SLIDE 1
Segwit
- Encountered in 2 presentations
Segwit, Lightning, Sidechains Segwit Encountered in 2 - - PowerPoint PPT Presentation
Segwit, Lightning, Sidechains Segwit Encountered in 2 - - PowerPoint PPT Presentation
Segwit, Lightning, Sidechains Segwit Encountered in 2 presentations Segwit Core idea: Transaction data structure: <Inputs, Outputs, Scripts> Scripts? <Signature, Pubkeys> TXID = H(<Inputs, Outputs,
SLIDE 2
SLIDE 3
Segwit
- Core idea:
- Transaction data structure:
- <Inputs, Outputs, Scripts>
- Scripts?
- <Signature, Pubkeys>
- TXID = H(<Inputs, Outputs, Scripts>)
SLIDE 4
Segwit
- Bitcoin has a 1MB block limit
- Script is large
- takes up good chunk of this limit
- Increase # of transactions by making this
leaner
SLIDE 5
Segwit
- Script:
- Alice -> Bob
- Alice’s public key
- Signature with Alice’s private key
- Bob’s public key
SLIDE 6
Segwit
- Script:
- Alice -> Bob
- Alice’s public key
- Signature with Alice’s private key
- Bob’s public key
SLIDE 7
Segwit
- Move Alice’s public key and signature (witness)
- ut of the transaction
- Witness data in a new field
- New merkle tree root from witnesses
- Placed into input of coinbase
SLIDE 8
Segwit
- If you are running a pre-segwit node:
- You see similar data (i.e you ignore witness)
- And get blocks with a lot more transactions
- Post segwit:
- Lot more transactions and a new witness field
- Remember, no protocol level change
SLIDE 9
Issues
- Pre-segwit nodes see a lot of txns
- That seemingly are spent by anyone
- Blocks from pre-segwit nodes
- Won’t be accepted by post-segwit nodes
- Blocks from post-segwit nodes
- Won’t be accepted by pre-segwit nodes
SLIDE 10
Pros
- Transaction:
- Alice -> Bob
- <Inputs, Outputs, Bob’s public key>
- Bob can compute TXID
SLIDE 11
Segwit
- How does Segwit help?
SLIDE 12
Lightning Network
SLIDE 13
Lightning Network
- Transactions as fast as your communication
allows
- Not encumbered by protocol
- Payment Channels
- Records just 2 transactions - start and finish
- f economic activity
SLIDE 14
Multisig
- Multiple parties sign off
- 2/3, 3/3, 2/2 etc.
SLIDE 15
Payment Channels
- Exchange Bitcoin Transactions
- On a communication channel
- Only broadcast the final
SLIDE 16
Payment Channels
- Transactions between a pair of individuals
- Primitives:
- Open
- Send/Recv
- Close
SLIDE 17
Payment Channels
- Open:
- Between Alice, Bob
- Record on the blockchain
- Use a transaction
- Output conditions?
SLIDE 18
Open
- Alice, Bob
- Transaction
- Inputs: Alice puts up 1 BTC
- Output: 1 BTC, multisig(Alice, Bob) ||
(timelock(X), Alice)
SLIDE 19
Output Cond.
- multisig(Alice, Bob) || (timelock(X), Alice)
- Both Alice & Bob have to agree to spend this
- OR
- When X blocks pass
- Alice can spend it
SLIDE 20
Broadcast This
- This opens a channel
SLIDE 21
Send Transactions
Multisig(Alice, Bob) 1 BTC Alice 0.9 BTC Bob 0.1 BTC
SLIDE 22
Send Transactions
Multisig(Alice, Bob) 1 BTC Alice 0.9 BTC Bob 0.1 BTC Alice 0.8 BTC Bob 0.2 BTC Alice 0.5 BTC Bob 0.5 BTC
SLIDE 23
Closing
- Bob picks on of these
- (presumably the best one)
- And broadcasts it
- Alice can’t
- Why?
SLIDE 24
Timeout Clause
- Why?
