Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Study support of vaults in grin/mimblewimble #71

Open
ignopeverell opened this issue Jul 2, 2017 · 8 comments
Open

Study support of vaults in grin/mimblewimble #71

ignopeverell opened this issue Jul 2, 2017 · 8 comments
Labels
help wanted research

Comments

@ignopeverell
Copy link
Contributor

Grin should already support in the near future:

  • multisig using aggregate (formerly Schnorr) signatures ;
  • time-locked transactions.

Using these primitives, figure out how to implement vaults [1] [2].

[1] http://hackingdistributed.com/2016/02/26/how-to-implement-secure-bitcoin-vaults/
[2] http://fc16.ifca.ai/bitcoin/papers/MES16.pdf
@yeastplume
Copy link
Member

yeastplume commented Sep 6, 2017
edited
Loading

No panic on response, but what's the intended mechanism for time-locked transactions? Edit, never mind, I need to look at the other time-related issues more closely.

@ignopeverell
Copy link
Contributor Author

You're in for some reading :-) It's mostly on the mailing-list, mixed up with more sophisticated contract explorations. I'd look over the following threads, check some of the replies as well:

https://lists.launchpad.net/mimblewimble/msg00022.html
https://lists.launchpad.net/mimblewimble/msg00025.html
https://lists.launchpad.net/mimblewimble/msg00036.html
https://lists.launchpad.net/mimblewimble/msg00086.html

@yeastplume
Copy link
Member

Heh... at some stage I'll have a look through that lot and try to summarise here, for easier future reference.

@antiochp
Copy link
Member

antiochp commented Sep 6, 2017

Multisig we effectively get for free right? It can be handled entirely in the wallet impl?

http://diyhpl.us/~bryan/papers2/bitcoin/mimblewimble-andytoshi-INCOMPLETE-DRAFT-2016-10-06-001.pdf

Multisignature Outputs. We observe that CT rangeproofs can be produced interactively in the
same ways that Schnorr signatures can to produce multisignature outputs. Similarly the sinking
signatures can be trivially produced in a multiparty way. So support for multiparty signatures, while
not addressed in this article, is simply a matter of wallet support and requires no further changes to
the system.

@ignopeverell
Copy link
Contributor Author

Andrew assumes Schnorr sigs in his paper, however those aren't ready yet (although getting close from what I can see at bitcoin-core/secp256k1#461). So yes, once we have Schnorr, they'll basically come for free. For now, as we temporarily do ECDSA, we don't have multisig.

@antiochp
Copy link
Member

antiochp commented Sep 6, 2017

Ahh makes sense - thanks!

@sesam
Copy link
Contributor

sesam commented Jan 18, 2018

In September, Schnorr sigs were not ready yet. Does
Simple Schnorr Multi-Signatures with Applications to Bitcoin now mean that they are?
Paper authors: Gregory Maxwell, @apoelstra, Yannick Seurin, and Pieter Wuille <-- Andrew or @antiochp might know what the next step or dependency is to move forward on vaults in grin

@sesam
Copy link
Contributor

sesam commented Jun 29, 2018

grin uses Schnorr since a couple months, and this issue talks about time locked transactions which we presumably already have. So with both pieces, what's left to research or implement in this issue?

@quentinlesceller quentinlesceller mentioned this issue May 12, 2020
Closed
2 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
help wanted research
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
4 participants
@sesam @yeastplume @ignopeverell @antiochp