"Recursive covenant" with CTV and CSFS

The discussion revolves around the complexities and unknowns associated with transaction-withholding risks in Bitcoin, a topic not fully explored by Gleb in the Bitmex blog or his communications regarding costless bribes to miners. The conversation highlights the importance of understanding an attacker's goals, knowledge, and capabilities when evaluating threat models, such as those for internet DDoS attacks. By analogy, for a transaction-withholding attack, these elements include the goal (to censor a Lightning Network commitment transaction), the knowledge (the transaction ID and inner workings of the Lightning Network protocol), and the capabilities (e.g., the availability of DLC oracles and the funds for bribing via on-chain fees).

A critical point raised is the concept of "accumulation cost" for an attacker to establish trust in the DLC oracles required for a transaction-withhold attack. This touches on literature regarding Sybil attacks, where the acquisition cost of a Sybil node is considered crucial. The discussion then shifts to whether expanding Bitcoin script's expressivity and reducing the need for an off-chain approach could lower the accumulation cost for such attacks. This would make relying on the "blockchain-as-a-judge" paradigm more feasible, potentially making attacks more practical.

Another part of the email reflects on the evolution of cryptographic function standards within Bitcoin, mentioning the CHECKDATASIG operation as outlined in BIP-0348. This is contrasted with a previous paper by O'Connor which discussed signature orders, highlighting the significance of being able to freely sign a message that isn't the implicit signature digest. This discussion emphasizes the importance of understanding opcode composability for analyzing security implications.

In essence, the email delves into the nuanced aspects of Bitcoin's security, specifically relating to transaction-withholding risks and the potential impact of script expressivity on these risks. It also underscores the ongoing development and analysis of cryptographic functions within Bitcoin's ecosystem, illustrating the deep technical considerations involved in its evolution.