mimblewimble team mailing list archive

Thread
Date

Re: Compact blocks

To: Ignotus Peverell <igno.peverell@xxxxxxxxxxxxxx>, mimblewimble@xxxxxxxxxxxxxxxxxxx
From: John Tromp <john.tromp@xxxxxxxxx>
Date: Thu, 27 Apr 2017 20:50:05 -0400
In-reply-to: <KL0Yo-JMkXUcLZM6HqoDKyUL4bGON_9iZAmDNtXHx2Ur2TPNodsGiXhhGjX8Z8Tj7USJF9sCKZgdGuM6tcdA3yfYm2frKKy_Wew83rrKrC4=@protonmail.com>

dear Igno,

> BIP152 introduced a good solution by introducing short transaction ids
> (which we can generalize to inputs/outputs/kernels):
>
> https://github.com/bitcoin/bips/blob/master/bip-0152.mediawiki#Short_transaction_IDs
>
> It does force a full re-hashing of the pool on each block but siphash 2-4 is
> fast and we don't need to introduce a new crypto primitive as siphash 2-4 is
> already used by Cuckoo Cycle.

Not only that, but Cuckoo Cycle proceeds with exactly the same steps:

"Short transaction IDs are used to represent a transaction without
sending a full 256-bit hash. They are calculated by:
1. single-SHA256 hashing the block header with the nonce appended (in
little-endian)
2. Running SipHash-2-4 with the input being the transaction ID and the
keys (k0/k1) set to the first two little-endian 64-bit integers from
the above hash, respectively.
3. Dropping the 2 most significant bytes from the SipHash output to
make it 6 bytes."

Cuckoo Cycle on 2^{k+1} nodes looks for a cycle on the graph of
short transaction IDs truncated to k bits, where edge e, for 0<=e<2^k,
connects the transaction IDs 2*e and 2*e+1..

regards,
-John

References

Compact blocks
From: Ignotus Peverell, 2017-02-28
Re: Compact blocks
From: John Tromp, 2017-03-01
Re: Compact blocks
From: John Tromp, 2017-03-03
Re: Compact blocks
From: John Tromp, 2017-03-03
Re: Compact blocks
From: Ignotus Peverell, 2017-03-05
Re: Compact blocks
From: Ignotus Peverell, 2017-04-27