Newsletters: add 59 (2019-08-14)

Author: harding

_includes/specials/bech32/22-priority.md

@@ -0,0 +1,35 @@
+We've frequently mentioned the fee savings available to people spending
+segwit inputs, but we've never before mentioned that you don't need to
+take advantage of the savings.  If you want, you can pay the same fee
+you would've paid without segwit in order to possibly have your
+transaction confirm more quickly (all other things being equal).  For some
+users, such as traders attempting arbitrage across exchanges, saving
+money may not be as important as faster confirmation
+for the same amount of money.
+
+To examine this idea, let's first generate a chart using Bitcoin Core's
+fee estimates that illustrates the potential fee savings available to
+creators of typical single-sig, one-input, two-output transactions:
+
+![Estimated fee in USD, Y=fee, X=confirmation target](/img/posts/2019-08-rate-over-time.png)
+
+We see that, in general, it takes longer for a transaction to confirm
+the less you pay---but users of segwit can often pay less per
+transaction for the same amount of waiting.  Now let's simply re-arrange
+the axes for the same data:
+
+![Estimated fee in USD, Y=confirmation target, X=fee](/img/posts/2019-08-time-over-rate.png)
+
+For a given fee, it's expected that users of segwit will sometimes wait
+less time for confirmation than legacy users, with native segwit users
+gaining the greatest advantage.  In these estimates, the variation in
+confirmation speed for different transaction types all paying the same
+total fee can be more than 6 blocks (about an hour on average).
+
+For users and organizations who have a fixed maximum price they're
+willing to pay in fees per transaction, using segwit could significantly
+reduce confirmation time for their transactions during periods of
+high activity.  Although this advantage only benefits people spending
+from bech32 and other segwit addresses, it's another reason to expect
+people and organizations will increasingly request your software and
+services pay bech32 addresses in the near future.

_posts/en/2019-03-19-bech32-sending-support.md

@@ -153,5 +153,11 @@ on bech32 sending support, from March 19th to August 28th, 2019.
 
 {% include specials/bech32/21-brd.md %}
 
+## Same fee, faster confirmation
+
+*Originally published in [Newsletter #59][].*
+
+{% include specials/bech32/22-priority.md %}
+
 ## Footnotes
 {:.no_toc}

_posts/en/newsletters/2019-08-14-newsletter.md

@@ -0,0 +1,99 @@
+---
+title: 'Bitcoin Optech Newsletter #59'
+permalink: /en/newsletters/2019/08/14/
+name: 2019-08-14-newsletter
+slug: 2019-08-14-newsletter
+type: newsletter
+layout: newsletter
+lang: en
+---
+This week's newsletter briefly describes two discussions on the
+Bitcoin-Dev mailing list, one about Bitcoin vaults and one about
+reducing the size of public keys used in taproot.  Also included are our
+regular sections about bech32 sending support and notable changes in
+popular Bitcoin infrastructure projects.
+
+{% comment %}<!-- include references.md below the fold but above any Jekyll/Liquid variables-->{% endcomment %}
+{% include references.md %}
+
+## Action items
+
+- **[Optech schnorr/taproot workshops][taproot-workshop]:**  Optech is hosting
+  workshops in San Francisco (September 24) and New York (September 27) on
+  schnorr signatures and taproot. Engineers will learn about these technologies
+  and how they apply to their own products and services, build schnorr and
+  taproot wallet implementations, and have an opportunity to take part in the
+  feedback process for these proposed changes to the Bitcoin protocol.
+
+  Member companies should [send us an email][optech email] to reserve spots for
+  your engineers.
+
+## News
+
+- **Bitcoin vaults without covenants:** In a [post][vault1] to the
+  Bitcoin-Dev mailing list, Bryan Bishop describes how pre-signed
+  transactions paid to scripts using `OP_CHECKSEQUENCEVERIFY` (CSV)
+  could allow users to detect and block attempts to steal their money by
+  a thief who had gained access to the user's private keys, a capability
+  previously referred to as providing *Bitcoin vaults.*  After
+  describing at length both the basic protocol and several possible
+  variations, Bishop made a second [post][vault2] describing one case
+  where it would still be possible to steal from the vaults, although he
+  also suggests a partial mitigation that would limit losses to a
+  percentage of the protected funds and he requests proposals for the
+  smallest necessary change to Bitcoin's consensus rules to fully
+  mitigate the risk.
+
+- **Proposed change to schnorr pubkeys:** Pieter Wuille started a
+  [thread][pubkey32] on the Bitcoin-Dev mailing list requesting feedback
+  on a proposal to switch [bip-schnorr][] and [bip-taproot][] to using
+  32-byte public keys instead of the 33-byte compressed pubkeys
+  previously proposed.  Compressed pubkeys include a bit to indicate to
+  verifiers whether their Y coordinate is an even or odd number.
+  This can be combined with an algorithm that allows verifiers to
+  determine two possible Y coordinates for the full pubkey from the
+  32-byte X coordinate contained in the compressed pubkey.  One of these
+  coordinates is odd and one is even, so the oddness bit allows
+  verifiers to pick the correct coordinate, preventing them from having
+  to try both combinations during verification (which would slow down
+  verification in general and eliminate any benefits from
+  batch signature verification).  Several
+  <span title="voodoo">mathematical</span> schemes have been proposed
+  that would produce signatures for keys whose Y coordinates could be
+  inferred without the additional bit (which is currently the only data
+  contained within a prefix byte).  This would save one vbyte for each
+  payment to a taproot output (potentially thousands of vbytes per block
+  if most users migrate to taproot) and 0.25 vbytes for each public key
+  included in a script-path spend.  For previous discussion about
+  32-byte pubkeys, please see [Newsletter #48][oddness byte].
+
+## Bech32 sending support
+
+*Week 22 of 24 in a [series][bech32 series] about allowing the people
+you pay to access all of segwit's benefits.*
+
+{% include specials/bech32/22-priority.md %}
+
+## Notable code and documentation changes
+
+*Notable changes this week in [Bitcoin Core][bitcoin core repo],
+[LND][lnd repo], [C-Lightning][c-lightning repo], [Eclair][eclair repo],
+[libsecp256k1][libsecp256k1 repo], [Bitcoin Improvement Proposals
+(BIPs)][bips repo], and [Lightning BOLTs][bolts repo].*
+
+- [C-Lightning #2858][] limits the maximum number of pending HTLCs in
+  each direction to 30 (down from the maximum 483 allowed by the LN
+  specification) and makes the value configurable with a
+  `--max-concurrent-htlcs` option.  The fewer the number of pending
+  HTLCs, the smaller the byte size and fee cost of a unilateral close transaction
+  because settling each HTLC produces a separate output that can only be
+  spent by a fairly large input.
+
+{% include linkers/issues.md issues="2858" %}
+[bech32 series]: /en/bech32-sending-support/
+[oddness byte]: {{news48}}#move-the-oddness-byte
+[vault1]: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2019-August/017229.html
+[vault2]: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2019-August/017231.html
+[pubkey32]: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2019-August/017247.html
+[pr pubkey32]: https://github.com/sipa/bips/pull/52
+[taproot-workshop]: /workshops#taproot-workshop

img/posts/2019-08-feerates.gnuplot

@@ -0,0 +1,50 @@
+#!/usr/bin/gnuplot
+
+set style line 1 lc rgb '#8b1a0e' pt 4 ps 0.25 lt 1 lw 2
+set style line 2 lc rgb '#5e9c36' pt 4 ps 0.25 lt 1 lw 2
+set style line 3 lc rgb '#0025ad' pt 4 ps 0.25 lt 1 lw 2
+set style line 4 lc rgb '#d95319' pt 4 ps 0.25 lt 1 lw 2
+set style fill transparent solid 0.5 noborder
+
+set terminal pngcairo size 800,200 font "Sans,12" transparent
+
+set grid
+set tics nomirror
+unset border
+
+CONF_RANGE=40
+USDBTC=12000
+## Byte size of typical 1-in-2-out tx from https://bitcoinops.org/en/bech32-sending-support/#fee-savings-with-native-segwit
+p2pkh=220
+p2sh_p2wpkh=167
+p2wpkh=141
+
+fee(vbytes) = vbytes/1000.*USDBTC
+
+set yrange [2:CONF_RANGE]
+set ylabel "Estimated wait time\n(blocks)"
+set xlabel "Fee in USD (1 BTC = $" . USDBTC / 1000 . "k USD)"
+set format x '$%.2f'
+set xtics 0.25
+set output './2019-08-time-over-rate.png'
+# Data generated using: for i in $( seq 2 1008 ) ; do bitcoin-cli estimatesmartfee $i ; done > fees.$( date +%s )
+plot '<sed -n "s/.*feerate...//p" ~/fees.1565306099' u ($1*fee(p2pkh)):($0+2) with lines ls 1 title "Legacy P2PKH" \
+  , '' u ($1*fee(p2sh_p2wpkh)):($0+2) with lines ls 2 title "Hybrid P2SH-P2WPKH" \
+  , '' u ($1*fee(p2wpkh)):($0+2) with lines ls 3 title "Segwit P2WPKH" \
+
+
+unset yrange
+set xrange [2:CONF_RANGE]
+set ylabel "Fee in USD\n(1 BTC = $" . USDBTC / 1000 . "k USD)"
+set xlabel "Estimated wait time (blocks)"
+set xtics 5
+set ytics 0.5
+set format y '$%.2f'
+unset format x
+set output './2019-08-rate-over-time.png'
+plot '<sed -n "s/.*feerate...//p" ~/fees.1565306099' u ($0+2):($1*fee(p2pkh)) with lines ls 1 title "Legacy P2PKH" \
+  , '' u ($0+2):($1*fee(p2sh_p2wpkh)) with lines ls 2 title "Hybrid P2SH-P2WPKH" \
+  , '' u ($0+2):($1*fee(p2wpkh)) with lines ls 3 title "Segwit P2WPKH" \
+
+system("optipng -o7 ./2019-08-time-over-rate.png")
+system("optipng -o7 ./2019-08-rate-over-time.png")