SLIDE 25
This Channel
- One way
- Bob can’t (shouldn’t) pay Alice
- Why?
- Only Alice Pays Bob
SLIDE 26
Bidirectional How?
- Issues:
- Can’t revoke old transactions
- Bitcoin only has timelock, no expiry
- Only way to invalidate is to spend with
another txn
- What is the point of the channel then
SLIDE 27
Trick
- Change the primitives
- Previously:
- Multisig(Alice, Bob) | (Alice &
timelock(X))
SLIDE 28
Trick
- Now:
- Temporary key for transaction.
- Timelock of 1 day
- Alice, Bob, Bob-Temp
SLIDE 29
Open
- Same
Multisig(Alice, Bob) 1 BTC
SLIDE 30
Alice & Bob States
Multisig(Alice, Bob) OR Alice & Timelock(X) 1 BTC Alice 0.9 BTC Multisig(Alice, Bob-Temp) OR Bob & Timelock(1) 0.1 BTC Multisig(Alice, Bob) OR Alice & Timelock(X) 1 BTC Multisig(Alice-Temp, Bob) OR Alice & Timelock(1) 0.9 BTC Bob 0.1 BTC
SLIDE 31
Multisig(Alice, Bob) OR Alice & Timelock(X) 1 BTC Alice 0.8 BTC Multisig(Alice, Bob-Temp2) OR Bob & Timelock(1) 0.2 BTC Multisig(Alice, Bob) OR Alice & Timelock(X) 1 BTC Multisig(Alice-Temp2, Bob) OR Alice & Timelock(1) 0.8 BTC Bob 0.2 BTC Alice 0.9 BTC Multisig(Alice, Bob-Temp) OR Bob & Timelock(1) 0.1 BTC Multisig(Alice-Temp, Bob) OR Alice & Timelock(1) 0.9 BTC Bob 0.1 BTC Revoke
SLIDE 32
Revoke Old
- Alice sends Bob Alice-Temp
- Bob sends Alice Bob-Temp
- Why?
- In what sequence?
SLIDE 33
You Have
- A Sequence of Payments!
SLIDE 34
Need To
- Keep track of all temp keys
- Data structure called GGM
SLIDE 35
Network
- Multiple bidirectional channels
- Alice <-> Bob <-> Manuel <-> Silvio
SLIDE 36
Alice -> Manuel
- Alice Pays Bob
- Bob Pays Manuel
- Thus Alice -> Manuel
- Make this work?
SLIDE 37
Hash/Time Locked Contract
- Nonce!
SLIDE 38
Hash/Time Locked Contract
Multisig(Alice, Bob) OR Alice & Timelock(X) 1 BTC Alice 0.8 BTC Multisig(Alice, Bob-Temp2) OR Bob & R & Timelock(1) 0.2 BTC Multisig(Alice, Bob) OR Alice & Timelock(X) 1 BTC Alice 0.8 BTC Multisig(Alice, Bob-Temp2) OR Manuel & R & Timelock(1) 0.2 BTC
Alex and Manuel communicate What do they communicate? Manuel knows R Sends Alice H(R) Test is knowledge of R
SLIDE 39
Sidechains
SLIDE 40
Sidechain
- Take your bitcoin to a different blockchain
- Use it there
- Move it back
- Trustless 2-way peg
SLIDE 41
Why?
- Innovations not possible on BTC
- Using the ledges for a variety of things?
SLIDE 42
Examples
- Liquid
- Connects exchanges and payment providers
- Avoid going to the chain for transfers
- Large payments, large providers
SLIDE 43
Peg
- A transaction in 1st chain locks coins
- Reference in 2nd chain
- (Some kind of swap)
- 2-way means both directions
- Some exchange rate
SLIDE 44
Verification
- Centralized authority
- N of m authorities (federated peg)
- Simplified Payment Verification
SLIDE 45
SPV
- Show miners have mined blocks on top of the
block containing the locked transaction
- Build a merkle tree and this is a “proof”
- Can counter this proof showing a longer chain
without this transaction
SLIDE 46