Re: [bitcoindev] Hourglass V2 Update - 'Brandon Black' via Bitcoin Development Mailing List

Bitcoin Development Mailinglist
 help / color / mirror / Atom feed

From: "'Brandon Black' via Bitcoin Development Mailing List" <bitcoindev@googlegroups.com>
To: Mike Casey <mcasey0827@gmail.com>
Cc: Bitcoin Development Mailing List <bitcoindev@googlegroups.com>
Subject: Re: [bitcoindev] Hourglass V2 Update
Date: Tue, 3 Mar 2026 13:23:30 -0800	[thread overview]
Message-ID: <aadRUrmtko-uyvt2@console> (raw)
In-Reply-To: <9336f5a4-5c28-4c1b-af29-a8462b7a9377n@googlegroups.com>

Hi Mike, list.

My personal response to this type of proposal remains a firm, and
time-unlimited, "no".

There are, broadly speaking, two possible ways in which secp256k1
breaks: Gradually and suddenly.

If it's gradually then the risks to P2PK, P2TR, and public public key
(lol) coins grows gradually, most likely with some large outputs being
stolen first and liquidated in some gradual way (because the first actor
to have access to the break is likely a low time preference entity who
doesn't want to crash the price). Moreover, assuming a gradual break, we
will have long since deployed an alternative cryptosystem and everyone
will have had ample time to migrate. Those coins not migrated are fair
game.

If it breaks suddenly, that could put us in a situation where nobody has
had a chance to migrate their coins AND the type of actors first gaining
access to the coins are more likely to be low time preference dumpers
who will fight each other for the coins using perverse miner incentives
to protect some residual value. This itself would threaten the very
tenability of the system.

Bitcoin has long held the philosophy of NYKNYC which implies the
reverse: YKYC. If we decided to break this for any but the most imminent
and obvious destruction of the system, we have defeated the system's
very raison d'être. In other words, the only time we should limit or
disable an old cryptosystem on bitcoin is in the greatest extremity of
an immediate and total break of the cryptography wherein participants
have not had time to migrate and the break is instantly widespread.

So, unless someone has access to secret evidence that secp256k1 is
already broken (in which case we should be disabling all such signatures
entirely, not trickling them through) we should absolutely not consider
restricting the property rights of those using any secp256k1 signature.
This is regardless of how we feel about public keys being public which
is an entirely other topic.

For me to take a proposal of this general nature seriously, it would
have to treat all secp256k1-protected outputs the same (as the
supposed security of hashed output types relies strictly on public
information being secret).

All the best,

-- 
--Brandon

On 2026-02-10 (Tue) at 12:47:22 -0800, Mike Casey wrote:
> In response to feedback, the Hourglass proposal to mitigate against 
> potential mass liquidation of P2PK funds has been enhanced to further limit 
> spend amounts from such outputs to only 1 bitcoin per block.
> https://github.com/cryptoquick/bips/blob/hourglass-v2/bip-hourglass-v2.mediawiki
> 
> Prior discussion of the original Hourglass proposal:
> https://groups.google.com/g/bitcoindev/c/zmg3U117aNc/m/lDCMs9j7EAAJ
> 
> Thoughts & feedback welcome!

-- 
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/aadRUrmtko-uyvt2%40console.

next prev parent reply	other threads:[~2026-03-03 21:26 UTC|newest]

Thread overview: 15+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2026-02-10 20:47 Mike Casey
2026-02-13 22:06 ` Light
2026-02-16 22:03   ` Jameson Lopp
2026-02-17  0:31     ` Light
2026-02-17 13:02     ` Garlo Nicon
2026-02-17 13:24       ` Isabel Foxen Duke
2026-02-23 18:47       ` Isabel Foxen Duke
2026-02-25 14:39         ` Bob Burnett
2026-02-25 16:46           ` Jameson Lopp
2026-02-18 14:33     ` Mike Casey
2026-02-19  3:26       ` Alex
2026-02-21  6:22         ` neonrooks
2026-03-03 21:23 ` 'Brandon Black' via Bitcoin Development Mailing List [this message]
2026-03-06 15:37   ` Ian Quantum
2026-03-06 15:46     ` 'Brandon Black' via Bitcoin Development Mailing List

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=aadRUrmtko-uyvt2@console \
    --to=bitcoindev@googlegroups.com \
    --cc=freedom@reardencode.com \
    --cc=mcasey0827@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox