Burak (Bitcoin researcher/developer) joins me to talk about Ark, a new protocol for Bitcoin scaling and privacy. We chat about:
- Downsides of LN
- High level overview
- ASPs, vTXOs
- Other criticisms
- Interactive vs non-interactive versions
- Covenants and what they’d mean for Bitcoin
Relevant prior episodes:
Stephan Livera links:
Stephan Livera 00:00:00
Burak, welcome to the show.
Yeah, thank you for having me. It’s exciting, times ahead. How’s it going?
Stephan Livera 00:00:07
Yeah, for sure. So I saw you recently announced arc at the Bitcoin Conference in Miami 2023. And I know you did do a talk about it previously at BT C++ and you’ve been talking about it in previous, let’s say iterations, I guess previously known as TBD XXXX. So do you want to just start with a little bit? About what got you here and I guess you were talking about some of the issues that you saw with lightning that caused you to actually try and create this. So do you want to elaborate a little bit on that?
So, yeah, maybe to give you a little story of myself. Yeah, I started initially on a big book or sort of camp with big blockers camp. Later I got introduced a big control liquid and then I did some like code and research and development. For about two years and recently I started to shift my focus to lightning like about. A year ago, I shifted my focus to lightning. And you know, the more I explore the lining, the more I realize. Well,there are, like, certain problems there. I mean, I’ve always obviously had objections to lightning, like from sent. My objections were sent through around UX end user UX, UX hurdles, onboarding and the entry buried on the onboarding like from you know inbound liquidity. To, you know, interactivity requirements and to you know sync receiving and all that. And I wanted to address these problems because like you know, I don’t know like I’m obsessed with you, X. I’m, you know, almost as a Bitcoin scaling and privacy too. So I really wanted to, you know, address these problems and I’ve because to me, like if really something work like 9095% of the time it’s doesn’t really work. It has to be like frictionless and from what I’ve learned like you know, over the past three years like people are lazy like people do not want to manage liquidity, they don’t want to, you know self-host like you know it just has to be frictional like should just be. Piece of down a piece of software you download just like an orange and like just like an engine would UX. You have an address you should just get pay from the address. You can pay for someone your friend of you like to that to I mean to their address should be as seamless as launching your ex. The ideal UX should be as convenient as an aching. Or light, lightning and lightning. While we have invoices, you have to be online to receive. You ideally have to self-host. You have to make sure that you have enough involving quality to receive. Payments you have to take care of your management. You know, rebalancing, you know, splicing and all that. You know, you have to acquire liquidity in the 1st place to receive like a payment protocol. So lighting is a you know, it’s a protocol. It’s the only layer two we have on Bitcoin. Yes, it’s great. And layer 2 by definition is like it’s a piece of different software. You transact Bitcoin off the chain without polluting our chain, and you can, you know, literally exit on chain at any time. By that definition, lighting is the only layer 2, but it has some problems. You know for the end users end users, it just has to be frictionless and that’s what I try to do like that’s what I try to address in the 1st place like to address these UX problems.
Stephan Livera 00:03:04
So what would you say? So just while we’re here, what would you say to let’s say that as I’m sure you have seen, obviously I’m sure you’re look. At the space that there have been some pretty big improvements over time, at least if we compare lightning in 2018 and 2019 to lightning today in 2023, there are at least consumer grade wallets and things. As an example, things like Phoenix or Breeze or things like this that at least smooth over some of those aspects for the consumer. What would you say about this? Would you say it’s still not good enough in your view in terms of the reliability or the async receiving capabilities?
Yeah, it’s not about being good enough on that. It’s about like being proper. Like, it’s about being like, it’s like to me like it’s a binary option. It’s like either works or not and it’s just not middle ground there like improvement. Well, we we’re seeing improvements. Yes, lightning can be improved. Yes, with PCs and for instance, with PSCS you can tackle offhand receiving problem like. Offline receiving problem and proof of payment problem at the same time. But you still have this fundamental problem of inbound liquidity, which no problem, no solution can solve to me like it’s a bug like it’s a fundamental issue. No Lightning is a protocol like it’s a network of payment channels and it is funded. Mentally constrained by liquidity deployed on these channels. I don’t see. Like how you can improve on that. What you can do like you can do something stops and all that and you know some lightning walls we’ve seen like who claims to be non-custodial are based on this summary swap model, but it’s inherently unscalable but they’re trading off the convenience versus on chain footprint. Which might work in the short term, like in in a short term, but it’s going to blow up and we’re seeing that right with recent incidents like ordinance craze, FEMA market because lightning is a layer too that because lightning heavily relies on the base layer to. Right. It’s heavily reliant on the free market and if, if free market is it if the free market goes crazy, it makes and in fact it may it we’ve seen the key lighting unreliable and so that it has to be just properly set like it has to be well told and it has to be frictionless yet should be footprint minimal. In fact, like, we’re not seeing an increase in, I think like when you see the Member dot space data like we’re not seeing an increase in number of like of lightning us, especially after this you know like 2023 since the beginning of 2023, we’re seeing in fact the opposite spike in custody widening usage. When you look at like top ten custody wedding rolls, download statistics apps are in place. During we’re seeing a spike because I think it plays, you know, most and these apps they played a. Huge role in this because they highly incentivize the cost.
So consider your custodial preference, because custody of your ex is the only UX we have. Like it’s the only lightning UX that. Can work because. Of the mainly because of the entry barrier to onboarding. So that’s the main. That’s the main problem in faces, right? Like you have you need money to receive money and you in order to for the system you need money like you need money, so I orange peel you IE for the first time and I want to I want to send you some sets overlaying. I simply can’t because you don’t have any channel in the 1st place and you have to for some reason like somehow, we have to we could like in the 1st place and it’s not only like not convenient, it also doesn’t really scale like both in terms of footprint and in terms of liquidity allocation like inbound liquidity do not scale the entire planet. And I know that might sound a topic idea, right? Like onboarding the whole planet in an unconstitutional way. In the end, we will probably end up having like spectrum of solutions from full custody and to the custody. Maybe some like federations and in the middle. Maybe, probably, yeah, realistically, but at least I think we should give the entire planet an option. The self-custody option. The option at least should be there. It should be available to people, but I don’t see the option to like. I don’t see. A way of lightning achieving that with its current form and in fact in any kind of. Future fun because it’s fundamentally constrained by inbound equality. But that’s what I wanted to address in the 1st place, like on the arc and in fact it started as a lightning bolt idea, so I wanted to address these problems, especially in molecularity. The initial idea was, you know, I wanted to build a Lightning wallet, not to solve. I mean it kind of I mean, I tried to address mainly. The like the offline receiving problem and the footprint like we can’t, we can’t tackle the non-interactivity like interactive issue IE using like One Direction like unidirectional. So when you have like a unidirectional setup. All channel states are always in your favor so that you don’t have to be online to sign for channel pages and all that, and we can tackle the on chain footprint using like a shared Excel model. CCTV style or NFN multi 6 style. But I really couldn’t find a cure for the inbound liquidity and I think it’s like a fundamental problem. Lot of lightning. I think it works great for vendors because if you’re a vendor your cash inflows are predictable, right? Your demand is in settlement and you can run a specialized software in a PPO stream or something be this space server, right? OK. But if you’re any user, you just don’t. It’s unpredictable, like how much you’re getting paid. He sometimes receives explanations. Remittances are highly unpredictable. And you simply cannot entirely like. It’s just, not convenient, right? And that’s what our trying to address. It makes the end user UX frictionless, friction free. There are tradeoffs, certainly. I think it will come to that, but it’s offloads complexity from end users to the service providers. So online like it’s a channel setup that’s it’s me and my channel. And we are equally responsible for the liquidity me and my children are equally responsible for liquidity for managing liquidity, for making sure in my at least from my standpoint, making sure that if me having enough in my liquidity to receive but on our or flows my complexity on my end complexity on my end on my edge. Like on my end into the service provider. So service providers job is like my service provider is akin to my channel partner right. It’s kind of a channel design too. It has similarities with learning arc. So, if I Close complexity into my channel partner and channel partners job is like 10X the more difficult. Now, like my channel partner has to do more liquidity allocation. All that but mine in exchange like for my convenience I do not have to take care of anything like I can receive without a second thought. Like how an Unchained mode, like how on chain funds flow just like in how unchain mode works.
Stephan Livera 00:10:06
OK. So let me just summarize a little bit there because there’s a lot in that. So as you were saying, I think the main criticisms you have like fundamentally the main criticism you have is the one of inbound liquidity right in lightning you need a light, you needed somebody to open a channel in your direction or in your in some cases you might open a channel and make payments and now you’ve got inbound liquidity. But I think the point you’re trying to make is that in terms of scaling that and having lots of people have inbound liquidity, maybe there’s a capital requirement problem there. Now I guess the Lightning bull answer would be oh, look, there’s LSP’s to do that lightning service providers. But I think part of what you’re saying is this idea that having a different protocol might smooth the user experience. I think that’s I guess that’s essentially the argument you’re making, which. That by having this new protocol arc, which we’re going to talk about in more detail, basically it allows people to receive without first having inbound liquidity or having to have an LSP open a channel to you. But there are other trade-offs associated, right? It’s not a free lunch. There is no free. Lunch. But we would be using an ASP instead of an LSP in this example. Alright, so do you want to just explain a little bit? Let’s try to keep it accessible for people as access. So as we can, can you give us like a high level explanation of Arc and how it works for people?
So guys, arc is a layer too, just like lightning. It’s an option protocol. You move Bitcoin just like lightning off the chain without polluting orange chain in a privacy preserving way. It does a bit of a better job compared to lighting in terms of privacy, but it scales Bitcoin transactions off the chain. It’s a Bitcoin scaling layer, right? It’s a scaling protocol. You move Bitcoin. Just like lightning, but in in a better UX you have a better UX like I would say like 10X it’s lightning but with a better like 10X better. 10X Better UX for end users. And it’s interoperable lightning, too. And in fact, Arc is feels like, feels like a subnet of lightning, although it’s a separate distinct protocol. Like Arc is a distinct layer too, like org is a layer two, lighting is a layer, two lighting is the only layer two we have on Bitcoin or is the second like there is no third? I mean obviously today there is no second. When arc is there, when once we ship arc, it will come to that in a second, but once arc is there right on mainland roll out. After Maine rollout, it’s if it’s there like there is no third. I mean assuming we have assuming we don’t. Have sympathy. No, nothing. There is lightning and there is arc. Arc is a layer too it’s a distinct layer two just like lightning. You move Bitcoin within this protocol without introducing involving the problems, assumptions your assumptions without introducing hopefully non interactivity. Assuming we have confidence, I guess we’ll come to that in. A second also and also preserving the receiver privacy so it does what lightning does but better for end users. Their trade-offs obviously. But Arc is a liquidity network similar to lightning, so it has similarities with lightning. So just like lightning you have liquidity providers, IK service providers on lighting. We call them lighting service providers. It’s a hub and spoke model. There’s central hubs. There are also some like small scale routers. Same goes to ARC 2, but org can ideally have. I mean, in order for the arc to work really and scale liquidity, the entire plant, we should ideally have. Smaller hubs, but are Federated ones like less but Federated instead of more but single. So we have liquidity providers, service providers. I mean we have service providers just like lightning service providers provide liquidity just like lightning and they charge liquidity fees just like lightning. So it has a bunch of similarities. And art is kind of like Arc is not. A state channel design. It’s not roll up either it is kind of its own category like. I don’t know what the category for this should be like. It is a distinct layer too, with a distinct design like it’s so it’s like it’s like a recipe from different sort of ingredients, but it’s not a stage chain it is. I don’t know what would be what would the category I mean? What would be? I mean what? Category could this be like? I’ve no idea, but it’s like it has similarities with lightning. It has similarities with E cash it has similarities with coin join. It has similarities with, you know, Bobby Sabi and the Orange Chain and you know, into the side chains.
Stephan Livera 00:14:34
OK, so let’s just try and walk through some like a simple I guess I’m gonna explain how I how I’m understanding it in a simple way and then you tell me. What I get wrong or what to add? To that. So as I understand, the user in this case is, he might have some on chain Bitcoin and he wants to put it into arc and he goes to an ASP and he’s creating Vt XO’s like Virtual TX virtual output and we can trade them all around in like using the ASP. And then the important point, as you mentioned is that the user can unilaterally exit, right? He doesn’t have to ask the ASP for his coins back, he can just unilaterally take them back after. I think a 24 hour window and so as I’m understanding it’s sort of each round. It’s like a round based mechanism where there is. Sort of like a coin join and there’s like continual transactions going to sort of advance the rounds forward, but there’s also a time lock aspect where if you put your coin into an ASP or into a VTX O, it takes there’s a four week time out where you your wallet needs to come online. And to refresh or otherwise the ASP can take your coin basically. But is that kind of a high level understanding there?
That’s quite an accurate yeah explanation. So I think the better analogy, the best analogy would be sightseeing analogy. So you can think of work as a side chain. A trust is but a trust is 1A, trust is 2 apex sidechain. I know side chains are a different category, I mean because we don’t have trust side chains, we have merge mine and Federated. But the better analogy would be, let’s say you possess a set of Uggs. It’s their own chain funds you have on China check sales and you want to pick in and you pick in. Through a process called lifting, it’s a buzzword, but you basically lift your UTX cells off the chain by depositing your UX cell to a script. We call it an ATT script and creating a contract script or, but I’m the better analogy would be here like depositing to a 12 to multi sick because. It’s also tough tool in arc. Is smooth lighting on that like you pick end to arc with you really take cells by simply finding a Bitcoin address and Bitcoin addresses are too often just like lightning. Just like how you open Lightning channel, you’ll find the. Two of them but this is a special type of turf too. And once you find that tofu and sit, that total is between you, right, the user and the service provider. Just like mine is like a channel. And from there you are in the system. And then once you’re in the system, you have virtually take so that two of two is virtually you take so right you funded that VTX. So with your actual Bitcoin and you have a BTX, so you are in the system. So far we polluted on chain right by making an on chain transaction by funding this VTT Excel on chain but further steps from here are minimal footprint minimal. Everything takes place in a coin join, like an off chain coin join in. In the rapid off Chin coin join runs. So I have a VTT excel. I could have I Can have a bunch of VTC cells. There are other people, other protocol users. They also have their vitals. They can either acquire VTX those from exchanges from a friend, from someone, a third party, or they can directly pick in to the protocol with their own. To them, so I have Vxo and we call it a vxo set just like a UTXO set, and you have a piece. Of software, right? A wallet, a client wallet, and you have a set of ETX cells. There are other people could be and they could use different modes, different softwares, different or compatible walls. They have the2ir own V excels, and when you make a payment, like when you make a transfer, you coin selects just like covered on chain mode works right? Stick an on chain wallet you coin selects. Your V excels and you join a coin join round, but this coin join is viewed. This country is doesn’t have hundreds of inputs, hundreds of outputs. This coin join is weird in that it only has like one input and like 3 outputs and you are. So you are not supplying your VTX sales as input to this coin join because they are not on chain like you can only supply. Change funds to Bitcoin transaction which exposed they live. They live off the chain, right? You cannot supply funds to coin join and launching transaction. So what happens is you redeem your VTX excels in exchange for the service provider to provide funds to their own coin join transactions and this coin transaction is like few inputs and these inputs are provided by again the service provider and they provide inputs in exchange for redemptions. Redemptions at a later point, just like E catch, right? Like they’re like E cash tokens are like short lived notes, right? And when you make a payment, when you make a payment on the E cash, you redeem your tokens. In exchange for avoiding pain, it’s very similar to redeem your tokens. In this case, V excels in exchange for coin join, right in exchange for the service provider to provide their own money, their own launching faster coin join, and they can claim it at a later point on chain my funds. The later point, after four weeks, so the inputs are minimal, right? Inputs are provided by the service provider, one or more inputs. So this is an actual Bitcoin transaction, right? This coin join it was like one or more. Lots and three outputs, so I’ll put like I’ll put the first output is a shared you takes up, so that’s. That’s how, like, that’s what makes orc like an orc like it’s based on the share you take some model and this shirt you take. So perhaps some of your family with coin pull channel factories and all. That so it’s just like. How the coin pull works, right? It’s a ship you take some model and you have a bunch of outputs that nests in that excel in a high level. You have a transaction output and you constrain the descendant of the transaction output like the subsequent transaction spending transaction. From the output, you constrain it the outputs of that transaction in advance of funding the output. So that’s what covenant covenants is or a way to constrain. Purpose of a spending transaction in advance of funding the Bitcoin output and these outputs are the V Texas. And they’re kind of like, they’re, like, kind of like aggregating, batching bunch of Vt cells under the shady T cell, which can be revealed at a later point. You can reveal them on channel if you want to like components give you that assurance scripting in the scripting level. Can you reveal opposite related point but you don’t have to and you do it. Only in a in a dispute resolution case, just like a forced closure on lightning. So that you have a coin join with three inputs like 3 outputs.
Forget about wrist you have like 1 output. It’s the shape it takes up and then shift it takes up, contains the intent entries like the. We take some of the intended recipient among other recipients. And you, like you are redeeming your VTX. O in exchange for the intent, the Vt itself, the intended recipient, and the inputs, the fund that the shady taxor are provided by the service.
Stephan Livera 00:22:39
Let’s see. And so can we talk a little bit? Is there like a change output here or is it more just like as an example, let’s say I, I quote UN quote peg in, I don’t know, 10 million sats just as an example. And I make an arc payment to you for 2,000,000 sats. Is it sort of like the my balance? Let’s say my quote UN quote balance with the ASP goes down to 8,000,000 sats because I’ve made a 2,000,000 payment to you. And as part of the ASP. The ASP is kind of helping me manage that, shared UT XO and because I’ve paid out let’s say 2,000,000 sets to you now my New Balance is 8,000,000 sats, something like that. But we’re using covenants to sort of restrain the outputs.
Yeah, yeah, of course. Like. So if you have like 10 million sets, you have like 10 coins, like 10 Vt sales each 1,000,000, right? Each 1,000,000 worth 10-10 you take souls 10 we texels. And if you are sending 2,000,000 so. You can select 2V pixels each or two million each word 1,000,000 coin select two we take cells again each word one meal. You join the coin, join you register for your VTX cells, and then you register for the outputs of the intended recipients, right? And this is based on the public key. Like you know, the public key of the Internet. Already it’s like asylum payment style. Maybe we can come to that in a second, but you join a coin, join you, register you coin, select two inputs, each one meal, and then you register for the outputs of the intended recipient, and then you in the third phase it’s just like a coin join like it’s in three phases, input, registration. Output registration and the signing phase in the first phase, we register for the VTX. We’re spending on the second phase. We’re registering for the Vt sales of the intended recipients. Which goes under the shared otixo and then on the third phase we sign and we call it anchor. We anchor or coins like 2 coins we coin selected into the coin join transaction using atlc so atcs.
Is the magic like it’s? It’s like it’s how we ensure the atomicity here, like the atomicity between my AT my coin my two coin each one meal and the coin join transaction and ATC’s are based on TX logs. So TX log is it is a new kind of primitive I made-up. You’re probably familiar with the and hatch logs and time logs, right? Hash Log is a condition in which you satisfy preimage against this hash time log is you satisfy the current time existing time against. The predefined timeout and the TX log you satisfy Bitcoin script. Against predefined transaction ID. So in order to convince like satisfy Bitcoin scripts you have to prove the script Bitcoin scripts that a particular transaction ID exists and in the our context when in the anchoring phase right in the third coin. In face when I do the anchoring stuff, anchoring my 2 coins right each one meal into the coin tray. Action I sign at X log from my atlc so you know we have like 2 coins. They’re like lighting channels, right? We made this analogy. We have two coins. It’s one of these points or two of two just. Like a lightning channel. And just like in the Lightning channel, you attach HTLC to a channel, right? You have you attach DLCS to two of the channel and all you attach a KLCS to each coin. And in this outcome text it is like a channel it’s. A software I. Attach atlc’s to my two of two coin VXL and from there I format X log between my atlc and the coin join transaction and the TX log. In order for the ATLC to be claimed by the service provider, the transaction ID of the Coin joint transaction has to exist. If there is a double spend I anchored my coins into a season to coin your transaction because it contains the coin contains my intended recipient, right? I want this transaction to be confirmed if it’s double spend and the mempool level right. I you cannot as the service provider cannot claim my ATC. Aka attach htdocs in order for them to be claimed. The transaction ID of the coin has to exist, it has to be confirmed so that it creates an atomic single hub payment schedule. From the center to the recipient, the recipient.
Stephan Livera 00:27:40
OK. So one point, I’m not quite following there is you’re saying the transaction has to exist and this part is that the part where the ASP has to regularly do on chain transactions to keep the protocol running?
That’s not that. So like.
Stephan Livera 00:27:55
That’s another thing. OK, so can you explain what’s the point about the transaction has to exist?
Yeah, transaction has to exist. ASP has to make sure that it exists and it should be do. It should take care of feed bumping and all that to make sure that it exists because if it’s not, you cannot claim. Funds you, you cannot the recipient funds.
Stephan Livera 00:28:15
When we’re talking about transaction has to exist. Do we mean like my peg in? Or what transaction are we talking about?
This is not peg in so we are already in the system, right I have.
Stephan Livera 00:28:
Well, we’re already in and this is talking about VTX’s moving from one person to another inside the ASP. You know, arc system, yeah. Yeah, we destroy. We take cells, we create new. We take cells, we destroy coins.
Stephan Livera 00:28:34
Gotcha. Yes. Yep.
Stephan Livera 00:28:34
We create new coins just like how unchanged.
Stephan Livera 00:28:38
And that takes place in the country.
Stephan Livera 00:28:39
OK. And so then I guess one other question around receiving like obviously today when we’re doing lightning, you know, I say hey, Barack, give me a lightning invoice and I’m going to pay you etcetera. How would it work in an arc context? As I understand you have just like it’s like having one address.
It’s just if you’re familiar with silent payment, it’s a silent payment style construction, so you have an address from which you can get paid and you can pay to, right? You can add that address to your Twitter tipping. You can send it to friends and family. It’s reusable forever. And it doesn’t violate the privacy. There is no address reuse, although it’s a dedicated address and it’s going to be your npop in our context. So it’s going to be your npop. It’s going to be like WhatsApp UX, you have like an address book, people you’re following and then you pick one, you know the and Bob the recipient already and then you type in sets. And then you’re good to go.
Stephan Livera 00:29:37
OK. And so I guess one other question related to that is how do you know when you have been paid, so let’s say Barack, you generate your in pub or your arc public key I sent you 2,000,000 sats. How do you know you got paid?
So I do like I know the recipient, I know the M pop of the recipient and then I add tweak, add some family value to it. This, the family value is a random value because it’s weak add. It obfuscates the the you know the dedicated address right on the trace. I mean it prevents the address. Because no one can tell what this, what this public keys belong to. Because we I’ve just added a random value to it. So it just looks like a random address on the protocol. You cannot associate it with like the dedicated address to the intended recipient. And this experimental value I send us a fair amount like a 32 byte string byte string along with some additional info right? The payment value, payment amount, maybe some payment note out of band to the intended recipient?
Stephan Livera 00:30:44
So I might have I send you an out of band message to tell you. Ohh hey Barack. Here’s my payment for 2,000,000 sats that I’m making through the arc system. I guess this is kind of like lightning has gossip and Lightnings. You know, peer-to-peer layer where people where the nodes are talking to each other. This is a similar kind of thing, but maybe. It doesn’t have to be through one particular way. I could have sent you that through and could have through like an e-mail or a Nostra DM. Or some other thing,
Yeah. It can be out of band in any way, but it’s going to be Nostra DM by default. We’re gonna use nostril as a transport layer in this case. So you’re gonna receive DM. The DM pops up on your DM like payment info. Like a payment info. You there’s from the center of the payment lets you know about the payment info, the family value and the additional info. And you receive a DM you go check the pull transaction, the coin join ID right like the sender lets you know about your destination. The destination of your coins, the destination of your VTX cells, the transaction. Coin join transaction ID and the output index of your VTX cells and the infernal value in one DM in one package, and you go check out on chain data like when you’re offline. So when you’re back online, you receive, you realize you received a DM from someone, a friend who claims that you. They send you a payment, say 500 sats. You know, under this constraint transaction ID ABC XYZ and your odd point, you know the VTT Excel index is like 1235 and then you go check out on chain data. You’ll see that OK, there is this transaction ID, it’s legit. It exists, confirmed like a while ago. And you got also check my you know your odd point index the vote index of your coin that. We take so that is also legit also few other validations and then you say OK I see. It’s legit.
Stephan Livera 00:32:50
So can you just explain that part? How do you, how are you checking? So let’s say you’ve received this, you know 500 that’s how are you, where are you going to check that like where is your wallet going to check that information to see? Ohh yes, I got the payment.
So you first check the transaction ID, right? The coin join transaction ID is like one input like 3 output transaction on chain. And you have that transaction in every five seconds and the message in your DM contains the transaction ID. So you first you go check the ID and then the message also says tells you about the destination. The award index of your Vt Excel plus the whole content, the whole content. Of the shape it takes you will be not snuggle. It tells you the destination of your. So but it Also tells you about the rest of it excels so that you can compute the route. I mean the script pub key or pre compute the recompute the script key of the Excel based on the contents of all Vt cells nests under that VTX cell.
Stephan Livera 00:33:39
Shaggy too, Sir. You do the competition and you see OK. I see the. Whole contents, right? They’re like, say, like hundreds of VTX cells under this shady T cell. And here is my index is like 1235. Right, unless thousands of indexes and in my index 1235 index I see it right. They see it I mean, I recomputed it. And I also see that, OK, this is very low value. And my dedicated public key when a TV ad, it also match its match right on my VTX Excel Index is a match. The script copy of my VTX index is a match. It matches the tweak, the tweak, the family value, and my dedicated public key, and I also reconstruct the scripting like the ATC script, and we take the script so that OK, this transaction exists the whole content is available to me the sheet you take your content. And I know what my VTX so like void ID is and I see that it’s legit the scripting the atlc scripting and the vxo scripting is Ledger. So this is a properly built payout. It’s a proper payout it’s alleged payout, yeah. And then I consider this payment if it’s confirmed right, final. If it’s not confirmed if I’m not. If I’m online, I’m receiving. Right, you have to wait the confirmation origin confirmations to consider it final, but it doesn’t prevent you from spending it like. It is immediately available to you the payment you receive. If it’s not confirmed, it’s in the Mempool it can? In theory, be double spent, double spent by the service provider, not the sender. It can be solely that will spend by the service provider who created this transaction the one in three-hour transaction coin join in the first place. It can in theory be double spend in the Member level, then that’s why you have to wait for confirmations. In theory but it has immediate availability to you. The funds you receive, they have immediate availability just like just like how you can transactions on Mempool Bitcoin. You can hand over Vt sales to others.
Stephan Livera 00:36:21
So I guess to explain that, so the point is you can immediately spend them forward, though theoretically it’s possible that you kind of get rugged in terms of the mempool like the ASP trying to double. On that coin. But as I understand from what I was reading in the dialogue and some of your what you were saying, some of these ASP’s might also be an LSP as an example. And then you might have made that payment like you might have received that, you know, let’s say I pay you 2,000,000 sets on arc and you might pay for you might be making a payment to some other guy. 1,000,000 sats. And lightning or something like this? And yeah, at that point, the ASP has already sent out the Lightning payment. So, you know, they would be out their own money if they try to rug you.
Yeah. Yeah, so and you already paid a lining invoice anyway. So in that case, again, because it has immediate availability that you can also pay riding invoices with it. But there’s two types of transfers, like just like cash, you can make internal transfers ecash style, or you can make you can pay lightning invoices, and when you make lightning invoice with the entire money receiving. To a vendor to a wedding vendor, you can consider it final, although it’s not confirmed yet. You already paid an invoice. You obtain the preimage from the vendor, so it is a final payment. So Eric is a protocol with. Delayed finality, but immediate availability funds are immediately available to you. You can hand over to someone can pay invoices with them, but they are final. At some point you know after several confirmations.
Stephan Livera 00:37:50
OK. So just to expand or just to just so I can understand the finality versus settlement component or availability versus settlement, I’m not sure the right term. But as you were saying, it sounds like there’s 5 second intervals. So basically, on five second intervals you could have been paid money. But in terms of considering that confirmed, we would wait until there’s an on-chain confirmation really for there to be like in theory final settlement or at least on chain to the level that you can consider an on-chain confirmation final. Right.
Yeah, that’s true. Funds are available to me after 5 seconds, but it’s final after 10 minutes. So, if I’m receiving payment, it’s available. It my balance is credited after 5 seconds once it’s in a transaction, right? But it’s confirmed once it confirmed it’s final.
Stephan Livera 00:38:40
One other questionnaire around the ASP side. So, let’s say it’s on the ASP now to get that confirmation within 10 minutes. What if the AMS? What if the block space fee market runs away from them like they put this transaction in at $0.10 to buy it and all of a sudden it? That’s up to 50 sets a byte. Is it on the ASP now to do some kind of RBF or some kind of operation to make sure it confirms in the next block?
It is ASPCA burden and responsibility to make sure that the pull transactions of the coin joints that they create ends up in a block. It’s their responsibility to do.
Stephan Livera 00:39:14
OK, so let’s talk a little bit about the ASP side of this, right. So can we just walk through a little bit what’s involved from the ASP side as I like, I guess at a high level I’m thinking and from what I’ve read as well, it sounds like there will be if we’re calling them an ASP or ASP coordinator, that there will be a high capital requirement, right, that they need to have a lot of coin. Themselves in order to really run a big a proper ASP, because users might need that like it’s kind of like it’s, it’s like a similar thing to being an LSP today that you need a lot of coins in order to be able to manage people’s channels. It’s a similar kind of thing, right? So could you just explain a little bit the from the ASP point of view what’s going on?
So it’s very similar to, let’s be like, let’s be have a bunch of outgoing on inbound channels, right, to make sure that they provide the service properly for any. It’s similar in ASPs like you have to provide liquidity, a bunch of channel channels, bunch of liquidity for the subsequent coin during sessions, right, because you have a new coin join in every five seconds and you need to have enough liquidity on hand like launching funds available to you so that you can provide liquidity for this coin joints and you lock up funds. In every five seconds. So on an ongoing basis, you’re constantly providing liquidity and liquidity gets excel. So at some point, so you have to make sure that you have enough liquidity for the ongoing point and transactions and the liquidity you lock up IE for four weeks only be revealed to you like available. After four weeks, so you have to have make sure that you have enough liquidity to provide liquidity for the whole month.
Stephan Livera 00:40:50
I see. So it’s. Kind of like it’s. You are basically not able to use those coins for four weeks I guess and because obviously this is a full reserve system, right? There’s no fractional reserve here, right? So also in terms of the ASP’s, do they need to get a transaction confirmed into every block or how does how does that work?
Yeah, so ideal. So in theory, yeah, like there could be just one transaction, a block, right? In theory, that works in fact like IE you have a coin during session in every 10/20/20 minutes. Right, like in every two blocks. Here we got. It we it’s we got a bit extreme, right. We have rapid coin joints. Because ORC is more of a scaling solution than a privacy protocol and we have to optimize for the most optimal best mobile experience. Because coming join the interactive by nature, it should ideally be done, and because we are making a payment in a coin join, right? Inherently, at the core, at the core of the protocol, at its core, everything is a coin join, whether it’s a payment or in a regular mixing, it’s in a coin join. And if I’m an end user, right? If I’m using a non interactive client such as a web wallet or a mobile. It should be a seamless UX and I it shouldn’t take much longer. It shouldn’t take long for me to make a payment or whether it’s paying lighting, invoice or making an internal transfer. Everything is in a coin join and if a coin join it takes 10 minutes to complete. I have to wait 10 minutes on my smartphone to make a payment so to optimize. The UX like the better UX we have to make this compromise right there should be. There has to be a new coin during session in every five seconds so that we can bring the most optimal UX to end users.
Stephan Livera 00:42:33
OK. So let me just summarize a little bit my understanding then so. The user is opting into this system. It’s like he puts his UTXO in. Let’s say I want to go into the system. I put 10 million sets in there and inside the virtual txo system I’ve got this virtual 10 million Sats. Now the ASP is helping me sort of manage that and as you mentioned there is this the TX lock. Sorry, the TX locking system and what’s really what’s going on is. Every 5 seconds there’s a coin join round. And yeah, as a result of that, the ASP is having to make on chain transactions to help confirm those to provide the liquidity, right.
Yeah, they probably could. And they make sure that they’re confirmed because it’s not confirmed. It breaks the atomicity. If you want to ensure the atomicity in order for the ASP to claim the sender’s money, a SB has to make sure that the transaction is confirmed. The coin join transactions that they create, they end up in a Bitcoin block and they provide the quality for them.
Stephan Livera 00:43:30
Yeah. And so the ASP. Just to really make sure. Now of course, like we’re saying this is scaling. So the idea is that. Maybe thousands of users, maybe hundreds of thousands of users, all with one ASP and there would be multiple ASP’s, right? And they can kind of they can they route to each other or how does that part work?
They are self isolated with each other, so they’re not. They’re not interoperable, they’re not even aware of each other and they don’t. Have to so or like on all you have the ISP’s, you can pick your own SP like in the initial onboarding phase. You remember, like you pick in the protocol to a Bitcoin address and the Bitcoin address the two of two the client software you’re using the OR client, which is in the web client of mobile client. It gives you an address to pick in your funds. In the first place, and that address contains the two of the core signer of your ASP of your choice and there can be any ASP your client can pick it automatically or based on the fee market rate on the. It’s a free market based on you know the fee rate they’re offering. The service you can you pick in the protocol into the ASP, right the virtual set and you can pick you know whichever BS you want. And from there you’re in the system, and from there you can only transact through that a ASP. You cannot transact through other ASPs because the tool flow. Between me and the ASB and the subsequent ones, I have to join that particular point join. If that ASP blacklists me for some reason and that also goes to LSP. I can do an unusual exit I can trigger an unusual exit just like a force closure on lightning.
Stephan Livera 00:45:09
Right. You can take your clients back without asking permission, yeah.
Like all I’m saying and I can switch off my ASP to someone else, could be a force federation. Could be someone else who is not blocked.
Stephan Livera 00:45:21
So in terms of the really frictionless payments aspect, the best case you’re saying would be obviously if two people are part of the same ASP, but if you’ve got like one person on a SP A and another person on a SPB, there’s not really an interrupt. Ability there maybe you would have those two ASP’s have like lightning channels with each other and maybe they would settle that way or like what are you thinking there?
You don’t have to make them interoperable, so if I’m using ASPA and the intended recipient doesn’t matter which is which users, it can be used it. I mean just it could be someone just on board the protocol, right? So let’s say I’m Bob, there is all this right and Charlie is the operator. I have a two of two between me and Charlie, right, Bob and Charlie, I have some Vt excels, let’s say one meal. And then I want to send some sets to all this right and all this can use the, I mean, as her preferred is, will not. It could be just onboard the protocol, right? And what happens is I join the coin during session with Charlie the ASP. I’m Bob and I joined the coin training session to send. E-mail sets in a coin join and the coin joint intent that the recipient oils and the VTC Excel of Alias is also 12/2 between allies and child ASP and ALS. So when the transaction confirms all this is client software realize. Always in our heads, vxo between her and her ESP, Charlie and from the sub second ones to send someone sends joins the child’s tool to create another VTX between the new intended recipient and the Charlie. On an ongoing basis, if you’re paying an invoice and you’re connected to, you have Vt so set among different ASP’s. Say you use USBC existed KLM different ISPs and you are paying ARM Avenger a lightning note and you can pay it through and like you can pay it pay in lighting invoice is single lighting invoice via MP style pair so that you are forwarding styles like you’re. Pushing htdocs in a coin join instead of attaching ETCS like Vt cells instead of registering for Vt cells and coin join on the output registration phase you register for HCC. And you attach them to your factory like you have like 3 service providers. You join them one by one to attach the HDC you attach 3 HD docs and from there these two three HDCS. They’re also writing routers. Also Alice Peace and from there they forward inflate each dialysis to the end destination. In a one MP payout, but in the internal transfer case it is a self isolated pair. If I have like 3 coins, one meal each one is between me and is be ABC, the other one between me is BZ and the third one between me is be me and is.
Stephan Livera 00:48:41
So as I’m reading you then the concept is you could have let’s say one arc wallet on your phone as an example and you could be connected to multiple ASP’s and there’s no, there’s nothing wrong with that. I mean I guess it. Like having a, you know a lightning node and you’re connected to different channels. It’s kind of. Like that, right? Yeah, yeah, yeah, exactly like aligning. Channels between different channel partners.
You have a channel between you and exercise your channel with ABC but it’s interoperable because you can forward it to your season and MPP sell like payout.
Stephan Livera 00:49:11
OK. And so if somebody is I guess put it this way, if somebody is not already a member of an arc or with an ASP and you want to make a payment to them, you basically need to get them to set up with arc, right, to set up an ASP, what an arc wallet and create an end pub or use like their Nostra N pub as an example and take a payment that way.
Not really. The recipient is not aware of anything, not even aware of the ASP that he is receiving from right is the recipient just downloads a piece of software, right? And this and it makes the there and pop available to everyone else IE adding to their temperature, tipping right. The sender knows all it takes is sender. Right. Having the end part of the of the destination.
Stephan Livera 00:49:54
Yeah, of course. You just need to know the other guy’s public key in this case.
And then the recipient ends up having a DM right telling. You receive the payment and the payment is between you.
Stephan Livera 00:50:05
Right. That’s the out of bound message to say, hey, you received a payment.
And yeah, and then the message says you have a payment between you and ASP xiz.
Stephan Livera 00:50:14
OK. So yeah, it’s complicated, but it’s like a whole new concept to learn, but I’m I think I’m slowly understanding part of it, probably misunderstanding other parts of that anyway, one other question, how do our ASP’s profit? Do they charge a fee?
Or as a you’re like lining and. Yeah, the service like service providers or service providers. They are like three things. They are they, city providers, they’re service providers and service, I mean blind up coin joint like coordinators, they provide the coin joint service. But they’re also lining planning service providers. They also lightning routers. They have to provide liquidity, but also lightning they have. They have to make sure they have enough channel on lightning like to broader protocol and also like also like giving this lighting something analogy like it’s more like a subnet of lightning. it’s like this end user subnet you can internally do coin joins and all that. You can make switch cells you can into internal transfers, VTX cells with each other with friends and family and all that. Or, you know, even master tipping. And but you can forward HLC to broader lightning, you can get paid for the broader lightning, but internally at its core it’s a different sort of design internally. It’s a rapid protocol based on the share you jigsaw model internally it’s different, but externally it is interoperable lightning you can pay invoices, you can get paid from invoices. So it is it’s a distinct but with lightning interoperability.
Stephan Livera 00:51:47
One other question around users refreshing their coins. So from reading the documents, it looks like the user it needs to come online at least once every four weeks to stop the ASP basically being able to run away with the coins. So how does it work in terms of coming online to refresh, do you need to do an on-chain transaction for that refresh or is it just like going online?
We call it remix. This is a so like so like once you’re in the system, once you pick in and once you only pull it on chain once when you pick and pick out for internal transfers it’s footprint mutable they’re all option.
Stephan Livera 00:52:19
Right. I mean there is the on chain part of it, but it’s minimal one in three out every 5 seconds. I consider it should be minimal because it’s minimal in size. The only chain part but off chain part is the internal transfers or paying lighting invoices and your coins your VTT excels or like on chain has an expiry. Like they expire at one point in an on chain world, unlike on chain, if they’re in the infinitely there you can do the cold storage or even hot, but they will be there forever, right? If they’re not spent oric, your coins expires at some point, which I Think this is not a trend at all? I’ll come to that so your coins expires after four weeks. So imagine you have etsel but it expires right? You have to spend it before it expires. Otherwise, it’s gone in the our context, so you have a coin, you send it to someone, the recipient receives it, and the recipient now has a four week time lock, right? Four week time, after four weeks, it expires, so the intended recipient has to spend that ET XVT Excel in that time frame. Four week time. Right. And if it’s about to expire, right, it’s you haven’t spent it yet. You’re holding it. You wanna hold Bitcoin in the Arctic? You’re not spending and you’re we take so is about to expire. What you do, you do a self swap. You’re returning coins.
Stephan Livera 00:53:54
OK. It’s like a self send gotcha.
Back to yourself. Self stand you join a coin joint session to send yourself to reset the four week timer and this is called the remix and remix are not charged liquidity fees.
Stephan Livera 00:54:09
And this is like in the coin join protocols where they call remix. The idea is to get multiple mixes. To give yourself additional privacy. So I guess it’s kind of mimicking that idea remixing.
So that, yeah, so if your coin is about to expire, you do remix and remix are naturally good fees.
Stephan Livera 00:54:23
I see in terms of picking ASP, how do you see ASP’s competing? Would you see that as like a do they compete based on how much liquidity they have? Do they compete based on uptime availability like how would you pick one ASP versus another?
So yeah, I mean you, you only pick your SP in the issue or morning failure as you remember, like you’re not actually able to pick. It like once you’re in the system because it’s heavily reliant on. Who are you? Who are you receiving from? If you’re the center and your friend is sending a payment or ZAP or donation or whatever. And you have a coin which takes so between you and exercise and you have to join XYZ session to send it forward the payment further right and you are subject to the fee policies. That ASP excited charges like dictates, right? You’re subject to it if you’re not. You know, if you’re not happy with the policy, the fee rates, which is totally customizable, it’s a free market. I mean there, there will be many competing S fees with different fee schedules, fee rates and all that. Both in terms of 1 chain fees and you know liquidity fees, basis points. You are subject to the policy like there is nothing you really you can do. It’s it highly depends on who, what ASP the center you’re receiving from who the center.
Stephan Livera 00:55:55
I guess right? So I guess worst case you would try to withdraw out and take it back on Jane into your hardware wallet or your multi SIG or whatever, right?
Stephan Livera 00:56:04
Yeah, I’ll pay a lightning invoice and get out that way, right? OK. So you’re and I guess even though we’re talking about the protocols in a competitive way like a arc versus lightning and so on, you’re also seeing it in a complementary way that some of these providers might be both, right? You might be both in ASP and an LSP, and then the user is sort of able to use both functions and then it’s on the ASP side to kind of manage their lightning. Equity and lightning channels and all these other aspects, all those other aspects of it. To give the user the better experience, right?
That’s all about what? That’s what is all about. Yeah, giving their end users is frictionless. Proper UX, like payment experience in a subcostal way and ASP’s. Or they have to be SSB’s. I mean, it’s not quite optional, although it might seem optional ASP’s they should be also a TSPS.
Stephan Livera 00:56:55
Ohh I see. So it’s not optional. OK, I didn’t quite get that part. OK, thanks for clarifying there.
Here it is, but I’m in practice now like you’re using.
Stephan Livera 00:57:02
To pay lightning invoices too, right? I mean obviously I designed or that’s how it all started or started. Was a lightning mode idea and or is a lightning mode like arc is like a subnet again or an art is a Lightning wallet protocol.
Stephan Livera 00:57:16
Gotcha. Gotcha. Yep. Fetch at the subnet point. Yeah. OK. And so I guess as we, I think we touched on this before, but I guess the idea is let’s say I have this one arc wallet and I’ve got maybe three or four different ASP ASP’s on there because I have coins with them or VTX’s with them.
Stephan Livera 00:57:36
I guess the idea is my wallet would need to periodically check to do that four week remix thing right to kind of periodically remix so that I don’t lose my coins. So basically the idea is the wallet needs to come online every now. And again at least to do that remixing, but it’s doing it across multiple ASP’s, not just one, right?
Yeah, that’s true like lighting has the similar assumption, and in fact it’s more extreme.
Stephan Livera 00:57:59
Right. You’re you’re checking all the channels, etc.
24/7 yeah, here, it’s more. It’s just for weeks, but it’s also, I don’t see this as a trade off because. Like in extreme cases like in a border accident or some inheritance related issues, if you lose your funds for some reason, you can’t just reach out to your ISP, your service provider for a refund.
Stephan Livera 00:58:22
And of course, I think the idea here is this would mainly be for spending amounts, right? Like, we would still expect people who have like serious coin, they should be putting that in the hardware wallet or hardware signing device or multi-SIG and stuff like that. And this is seen more like a spending wallet amount right, or no?
Like in like if you are seeking proper cold storage yes. But you can also seek a cold storage. If you are interested in storing your Bitcoin like in a more secure way like on the order. Because if you’re concerned about launching fees and all that you can do it on arc too, with customizable like custom pull with custom expires.
Stephan Livera 00:59:05
Right, so instead of the four week expiry you it could be extended.
Like we have 11 week like one year, it could be two years. Obviously you’re being charged more fees for that because the liquidity location requirements are higher, right is we has to provide like liquidity lock their liquidity for one year. You know or few months right in that. In that case, you’re being charged more fees ideally, but if you’re seeking a storage, like storing your Bitcoin without dealing with all these interactivities, IE for six months, one year you can do it. In theory, yes, with your with. With an LSP of your choice and ASP can provide that service for you. Custom and pulls with pulls with custom and pulls on coin join transactions with custom CRV deltas.
Stephan Livera 00:59:52
OK, so let’s talk a little bit about some of the criticisms I’ve seen as well. One of the criticisms I’ve seen is this idea of, I guess it’s kind of like a vaporware criticism or this idea of, oh, you’re putting out all this idea, but where’s the working code? Where’s the software? I’m curious if you have any thoughts on. That as well.
Oh yeah, so there is I like to saying like cyber files, record Wizards, craft magic, so I’m not a cyber friend. I’m a wizard like craft magic. I like designing stuff. I like protocol design and all that, and in fact I do not qualify myself as software engineer, although I did some software engineering stuff in the past. Like I did some mobile development I did some Bitcoin development but I really don’t think I fall into that category and not quite as solving myself. I’m more like I’m more like a wizard, right? That that’s I think the right category for me and I you know I speak like with my experience with I did like 2 years long comment research and the woman only. And I, you know, based on my experience, that’s how arc start, right? How does evolve from a lighting world idea and it it’s based on my experience and knowledge. In comments and I have been obsessed with learning, scaling and privacy and that’s how work started in the 1st place and I speak with my experience. Yes, I lightning is an I mean it is an idea, it is in the early protocol iteration phase. Yes it’s gonna take a long time. Yes, we’re gonna do some prototyping. I’m currently assembling a team of Bitcoin like an Avengers team of Bitcoin engineers and that. We are aiming to build help ship like a prototype, like a primitive version. Hopefully Q3 this year later this year we we’re trying to figure out like what where to do providing first should could be should it be like a signet or inquisition or should it be main net like interactive version of Main net. Because, like, there’s like two different versions we can do like interactive main net versus like non interactive.
Stephan Livera 01:01:52
That was the other question I was gonna ask. Can we can you explain a little bit about the interactive version versus the non interactive version of this? So as I understand the non interactive version requires a PO or check template verify or some other alternatives that basically give us covenants or it’s going to be an interactive protocol. So could you explain the differences there for us?
So, ORC is something we can build on Bitcoin today, but we have to compromise on non-interactivity to do so. We can build and an interactive version of org just like lightning like, just like how you self-host the lighting on CLM, LMD or you can self-host. Your or clan, a hypothetical or clan or demon CLI or on your umbrella, you know, or rather Raspberry pie or, you know, could be on a server. You can self-host it, your online and you can receive payments. You can send payments the receiving part is why you have to be online. Because I mean we don’t have covenants. We can use the only way to emulate confidence. I mean restricting the transaction outputs of spending transaction using end of and multi seek we can use end of end multi seek to. Covenant behavior and that requires you to be online as a recipient to sign your own portion of your visual, among others from the end of to be online. So, you have to be online. To do so.
Stephan Livera 01:03:24
Right. And that’s just like with lightning today that you need to be online to receive?
Most like lightning. Yes, I mean in theory you can be offline on lightning too, but you cannot receive. Yeah, I mean, part of the reason is you cannot create preimages when you’re offline or PTC solve that. But you have to be. On anyway to cyber channel breaches and or you also have to be only in. The in Every few weeks, but you really have to be. Online or to receive payments if we are here to build our own Bitcoin today. If we have confidence of it, we have covenants. Such CTV Txhash CSV’s cat with there are a bunch of different combinations you can do. If you have columns in Bitcoin you it becomes unattractive. You don’t have to be only to have to self-host, simply the shift you take so is constrained to a set of transaction outputs containing yours containing your VTX. So yeah, it can be. Offline you can be on the go. You can receive it. You don’t have to receive in that case. But I’m just dreaming right at this point so. We’re trying to figure. Should we do an inquisition because Inquisition has CCTV and APO. It’s a signet with experimentation features. But Liquid also has carbonates, right? And liquid is in fact more like a signet with actual Bitcoin value, right? So, it might make sense, right? It might make more sense to do on liquid if you are to do a non-interactive version.
Stephan Livera 01:04:47
But yeah, it might help prove out the demand for CTV or APO, right? So that might be interesting. To sort of show ohh hey, there’s actually a working use case here, but in terms of real world usage it’s probably gonna be that would be a slower path, but it would. It would be interesting, at least from that perspective, to sort of show demand for that soft for that particular software, whether it’s a PO or something. So I guess we should probably just quickly explain a little bit about covenants for people who are unfamiliar with that. Like I guess, let me just offer my kind of poor man or layman’s explanation. And you, you tell me where I’m getting it wrong. Right. So I guess setting their contacts a little bit because I understand people can get a bit concerned about covenants. So let me explain how I’m seeing it so in Bitcoin today we have time locking and we have multi signature which are types of smart contracts but they importantly they restrict what you can spend in terms of already existing outputs. The idea with covenants is more like what can you restrain in terms of future outputs? What is the future output of that transaction and what is the way that it can be? It’s like a future restraint and I understand where some people have a concern because OK, does that lead to could there be a risk where the government says Ohh you may only you know, transact inside the purview of the government or the state or with KY? But I think the important point to understand here is that it would be like an opt in system, right? So, for example, if you are generating an address to get paid today, you are the one determining whether it’s a covenant or not. You are the one who’s saying I just you know, I’m generating an address that’s single signature that I can unilaterally control without a government, without anyone else or without a third party. If you are opting into a covenant system, you would be the one to generate that. You know, like an address or, you know, some kind of covenant-based thing on which future restraints could be placed. And it sort of works as part of this system as we’ve just as we’ve been talking about with ARC and with, you know, even there might be improvements with lightning as well. Who knows so that’s how I’m seeing it. How do you see it?
100% agree we’re online with this. We’re on the same page here, like on the same table, yeah. So common is the way to constrain US spending out the outputs of the spending transaction of a feature transaction versus today. You cannot really constrain the feature transaction. Here in our, yeah, I mean Commons office obviously entirely obtained. So you already know in advance that you’re part of the covenant script. So you are part of the covenant, like an output you’re spending right in the next transaction, you’re already part of the company. You know it, you know in advance that you are part of the company. You already opt in to covenant. And in terms of like you. Know the blacklist censoring stuff state level well, it’s also possible to do Bitcoin today like multisig. You know a state could be a whole call center of the multisig and you can do it on Bitcoin in in a policy level. Well, come on, let’s do it. And can might do it in a protocol level in an interpreter level, but it’s already possible to Bitcoin today, and it’s entirely opt in and I don’t really understand why people are so scared of it. It’s just a very simple primitive. It unlocks bunch of use cases, and it’s entirely often and it just you can do it at all sort of blacklisting. People starve on Bitcoin today too, with Multiplex.
