Posted by jamesob
Oct 2, 2023/14:14 UTC
Ephemeral keys and ephemeral nonces, while closely related in the theoretical sense, diverge significantly in practical application. Ephemeral nonces are typically confined to the signing device, such as a hardware wallet, highlighting a fundamental difference in their usage compared to ephemeral keys. The latter's practicality is questioned due to the current technological limitations of hardware wallets, which do not support the generation of presigned transaction trees essential for fully general PSBTs (Partially Signed Bitcoin Transactions). This distinction underscores the challenges in utilizing ephemeral keys in everyday cryptocurrency transactions, especially when considering the convenience of having an xpub on a computer that can generate fresh addresses without the need for constant refreshing and signing with new ephemeral keys.
The conversation then shifts towards the potential for enhancing the security and efficiency of presigned vault transactions. It is suggested that incorporating a tapleaf for spending by a highly secure key could offer a recovery solution in case of issues, preventing coins from becoming permanently inaccessible. This approach has yet to be adopted in open-source software (OSS) presigned vault schemes but presents a promising avenue for future development. The debate extends to the comparison between presigned vault transactions and OP_VAULT transactions, where presigned versions potentially offer an efficiency advantage through keypath spends, although this advantage may be nuanced due to the vbytes difference in favor of OP_VAULT transactions under certain conditions.
A critical examination of presigned vaults highlights the significant overhead associated with managing separate transactional flows for each deposit. This complexity is exemplified by the additional UTXOs and transactions required during the withdrawal process, which could render dollar-cost averaging into a presigned transaction vault impractical due to the potential for hundreds of extra UTXOs and transactions. Despite the possibility that small numbers of input vault coins might not drastically differ in space consumption, the presence of non-trivial scripts in presigned vaults suggests that witness sizes could be considerable.
Further discussion explores the role of ephemeral anchors in potentially simplifying the use of statically-defined wallets for onchain funds management. However, current limitations of V3 transactions, including the lack of support for package transactions compatible with using a single anchor to bump multiple parent vault transactions, present a challenge. The initially anticipated functionality of V3 transactions to support more flexible transaction structures has been scaled back, leaving uncertainty around the implementation of policies that would allow for the bumping of multiple parent transactions with ephemeral anchors, thus exacerbating the issue of separate transaction limitations.
TLDR
We’ll email you summaries of the latest discussions from authoritative bitcoin sources, like bitcoin-dev, lightning-dev, and Delving Bitcoin.
We'd love to hear your feedback on this project?
Give Feedback