-----BEGIN PGP SIGNED MESSAGE-----
The first party to produce a verifiable death certificate for one Pieter Wuille, aka sipa, last known to exist somewhere around KU Leuven in Belgium will receive payment of 1 (one) Bitcoin to any valid* Bitcoin address of his specification.
* Valid Bitcoin addresses start with a "1".
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
-----END PGP SIGNATURE-----
If you know enough about cryptography to be involved in cryptocurrency you know the above is valid ; if you know enough about Bitcoin that it's useful to you, you know it's also good.
Now that we've taken the dirty but necessary business of governmenti out of the way, let's go into the more interesting technical details. Here's an archival copy of the offending material, find quotes with commentary below.
Okay. So I am Pieter Wuille. I'll be talking about segregated witness for Bitcoin. Before I can explain this, I want to give some context. We all know how bitcoin transactions work. Every bitcoin transaction gets inputs, which refer to previous outputs being spent. Every input has the txid and the signature to prove that it is allowed, plus an amount and script in every output. What this presentation will mostly be about is the question of whether all of this data is equally important.
In particular, we are going to be talking about signatures. It's important to realize here that signatures are really only needed for fully-validating nodes. As a light-weight client, you are not validating signatures, even though they are part of the transactions you still have to download them. If you are using a full-node that is syncing historical data, you don't actually validate all of the signatures in there. Currently there is a mechanism in there using checkpoints, which we want to deprecate soon, but the result will still be that we're not validating all signatures from years ago in deep history.
The point here is that non-validating nodes are not nodes. If you decide to buy some Trilema creditsii, the relevant, Bitcoin-related interaction happens at two points : when whatever validating node that holds your Bitcoiniii signs and announces the transaction, and when whatever full node I use sees the announcement and verifies the signature. At no other point and in no other manner is Bitcoin to any degree involved. Not when you use the "SPV Bitcoin Node" that is "your" online wallet ; not when you use the "SPV Bitcoin Node" that is the browser which displays Trilema to you, Mozilla, Chrome, whatever it may be. Not when the "SPV Bitcoin Node" that is your NAT Router or Comcast-owned modem passes the bits back and forth. Bitcoin is something that happens, on the social level, between holders ; and on the technical level between nodes.iv
The other important point is that the signatures are the only important parts of the transaction. The reference Bitcoin implementation, as released by the Bitcoin Foundation (the real one, not the n-th reboot of Vessennes' original MtGox-promoting, BFL-promoting fraudster den) already ignores most of that crud, and will be removing more of it in the future. This can not be emphasized enough : you can not be building any type of business on any sort of Gavinism, because they will not survive on the middle term. It's not just the Bitcoins, that you would have lost had I not murdered "XT". Everything - every hour you spend "developing" atop the crud USG agents try to stick in Bitcoin is a wasted hour, because the stuff you build upon has the consistency of smoke and the life expectancy of... well, I was going to say ephemerides, but I guess we could just as well say Pieter Wuille.
All the captatio in the world, all the carefully-engineered, plainly USG-Democrat style narrative, all the attentive positioningv is not going to change the simple fact : Bitcoin wants Wuille's head. Follow down the path that got him killed at your own peril.
These signatures are only needed at time of validation. They don't go into the UTXO set, the database of all unspent coins.
And your dad doesn't go with you to the club. Notwithstanding that the clothes that you're wearing, he bought, and the car you drive or else the ticket for the bus that gets you there - he paid for. The notion that signatures "don't go into the UTXO set" is like the notion that hard work and living within one's means "don't go into WMAGvi". You can see how well that worked for your parents just by looking around : if they didn't buy that nonsense, at the cost of their labour and their lives, you wouldn't have some random gypsy from Eastern Europe decide if you live or die. How's that for captatio ?
These unspent transaction outputs don't enter into the UTXO set. This is a significant cost on the resources of both keeping a node running but also the speed of propagation and access to the UTXO set needs to be fast. Of all the data in a transaction, signatures don't go into the UTXO set, even though they account for 60% of the blockchain data. Segregated witness is about ignoring this whenever possible.
They of shorter memory than their noses will no doubt have already forgotten the previous attempt at a "soft fork" organized by these same people, affectionately dubbed the Power Rangers. I guess we're supposed to not recall last year, nor any details about how non-validating Chinese miners managed to drag a soft fork in and then not enforce it, causing a netsplit that took a day to heal, the worst since Mike Hearn's deliberate sabotage a coupla years ago.
The reason for this name is because signatures are not part of the transaction.
Yes, they are. Not only are they part of the transaction, not only are they an integral part of the transaction : they are the only actually needed part. What makes a transaction a transaction is the signature, nothing else. Everything else is like marketing : contributes to costs, not to revenue.
They don't describe what the transaction is doing.
The attempt to import meaning and state into Bitcoin is the true attack vector here, and particularly pernicious. Review the sad history of XML and HTML standards if you're too young to remember how Erik Naggum died.
The only thing htey are doing is proving that the transaction is authorized by the previous owners of the coins.
I know, right ?
There are usually multiple possible valid signature for the same transaction.
This is a major problem, principally driven by the deliberately broken state of the FOSS (and guess who broke it, or are you too new to have read the NSA agent notes from various crypto conferences ?) resulted in braindamage being imported into Bitcoin via openssl. This is to be healed, mostly through removal. What the enemy would desire, of course, is for it to become the baseline, a new normal of sorts upon which further rot to be imported ad infinitum, slowly but surely chipping away at Bitcoin's disruptive capacity. This will not fly.
We don't really care what the signature is, all we care about is that at least one signature for that existed. Such an example of where something exists is known as a witness.
This is not even wrong.
We don't care that what it is, well we do for auditing purposes, like in multi-sign setup where you have 1-of-3 people that are able to spend a particular output, perhaps you would really like to know which person signed, which we will solve later. Inside a transaction, you still don't care.
This attempt at confounding the problem is the proof that not only is he not even wrong, he knows he's not even wrong, and actively, deliberately trying to cover it up. No, "1-of-3" bullshit has nothing to do with Bitcoin, and is uninteresting in this discussion.
Wouldn't it be nice to just drop the signatures?
That's it, and that's all. Please take my money.———
- You are now confronted with the unhappy choice between making this "go viral" or whatever you call blathering endlessly about shit you can't affect on "social media" ; or else tacitly admitting that I have the right to issue death warrants, something you don't otherwise admit for anyone else. What's all that precious "public choice" theory have to say on the topic ? [↩]
- Still to this day the principal, real-world use-case for Bitcoin as Bitcoin, rather than as a proxy for some fiat or another. Though in fairness S.MG's products are catching up. [↩]
- No, "you" don't hold any Bitcoin until and unless you control a full node that has a wallet. If for instance you're "using blockchain.info" then USG has your Bitcoin, and you use them, maybe, sometimes, at their pleasure. Or not. [↩]
- Nodes means "fully validating" nodes. The other version, the faux-nodes, the "not really nodes", the "I can't believe it's not a node" SPV nonsense are the ones that require the specification just like when an honest man meets a thief the honest man is Jim and the thief is Jeff the Thief - not the other fucking way around. [↩]
- Oh, of course you're the ones running non-nodes, who want to pretend otherwise, right ? [↩]
- What Makes America Great. [↩]