Storing scripts (smart contracts) outside the blockchain

1

I'm following "Mastering Bitcoin" from Andreas Antonopoulos in order to understande the Bitcoin implementation.

In the chapter about transactions, he points some advantages of P2SH transactions:

  1. Complex scripts are replaced by shorter fingerprints in the transaction output, making the transaction smaller.
  2. Scripts can be coded as an address, so the sender and the sender’s wallet don’t need complex engineering to implement P2SH.
  3. P2SH shifts the burden of constructing the script to the recipient, not the sender.
  4. P2SH shifts the burden in data storage for the long script from the output (which is in the UTXO set) to the input (stored on the blockchain).
  5. P2SH shifts the burden in data storage for the long script from the present time (payment) to a future time (when it is spent).
  6. P2SH shifts the transaction fee cost of a long script from the sender to the recipient, who has to include the long redeem script to spend it.

About item 4, it still looks suboptimal to me.

Imagine that I have a firm where in order to spend the payment from customers I also have to get the signatures from at least 1 of 2 other partners. My script would look like:

2 <My PubKey> <Partner 1's PubKey> <Partner 2's PubKey> 3 OP_CHECKMULTISIG

So, for every incoming payments that I'd like to spend, my scriptSig would have to be bloated with the script above plus 2 signatures <sig1> <sig2>.

Imagine that I'll have thousands of these transactions, this would be bloating the blockchain, probably decreasing the processing capabilities of the network.

I was wondering: is there any way of mantaining these scripts as "accounts" in "script wallets" and not storing it inside the blockchain?

When there is need for validation, I could simply retrieve this script form the "wallet" and check the transaction.

How would it be possible?

Henrique Barcelos

Posted 2016-03-14T22:36:20.860

Reputation: 411

Answers

1

First, yes you are correct in that each time you spend from the same p2sh address, you're specifying the script that hashes to that address. And yes, if you spend multiple times from that same address, you would be correct, this would be highly inefficient since you'd have to reveal the script each time and the script could be very long.

However, in bitcoin, it's not considered safe to re-use addresses. Each p2sh address should be used once, not many times like in your scenario above. In that case, it's not inefficient or suboptimal at all. That said, I suppose something like segwit could be used to store scripts off-band, but that would be a significant and complicated change for not much gain.

Jimmy Song

Posted 2016-03-14T22:36:20.860

Reputation: 7 067

But if my unlocking script is always the same, which means its hash will always be the same, how is it possible to not re-use addresses in this case?Henrique Barcelos 2016-03-16T14:07:58.377

Do you mean each of the partners in the deal should generate a different PubKey for each transaction?Henrique Barcelos 2016-03-16T14:09:24.087

When you finally spend from the address, you should spend all utxos to that address at the same time and not use that address to receive funds again. A new p2sh address using different pubkeys should be made.Jimmy Song 2016-03-16T14:48:58.630

That's what I thought. Thank you very much =]Henrique Barcelos 2016-03-16T19:27:28.533

Asked: 2016-03-14T22:36:20.860

Viewed: 373 times

Active: 2016-03-15T23:17:58.823