

Sidechain Elements: Open source code and developer sidechains for Bitcoin - elux
https://www.blockstream.com/2015/06/08/714/

======
Animats
_" 2-way peg"_

Moving coins from the side chain back to the main chain is the hard part. The
white paper says you _" use the proof to unlock a number of previously-locked
outputs with equal denomination on the parent chain."_ You have to lock up N
bitcoins to create N side chain coins, but those form part of a locked pool
which can later be used to redeem sidechain coins. It's conceptually elegant,
but the process is complex and delicate. Lots of things can go wrong, and it
needs "challenge periods" of about a day during which things get sorted out.

 _" Security for the blockchain is provided by a set of predefined
functionaries"_

Uh oh. Remember Paycoin, with its "Prime Controllers" and "guaranteed minimum
value". That didn't end well. The whole point of all this cryptographic
machinery is supposed to be to eliminate the need to trust some central party
or parties. This sidechain scheme doesn't do that.

~~~
nadaviv
The federated model is a temporary solution, as a workaround due to the lack
of native support in Bitcoin Testnet. Once the Bitcoin network itself can
validate the SPV proofs from the sidechain, this model will be replaced with a
completely decentralized one.

~~~
nickodell
What's the incentive for people to merge mine this? Namecoin issues its own
currency, and it only has a third of the hashrate of Bitcoin. If this
sidechain follows that example, it seems like it will be much easier to mount
51% attacks and forge proofs.

~~~
Animats
The sidechain doesn't have mining. It has "trusted functionaries". Or so the
white paper seems to say.

~~~
mappum
This is a temporary solution, the whitepaper addresses moving to merged mining
(it's not being used in the beginning since sidechains that don't have a lot
of hashpower are easily attackable).

------
antonios
Peter Todd commented on Twitter that Greg Maxwell's job is impressive.

[https://people.xiph.org/~greg/confidential_values.txt](https://people.xiph.org/~greg/confidential_values.txt)

------
crispweed
As I understand sidechains there's a complicated proof mechanism that gets set
up for transfer of bitcoin 'value tokens' between the bitcoin blockchain and
alternative blockchains _without creating any additional currency units_ , and
a fall back to a much simpler exchange mechanism for actual practical day to
day exchange.

But the whole thing about not creating additional currency units actually
seems fairly arbitrary to me, given that this adds a whole bunch of otherwise
unnecessary complexity.

The fallback exchange mechanism for sidechains is based on an atomic exchange
algorithm that is well known for many years now.

This is something that could easily be standardised in the form of a
relatively simple 'pay on reveal secret' transaction type to permit
decentralised exchange between arbitrary pairs of blockchains, as I discussed
in the following blog post: [http://upcoder.com/11/atomic-cross-chain-
exchange/](http://upcoder.com/11/atomic-cross-chain-exchange/)

~~~
itsnotlupus
Neat proposal. It's worth mentioning that it can't be implemented in the
current bitcoin implementation, yet the alpha sidechain introduced here
happens to add exactly the bits it requires to work, namely time locked
transactions and a more plausible malleability fix.

Which means if you find/build another altcoin with similar capabilities, you
can start exchanging testnet coins with those altcoins using the very approach
you describe today.

I don't believe that's a happy accident, but rather one of those core reasons
for getting sidechains off the ground, as it provides a clear path toward
finally building all the insane stuff people have been dreaming about for
years.

~~~
crispweed
Ok, yes that sounds pretty cool.

It feels like there are much simpler ways to support pay on reveal secret
directly on the bitcoin blockchain, _if this is accepted as an important goal_
(e.g. with explicit conditional redemption conditions based on spending
transaction blockcount).

But I guess a more general solution for time locking and malleability can give
you other stuff as well (e.g. off chain payment microchannels).

------
chejazi
GitHub Repo featuring Elements so far (Bitcoin fork):
[https://github.com/ElementsProject/elements](https://github.com/ElementsProject/elements)

GitHub Page with a write-up of the actual Sidechain Elements:
[http://elementsproject.org/](http://elementsproject.org/)

------
ssharp
I understand the people in the Bitcoin community are trying to prepare for the
future, but is there any evidence at all that Bitcoin transactions will grow
to a point where the blockchain can't handle them and sidechains will actually
be necessary?

~~~
adrianmacneil
Sidechains are about more than simply allowing extra capacity on the bitcoin
network. They fundamentally enable the pace of innovation to increase in the
cryptocurrency space.

In the past, if someone wanted to improve bitcoin technically (for a trivial
example, let's say improving block confirmation times), they had to fork
bitcoin, and release an "altcoin" (thus creating an entirely separate currency
at the same time). This inevitably led to many bystanders speculating on the
altcoins - getting distracted from the technical improvements, and focusing on
whether it was a good investment or not. In the past, it was not possible to
separate the bitcoin network from the currency.

Sidechains allow us to create entire new blockchain networks, which use the
bitcoin currency natively. This means that I can now test changes to the
bitcoin protocol, and allow people to move their existing bitcoin (currency)
on and off my new network. For a popular sidechain, hosted wallets could even
transparently support sending and receiving coins on both networks. This is a
major step forward for cryptocurrency, because it means we no longer need
every innovation to have 100% consensus on the main bitcoin blockchain - we
can simply try out new ideas on sidechains.

Longer term, I can see sidechains allowing us to even migrate to a Bitcoin 2.0
protocol (think IPv6) - once a new standard is formalized, people can begin
using the new network in parallel, and eventually everyone will migrate to the
new "main" network.

------
vog
_> As a side-effect of its design, CT also enables the additional exchange of
private "memo" data (such as invoice numbers or refund addresses)_

This is a very interesting detail.

So it's finally possible to use bitcoin as a public ledger, by adding the hash
value of any large dataset to the "memo". Up to now, we needed workarounds
involving non-existing account, such as provided by Bitcoinproof:
[https://vog.github.io/bitcoinproof/](https://vog.github.io/bitcoinproof/)

------
kanzure
transcript: [http://diyhpl.us/wiki/transcripts/gmaxwell-sidechains-
elemen...](http://diyhpl.us/wiki/transcripts/gmaxwell-sidechains-elements/)

------
kriro
The link to the whitepaper is wrong. It links to:

[https://www.blockstream.com/2014/10/23/why-we-are-co-
founder...](https://www.blockstream.com/2014/10/23/why-we-are-co-founders-of-
blockstream/)

but should link to:

[https://www.blockstream.com/sidechains.pdf](https://www.blockstream.com/sidechains.pdf)

------
cjbarber
The blue border around the page is rather jarring

This is great, though.

------
kaa2102
Solutions do not need to be complicated or elegant - they simply just need to
solve the problem.

