYB4Jcy6DGEkUGxEIBgmD0WhaNQh8X3ovu6bVwnBQ4jCQS84dkG22oLR0XJmgG0emYj9eg1mwU3I0gZtKfpovVCjlXh5FsfO0UmelT-c=@protonmail.com> (raw)
In-Reply-To: <CAJowKg+cCoocSEYsTT3bLwte=-3Kbzo5k6YT--UnDwzoZPF1wQ@mail.gmail.com>

Hi All,

Just a small remark

> lnhance is more comprehensive. but also it's so much harder to reason about three separate op codes and what the attack surface could be.

It's 4 opcodes, but ofc it's safe to ignore INTERNALKEY when it comes to unexpected interactions.
We have spent basically a whole year on walking in circles with various opcode combos.

We came up with a set of threshold rules that make sense as an evaluation framework:
- Fine-grained introspection
- State-carrying covenants
- Bigint operations
- New arithmetic capabilities using lookup tables

These are key "ingredients" to exogenous asset protocols that are script interactible and novel bridge
constructions, that might interact badly with mining decentralization.

Many other proposals instantly violate some or all of them, not LNhance.
To this day I haven't seen anyone come up with anything remotely scary with CTV+CSFS+PC.

I would like to encourage people to take the time and try to come up with anything "nasty".

BR,
moonsettler


Sent with Proton Mail secure email.

On Thursday, November 27th, 2025 at 10:18 AM, Erik Aronesty <erik@q32.com> wrote:

> It's been many years and there's been a lot of discussion about various covenants
> I think one of the biggest problems is everyone has to insist on their baby is the best baby.
>
> op_ctv is quite literally not the best at anything. That's the whole point. It's non-recursive, can't be used for strange or dangerous things, and can be used to emulate a lot of other opcodes.
>
> It's adequate. And I don't think we want anything "better" than adequate the first time around. lnhance is more comprehensive. but also it's so much harder to reason about three separate op codes and what the attack surface could be.
>
> I don't think it's possible to optimize a series of covenants for all possible scenarios. Easy to make them too powerful and now nodes are doing too much work and we're attracting the kind of network activity that nobody wants.
>
> Fortunately the risk of CTV is fairly low. It's always possible to turn it off (no new tx)... if there's a game theory issue.
>
> I don't think there's any particular rush, but we could lose a lot of fees and support for miners if Bitcoin continues to do what it is doing now... scaling almost entirely in custodial systems. That's also just not the Bitcoin that anyone loves.
>
> At this point it feels like it's "perfect is the enemy of the good".
>
> We have an old and rather well tested pull request that is only a handful of lines of code that everyone has scrutinized a million ways.
>
> I don't think we're getting that for any other covenant opcode.
>
>
>
>
>
>
>
>
>
>
>
> --
> You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
> To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
> To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/CAJowKg%2BcCoocSEYsTT3bLwte%3D-3Kbzo5k6YT--UnDwzoZPF1wQ%40mail.gmail.com.

-- 
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/ZDIGYB4Jcy6DGEkUGxEIBgmD0WhaNQh8X3ovu6bVwnBQ4jCQS84dkG22oLR0XJmgG0emYj9eg1mwU3I0gZtKfpovVCjlXh5FsfO0UmelT-c%3D%40protonmail.com.

     prev parent reply	other threads:[~2025-12-19 15:10 UTC|newest]

Thread overview: 5+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-11-27  7:43 Erik Aronesty
2025-11-28  2:04 ` [bitcoindev] " 'conduition' via Bitcoin Development Mailing List
2025-11-29 23:08 ` [bitcoindev] " /dev /fd0
2025-12-18 19:01   ` Erik Aronesty
2025-12-19 14:58 ` 'moonsettler' via Bitcoin Development Mailing List [this message]

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='ZDIGYB4Jcy6DGEkUGxEIBgmD0WhaNQh8X3ovu6bVwnBQ4jCQS84dkG22oLR0XJmgG0emYj9eg1mwU3I0gZtKfpovVCjlXh5FsfO0UmelT-c=@protonmail.com' \
    --to=bitcoindev@googlegroups.com \
    --cc=erik@q32.com \
    --cc=moonsettler@protonmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox