DRAFT: interactive tx construction protocol

The proposed addition of a second commitment requirement to the PoDLE used by JoinMarket is suggested to limit the use of a commitment's validity between an initiator and a single peer. This would prevent a "pouncing venus-flytrap attack" where verification by any node that is not the intended recipient will fail since they will use the wrong node_id. The commitment H(P2) could be altered to include the receiving node, making it unnecessary to commit to the utxo since the pubkey pair effectively does that. However, it is imperative to verify that the pubkey provided is locked to the utxo script. The 'grindability' of a proof can be useful for finding the originator of an attack. One of the goals of implementing PoDLEs was to be compatible with JoinMarket, which extends only as far as the H2 construction and not the proof. In JoinMarket, takers always send out to 5-12 makers at once, and the HP2 only needs to get broadcast by one to stop any reuse. A malicious counterparty can choose to blacklist, but the system works fine in practice. The Maker side tries to create herd immunity, assuming some level of honest participation. The mechanism is not strong, but it serves to stop trivial global snooping and doesn't cost anything in terms of identity or locked funds. There could be a small time window between one maker receiving !auth and at least one other honest maker getting to broadcast step at !ioauth, but this is not practical in their use case. Removing this concern could be either slightly or extremely important in another use case.