Stephan Livera 01:08:01
So I think the main thing is really fear of the unknown and it’s another whole technical concept. That people aren’t familiar with, right? Whereas people today are familiar with the concept of multi signature, they’re familiar with the concept of time locking. It’s used as part of lightning today CSV check sequence verify, so I think it’s just that people aren’t comfortable with that. And I think this is part of the educational journey that everyone has to go on. And in fairness, I think what happened with. Well, with Jeremy, with CCTV with check template verify. I think a lot of people, I think people got spooked a bit. People got a bit scared. Was of the activation attempt when I think at the time it was really only developer and kind of insider circles who really knew what that was. And I think there were a lot of people who were just sort of instinctly instinctively saying, whoa, hold on, what’s this like? I don’t want people to change Bitcoin. I don’t want to change things. But and this is where there may be some tension right on that aspect of whether Bitcoin should have a soft fork, because there will be all these arguments coming up about, well, if we don’t have soft forks in Bitcoin, will that mean a lot of people end up custodial and more people end up custodial than otherwise because, you know, without having? These covenants and these kind of extra features and things like CTV and any proof out and maybe up vault and things like this that maybe scale the self-custody element of it, I guess that’s how I’m viewing that anyway. But what do you think?
We have to do more job on educating people. Yeah, people for some reason and scale of it, especially for like recursive call and stuff. Though CTV doesn’t enable recursive calls. And in fact, I’m not. I’m in favor of aggressive comments too. But yeah, we have to do more. You know a better job in communicating with the community better on this like comment educating them on the you know. The trade-offs always. There is a tradeoff everywhere, right? You’re changing Bitcoin. It could be risks involved, but I mean components have been. They’re like they are there and they could like already been there for like. For four years and you could think of it like this test bed and I added some work on liquid and has and from what I can tell based on my experience, it’s entirely up and it’s entirely secure like you can do this all you evil, use skills, and it may net too today and it unlocks bunch of use cases and let’s bring them. In fact, I’m saying and I appreciate it like. I was in favor of CTV. Activation at the time I was on a pro CDB camp and I appreciate like the people who are who were against it because in culturally in Bitcoin we tend to preserve the protocol and this is the way to go. But I’m likely I’m seeing like people changing ideas, shifting their ideas, and I see more and more people day after day, week after week, you know, in favor of, you know, getting in favor of, you know, you know, on the CTV in, in comments in general. So hopefully, yeah. So we we’re seeing the trends. Yes, hopefully, hopefully we’ll get there at some point.
Stephan Livera 01:10:50
Yeah, a few other smaller criticisms or ideas that I’ve heard. In relation to ARC and maybe some of these also apply to lighting in fairness, but this idea of if a lot of people all unilaterally exit at once, does this create a rushing to the exits problem? And I guess just one thing to add to that before we for your answer is the I think this is a point loudly also made or roast beef. He’s saying if everything has to unroll the amount still have to be economical relative to the chain fees, right? So do you have any thoughts on that idea?
So the formal concern, right? If everyone rushes out for the exit like post, it will be a disaster, yes. That trade off also goes to, I think, but I have a design in my mind that can address this further, like in in the long term it’s like more like a long-term feature extension thing. So, or the way how arc today like? The way I designed it in my head, I mean obviously I’m working on the specs. That’s what I’ll be working on next. Months the Whitehead works is like if something goes wrong, you trigger. You know it will exit. But before doing that you have to reveal all methods. Like we take cells from the ship it takes. So, you have to reveal. Them from shade you take cell all in one and that’s how it works, but the feature extension of this will be will be hopefully a withdrawal. Three individual tree like tap, live, update, verify style. So, you have a bunch of VTX cells in a tree and you can withdraw Vt cells from that tree one by one and once you withdraw. It like V Takes you from the tree we are adding. Like at relative lock time in addition to an absolute lock time at the absolute lock time being the end of four week, right? But also adding a relative lock time IE at 24 hours to this tree so that whenever I when whenever someone withdraws, we take so from the tree the 24-hour timer resets back this. And the remainder like the other, we take souls and the trilogy. So that although the four-week timer is over, it could take years decades to withdraw from the ship. It takes in a disaster scenario. In that case, this is because every time 24-hour resets disappear, right? This is theoretically possible and Bitcoin like we can do it today. Even like with our common theory Because again, we can emulate, it is really hard like because we have to, because we don’t have to verify, right? And without that, we can with masks, we can emulate it. With CTV, CTV or TCSH can emulate and withdrawal tree tap with up the verify cell.
Stephan Livera 01:13:33
OK. So with the with the withdrawal tree is the idea then that you’re staggering the exit?
Yeah. The other sweep larger like the ASB, the service provider sweeping it. It got delayed every time 25 by.
Stephan Livera 01:13:47
I see. OK.
24 hours. Every time you, as someone withdraws from the street.
Stepahn Livera 01:13:52
OK, OK, cool. So I think those are probably the key questions. I mean, there’s, I’m sure there’s like 1000 rabbit holes we could explore, but trying to keep the episode manageable for people, I hopefully this is a good overview we’ve gone through. So I guess let me just kind of summarize again, just so people are sort of trying to get their hands around. It at least so the idea is this is an off-chain protocol. The idea is the user can opt into this ASP as an example. They can lift his UTXO. The ASP helps him manage that, and there’s a TLC. And there’s all this technical stuff in the background to sort of make it atomic, right to make it. You know, and that so that he can unilaterally exit, but the, the, the long and the short of it is that he can essentially peg in some coins into arc. Let’s say he has a VTX O there’s VTX’s can be traded around very friction. Obviously and because of because there’s a 5 second round every round, there’s a remix. The ASP is managing that the ASP has a lot of liquidity and capital costs, but the ASP is also an LSP and it’s managing all of these aspects. And in terms of the user being able to exit unilaterally, he can still do that. And the way payments would work is basically you would need to know the other guy’s public key, his arc public key, I guess. And then you can just make payments without the inbound liquidity problem, which is what we have today in lightening the yeah. So, it seems the main downsides though are to do it in the best case it requires a soft fork to get some kind of covenant and the other. I guess. The other big downside is it seems like the ASP’s require very it’s a very high capital cost because the ASP has to have enough. Bitcoin to basically back or kind of bank roll all the transactions going on inside their ASP for four weeks.
Yeah, that’s sounds everything well. Yeah, because it’s a great one. I could have.
Stephan Livera 01:15:44
Got better yet, to be honest. OK, well, there you go. So we’ll see what other feedback people have. Are there other criticisms and other ideas people have out there? Comments in the you know in the Twitter threads or on YouTube or whatever, Barack. Where can people find you if they want to follow, follow you and find out more about all of this stuff.
Yeah. So, so yeah. You can find me on Twitter my handle is Bob or QG. or Bullock and short. It’s quite it’s quite unique name in a Bitcoin space, but we also have a telegram group like our community group on Telegram. We can find out on telegram or community or also we also have a website called orc pill dot Me. On the website we have like a brief one-page overview of protocol overview plus a deep dive. If you’re technical enough. Interested in learning more? Also, we have a short Q. If you have any further questions. We also have a get involved page and a page you can you can find a link to our Telegram channel and feel free to join channel if you have any questions. Of any kind really. It could be stupid or not. Feel free to join and ask any questions you might have and if you wanna donate, we have an option address. And if you if you are Bitcoin talent, if you’re restaurant, you would reach out also on the on the get e-mail page we have an e-mail from which you can you can you can you can reach. Yes, if you want to contribute them. If you’re a Bitcoin child.
Stephan Livera 01:17:05
Fantastic. OK. Well, thank you. Hope it’s a very optimistic vision of what an alternative L2 could offer to Bitcoin. So, thanks for joining me in helping explain this as well as being a gracious about the criticisms. Also, thank you for joining me.
Yeah. Thanks for having me.