Bitcoin Forum
May 09, 2024, 10:40:18 AM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
   Home   Help Search Login Register More  
Bitcoin Forum > Bitcoin > Development & Technical Discussion > Why are pubkeys used in HTLCs instead of pubkey hashes?
Pages: [1]
« previous topic next topic »
  Print  
Author Topic: Why are pubkeys used in HTLCs instead of pubkey hashes?  (Read 99 times)
colatkinson (OP)
Newbie
*
Offline Offline

Activity: 13
Merit: 4


View Profile
December 28, 2017, 09:16:42 AM
 #1
Every resource I've looked at seems to suggest that the HTLCs used by LN are roughly of the form

Code:
HASH160 <revokehash> EQUAL
IF
    <Bob's pubkey>
ELSE
    "24h" CHECKSEQUENCEVERIFY DROP
    <Alice's pubkey>
ENDIF
CHECKSIG

Why was this was chosen instead of a variant based on the hash of the public key, similar to the standard P2PKH script? Something like

Code:
HASH160 <revokehash> EQUAL
IF
    DUP HASH160 <Bob's pubkey hash>
ELSE
    "24h" CHECKSEQUENCEVERIFY DROP
    DUP HASH160 <Alice's pubkey hash>
ENDIF
EQUALVERIFY
CHECKSIG

I'm sure that this could be expressed more elegantly, but whatever. If my arithmetic is on, doing so would shave off 19 bytes per script (64 bytes for two pubkeys vs 45 bytes for the two hashes and 5 extra opcodes).

So what's the catch? Am I missing something important in the script? Any insight would be appreciated.
1715251218
Hero Member
*
Offline Offline

Posts: 1715251218

View Profile Personal Message (Offline)

Ignore
1715251218
1715251218
Reply with quote  #2
1715251218
Report to moderator
1715251218
Hero Member
*
Offline Offline

Posts: 1715251218

View Profile Personal Message (Offline)

Ignore
1715251218
1715251218
Reply with quote  #2
1715251218
Report to moderator
1715251218
Hero Member
*
Offline Offline

Posts: 1715251218

View Profile Personal Message (Offline)

Ignore
1715251218
1715251218
Reply with quote  #2
1715251218
Report to moderator
"If you don't want people to know you're a scumbag then don't be a scumbag." -- margaritahuyan
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction.
colatkinson (OP)
Newbie
*
Offline Offline

Activity: 13
Merit: 4


View Profile
December 28, 2017, 11:21:32 AM
 #2
Wow, I'm an idiot.

P2PKH transactions are not actually smaller than P2PK transactions (I swear to god it was in the wiki somewhere, but I can't find it now for the life of me). While the redeem script is smaller, the full public key now has to be included in the input script, making it much larger. And here I was thinking I made some magical space-saving discovery Grin
haltingprobability
Member
**
Offline Offline

Activity: 98
Merit: 26


View Profile
December 28, 2017, 02:36:51 PM
 #3
Quote from: colatkinson on December 28, 2017, 11:21:32 AM
Wow, I'm an idiot.

Happens to all of us. As I was falling asleep last night, I realized that I've been consistently thinking that the private key space for secp256k1 is 2129 when it is actually 2256-2129, a vastly larger number, close to 2255. Duh.
pebwindkraft
Sr. Member
****
Offline Offline

Activity: 257
Merit: 343


View Profile
December 28, 2017, 02:47:39 PM
 #4
Quote from: colatkinson on December 28, 2017, 11:21:32 AM
Wow, I'm an idiot.
that doesn't make you an idiot - au contraire, mon ami!  Cheesy Wink
With a P2PKH you have roughly 227 bytes per tx, but when you use the full public key (compressed or uncompressed), it get's a bit longer. A good summary was here: https://bitcoin.stackexchange.com/questions/1195/how-to-calculate-transaction-size-before-sending-legacy-non-segwit-p2pkh-p2sh
And yes, multisig and CSV/CLTV or any smart contracts increase the size. And then of course segwit, decreasing size :-)
Pages: [1]
  Print  
Bitcoin Forum > Bitcoin > Development & Technical Discussion > Why are pubkeys used in HTLCs instead of pubkey hashes?
 « previous topic next topic »
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!