Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

implement "witness segregation" #451

Open
nathan-at-least opened this issue Nov 19, 2015 · 12 comments
Open

implement "witness segregation" #451

nathan-at-least opened this issue Nov 19, 2015 · 12 comments

Comments

@nathan-at-least
Copy link
Contributor

@nathan-at-least nathan-at-least commented Nov 19, 2015

Terminology note: In this ticket and in upstream "witness segregation" has nothing to do with zkSNARK witnesses.

Witness segregation is a refactoring of transactions so that the data-to-be-signed is grouped together, and signatures are separate. As for motivations:

This would be a notable deviation from upstream, so we need cost/benefit analysis.

@nathan-at-least

This comment has been minimized.

Copy link
Contributor Author

@nathan-at-least nathan-at-least commented Jan 18, 2016

These days a softfork-compatible protocol called "segwit" is on the roadmap for Core: https://github.com/bitcoin/bips/blob/master/bip-0143.mediawiki

Note this may be necessary for #559 or at least very relevant.

@zookoatleastauthoritycom

This comment has been minimized.

Copy link

@zookoatleastauthoritycom zookoatleastauthoritycom commented Jan 18, 2016

Segwit apparently greatly increases the efficiency of Lightning Network: #559.

@daira

This comment has been minimized.

Copy link
Contributor

@daira daira commented Mar 5, 2016

I am strongly in favour of implementing segwit for Zcash 1.0. It's closer to how I think the signing should have been designed in the first place.

@daira

This comment has been minimized.

Copy link
Contributor

@daira daira commented Mar 9, 2016

Arrgh, we probably don't have time for this :-(

@zookozcash

This comment has been minimized.

Copy link

@zookozcash zookozcash commented Mar 14, 2016

Segwit is even more mature now than last time we looked at it, and I think (uncertainly) that adopting segwit and requiring it for private-spends would ease/simplify the "how to bind Pours to txns" problem that we're currently struggling with. Also, it would be a big PR/marcom value if we could tell people that Zcash will have both segwit and 2 MB blocks (#765) at launch.

@zookozcash

This comment has been minimized.

Copy link

@zookozcash zookozcash commented Mar 14, 2016

We can't quite fit this into the engineering schedule before the Zcash 1.0 genesis block (https://github.com/zcash/zcash/wiki/roadmap), but we'll plan to roll it out ASAP, in tandem with Bitcoin Core's rollout of segwit.

And we'll announce that we're going to do so.

@daira daira added the maybe in 2.0 label Mar 16, 2016
@WyseNynja

This comment has been minimized.

Copy link
Contributor

@WyseNynja WyseNynja commented Sep 24, 2016

https://github.com/bitcoin/bips/blob/master/bip-0134.mediawiki "Flexible Transactions" might also be of interest

@daira

This comment has been minimized.

Copy link
Contributor

@daira daira commented Sep 29, 2016

I'm much more skeptical about segwit now than when I wrote the earlier comments. It's incredibly complicated and bundles together a scarily large set of changes. Most of the benefit can be obtained more simply by a hard fork to this approach that we very nearly included in 1.0: #1421

@karel-3d

This comment has been minimized.

Copy link

@karel-3d karel-3d commented Apr 4, 2017

Hello.

This is the nearest thread I found about this

I need to now implement parsing both zcash transaction and BTC segwit transaction. And bitcoin signals segwit in transaction serialization by using 0 as a "input count" and 1 as "output count"; because this is impossible in bitcoin, it means it is segwit transaction (and the actual counts follow, and the segwit is appended at the end, etc).

However, 0 inputs is possible in zcash, so there needs to be different logic for zcash and BTC in the parsing.

So, just to be sure, zcash will not support segwit, right?

And if it will, the serialization will have to be different anyway. :)

@daira

This comment has been minimized.

Copy link
Contributor

@daira daira commented Apr 5, 2017

It is undecided which approach Zcash will use to fix transaction malleability. Both segwit and FlexTrans (#2071) are under consideration.

@karel-3d

This comment has been minimized.

Copy link

@karel-3d karel-3d commented Apr 5, 2017

OK. So just letting you know that if you go segwit route, you will need to change the format :)

@zookozcash

This comment has been minimized.

Copy link

@zookozcash zookozcash commented Jan 27, 2019

Nathan has told me something like "let's spend our resources improving zaddrs and retiring taddrs, rather than improving taddrs". I agree. So unless we can come up with a user story in which users who use zaddrs are helped by this ticket, let's close it as wontfix.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
You can’t perform that action at this time.