Re: [bitcoin-dev] Vaulting (Was: Automatically reverting ("transitory") soft forks)

2022-04-29 Thread Billy Tetrud via bitcoin-dev
> the point of a vault is the ability to keep your primary wallet keys in *highly* deep cold storage I think we're both right. You're also right that there are many possible configurations including the one you mentioned. I can see good reasons to use multisig even if both keys are quickly on han

Re: [bitcoin-dev] Vaulting (Was: Automatically reverting ("transitory") soft forks)

2022-04-29 Thread Nadav Ivgi via bitcoin-dev
> The whole point of a wallet vault is that you can get the security of a multisig wallet without having to sign using as many keys. In my view, the point of a vault is the ability to keep your primary wallet keys in *highly* deep cold storage (e.g. metal backup only, not loaded on any HW wallets,

Re: [bitcoin-dev] Vaulting (Was: Automatically reverting ("transitory") > soft forks)

2022-04-27 Thread Billy Tetrud via bitcoin-dev
Os that have values that can't be spent with the given CTV > commitment, then you just use that other branch. > > - Buck > > --- Original Message --- > > > Date: Sun, 24 Apr 2022 18:03:52 -0500 > > From: Billy Tetrud billy.tet...@gmail.com > > > > > T

Re: [bitcoin-dev] Vaulting (Was: Automatically reverting ("transitory") soft forks)

2022-04-27 Thread Billy Tetrud via bitcoin-dev
@Russell > OP_PUBKEY, and OP_PUBKEYHASH as wildcards Ah I see. Very interesting. Thanks for clarifying. @Nadav > You can have a CTV vault where the hot key signer is a multisig to get the advantages of both. Yes, you can create a CTV vault setup where you unvault to a multisig wallet, but you do

Re: [bitcoin-dev] Vaulting (Was: Automatically reverting ("transitory") soft forks)

2022-04-25 Thread Russell O'Connor via bitcoin-dev
On Sun, Apr 24, 2022 at 7:04 PM Billy Tetrud wrote: > @Russel > > the original MES vault .. commits to the destination address during > unvaulting > > I see. Looking at the MES16 paper, OP_COV isn't described clearly enough > for me to understand that it does that. However, I can imagine how it >

Re: [bitcoin-dev] Vaulting (Was: Automatically reverting ("transitory") soft forks)

2022-04-25 Thread Nadav Ivgi via bitcoin-dev
On Mon, Apr 25, 2022 at 1:36 PM Billy Tetrud via bitcoin-dev < bitcoin-dev@lists.linuxfoundation.org> wrote: > If you unvault an output to your hot wallet, the thief could be lying in wait, ready to steal those funds upon them landing. One way to mitigate some of the risk is to split up your UTXO

Re: [bitcoin-dev] Vaulting (Was: Automatically reverting ("transitory") > soft forks)

2022-04-25 Thread Buck O Perley via bitcoin-dev
y Tetrud billy.tet...@gmail.com > > To: "Russell O'Connor" rocon...@blockstream.com, Bitcoin Protocol > > Discussion bitcoin-dev@lists.linuxfoundation.org > > Subject: Re: [bitcoin-dev] Vaulting (Was: Automatically reverting > ("transitory")

Re: [bitcoin-dev] Vaulting (Was: Automatically reverting ("transitory") soft forks)

2022-04-25 Thread Billy Tetrud via bitcoin-dev
@Matt > both of which are somewhat frustrating limitations, but not security limitations, only practical ones. So I think the first limitation you mentioned (that if your hot wallet's key gets stolen you need) can be legitimately considered a security limitation. Not because you need to rotate yo

Re: [bitcoin-dev] Vaulting (Was: Automatically reverting ("transitory") soft forks)

2022-04-23 Thread Russell O'Connor via bitcoin-dev
Okay, Matt explained to me the intended application of CTV vaults off list, so I have a better understanding now. The CTV vault scheme is designed as an improvement over the traditional management of hot-wallets and cold-wallets. The CTV vault is logically on the "cold-side" and lets funds be sen

Re: [bitcoin-dev] Vaulting (Was: Automatically reverting ("transitory") soft forks)

2022-04-23 Thread Matt Corallo via bitcoin-dev
Still trying to make sure I understand this concern, let me know if I get this all wrong. On 4/22/22 10:25 AM, Russell O'Connor via bitcoin-dev wrote: It's not the attackers *only choice to succeed*.  If an attacker steals the hot key, then they have the option to simply wait for the user to un

Re: [bitcoin-dev] Vaulting (Was: Automatically reverting ("transitory") soft forks)

2022-04-23 Thread Russell O'Connor via bitcoin-dev
On Sat, Apr 23, 2022 at 12:56 AM Billy Tetrud wrote: > > If an attacker steals the hot key, then they have the option to simply > wait for the user to unvault their funds > > This is definitely true. Its kind of a problem with most vault proposals. > Its one of the primary reasons I designed an a

Re: [bitcoin-dev] Vaulting (Was: Automatically reverting ("transitory") soft forks)

2022-04-23 Thread Billy Tetrud via bitcoin-dev
> If an attacker steals the hot key, then they have the option to simply wait for the user to unvault their funds This is definitely true. Its kind of a problem with most vault proposals. Its one of the primary reasons I designed an alternative proposal

[bitcoin-dev] Vaulting (Was: Automatically reverting ("transitory") soft forks)

2022-04-22 Thread Russell O'Connor via bitcoin-dev
On Fri, Apr 22, 2022 at 12:29 PM James O'Beirne via bitcoin-dev < bitcoin-dev@lists.linuxfoundation.org> wrote: > This vault design (https://github.com/jamesob/simple-ctv-vault) > is a good benchmark for evaluating covenant proposals because it's (i) > simple and (ii) has high utility for many use