So now we know the whole technique of bitcoin functioning and how Bitcoins can be used for making all kinds of real transactions. Bitcoins are exchangeable for fiat foreign money

cryptocurrency exchanges and can be used to make purchases from merchants and retailers that accept them. Greg Sanders: Yeah, if I can leap in. Mark Erhardt: So I’m questioning, certainly one of the issues that appears to jump out once i hear you talking about this is, what if one aspect retains making updates but not concluding it? And we’ve at all times gone back and forth between those, as a result of we don’t know if we must always do a easier version first and await later to do a way more complicated version, or if we must always just jump to the extra advanced model proper now. Because we’ve all the time been discussing the truth that announcing, having the channel announcement point to a selected onchain output, was fairly unhealthy for privacy and that we could in all probability do better. So, those are issues that we’ve at all times been simply hand-wavy about how we might do that sooner or later. Read More: Amid value drops and elevated regulation, what’s the way forward for cryptocurrency?

But I don’t think we’ll allow you to have any kind of multiplier, because considered one of the other ideas was that you might additionally just announce some UTXOs that you just own, with the proof that you just personal them, with a total worth of, for instance, 2 bitcoin, after which that might grant you the power to announce as much as X occasions that in channels without having to point to any specific onchain output. I didn’t assume it was too unhealthy, but the one key distinction here is that for the cost channels with penalties as at the moment designed, it’s necessitating that you store these secret nonces endlessly until channel shut. These charts are cardinal a part of the entire affair as with them traders are in a position to foretell the motion near accuracy. But, realizing that the markets never shut is a handy safeguard to have. You probably have another Lightning-like channel specification that you coded up or a custom channel sort, you can even include that in this channel announcement and it'll just work. That’s why we’re not doing that proper now, and that’s why most individuals will simply keep announcing the output that basically corresponds to the channel in order that when it gets spent, people truly notice it and may take away it from that graph and know that they can't route by that channel anymore.

I think we’re going to follow a simple model, the place you allow pointing to any sort of output to pay for your channel. PTLC fixes that by making sure that instead of using the preimage of a SHA256 hash and its hash, we’re going to use elliptic curve points and their private keys. This may seem unnecessary provided that BIP32 already supplies extended private keys (xprvs) that can be shared between signing wallets. Maybe we can begin with t-bast. Can the channel keep open when the UTXO gets spent? And on the other hand, how do you ensure that the same UTXO just isn't reused for the announcement; and what occurs if that UTXO will get spent? So, will we need to be protecting track of the UTXO really not being moved while it is the stand-in to have introduced the channel? Mike Schmidt: The taproot and MuSig2 channel dialogue considerably leads into the updated channel announcement dialogue and the way gossip protocol would should be upgraded in an effort to help moving to P2TR outputs. So, we want to vary that, as a result of we need to allow taproot, which means permitting also input, especially if we use MuSig2; we don’t want to reveal the internal keys.

And proper now, it’s going to use the same cost hash with all these nodes, which implies that if somebody owns two of the nodes in the path, they're learning data, and that is unhealthy for privateness. Right now, whenever you ship a fee, this fee is going to undergo multiple nodes on the community. Bastien Teinturier: Sure. So proper now, after we announced the channel on the network, we explicitly announced node IDs and the Bitcoin keys which are inside the multisig 2-of-2, and other people verified that the output that we are referencing is actually locked with the script hash of multisig 2-of-2 of those two keys, so you possibly can solely use it with scripts that basically follow the format of Lightning channels with out taproot. Mike Schmidt: Murch or t-bast, any other feedback on taproot and MuSig2 channels? Mike Schmidt: Go ahead, Murch. Mike Schmidt: Next section from the Summit discussed PTLCs and redundant overpayments. Bastien Teinturier: Okay, so PTLCs are a change that's allowed by taproot and adaptor signatures.