5
In bitcoin, each transaction has an nLockTime integer to specify the earliest allowed block number/time that the transaction can be added to the blockchain. In addition, each transaction input has an nSequence integer that could theoretically be used to update transactions and know which is the most recent (although this functionality is currently disabled).
But is there a way to broadcast a transaction which is final and can be added to the blockchain immediately, but also make it so that its outputs cannot be spent until a certain block number/time? It seems like this would be a useful feature. For example, if I want to give my inheritance to be made available at the time my grandson/granddaughter turns 18, I don't think there is any way to do that in bitcoin except have someone hold the funds and give them to them at the time. Or if I wanted to give someone an allowance, I could just send funds at once for 3 months or so, and they would just show up in the son/daughter's wallet on a weekly basis.
So, just to double check, there's no way to do something like this in bitcoin, is there? Are there any security risks by allowing transactions like this? If there really isn't any way to do this, then maybe it's something to add to the hard fork wishlist.
If there is no way to do this with Bitcoin right now, is it because there is a serious flaw with such a system where an UTXO could be added to the blockchain that is not YET spendable?
I can think of two ways that such a thing might be implemented.
- Supplement the bitcoin scripting language with
OP_BLOCKINDEXandOP_BLOCKTIMEopcodes, which just push the corresponding value onto the stack. These values would have to come from the block that spends the UTXO, though, not from the the block that included the transaction that created the UTXO. This would mean that any transaction outputs with these OP codes could not be spent with 0 confirmations, because these OPs would have no meaning in this context. (This method possibly adds too much complexity to the situation) - Or, similar to the
nSequencefield, we could add an extra few bytes to each output to denote when an output can be spent (block number/time). If not provided, it can be assumed to be 0.
I wasn't aware of this change. +1 – Nick ODell – 2014-11-21T18:01:35.550
Thanks David, this is really helpful. I'm going to read more about OP_CHECKLOCKTIMEVERIFY. I'm still a little confused, though, how can
nLockTimebe used both for determining the soonest point that a transaction can be added to the blockchain and for determining the soonest time it can be spent? WillnLockTimelose its old functionality and be replaced with the new? It can't take on two values at once... – morsecoder – 2014-11-21T20:48:24.760@StephenM347 Read the part where it says "nLockTime value from the spending transaction". So TX1/Output0 uses CLTV in its scriptPubKey to lock the UTXO until block 1,000,000. TX2 has a nLockTime >= 1,000,000 and it includes an input spending TX1/Output0. Thus no change in current nLockTime behavior is necessary. – David A. Harding – 2014-11-21T20:55:51.540
I think I see now, CLTV makes it so that it the UTXO can only be spent with transactions that have
nLockTimegreater than some number which is specified in the scriptPubKey, and the current functionality of bitcoin already makes it so that transactions can't be included in the blockchain before thenLockTimeblock/time. Thanks! – morsecoder – 2014-11-22T15:50:28.440