There are some interesting future scenarios for use of multisig in BTCR.
The easiest is revocation. If the tip is a multisig address, for instance a 2 of 5, I could give my 5 closest colleagues the right to revoke my DID if at least 2 notice misbehavior of my account and move the unspent funds on the tip off. They can post a revocation reason (see #5) in an op_return), or put the key on hold (see #6).
The challenge is key rotation/recovery. The two kinds of multisig in Bitcoin are the recommend P2SH and the older but not deprecated op_checkmultisig.
Key rotation/recovery with is difficult as P2SH doesn't use keys the same way as P2PKH as it , so in order for the multisig participants to change the tip owner key to a new address they would need to point to a P2PKH transaction by using some code in the revoking transactions op_return. Until we can support script signatures (see #14) this means that DDO changes would require two transactions increasing cost.
Key rotation/recovery with op_checkmultisig has different challenges — it include the signatures of the signers for which can be used to recover their public keys, but then we'd need to support multiple public keys for signing the DDOs (and potentially verifiable claims) but there are not any good examples of this in JSON linked data signatures yet.
For purposes of this hackathon we should focus on single signature P2PKH but for the spec we probably should talk about possible multisign scenarios.
Copied from original issue: WebOfTrustInfo/btcr-hackathon#17
kimdhamilton
commented
6 years ago
From @ChristopherA on June 30, 2017 21:50
There are some interesting future scenarios for use of multisig in BTCR.
The easiest is revocation. If the tip is a multisig address, for instance a 2 of 5, I could give my 5 closest colleagues the right to revoke my DID if at least 2 notice misbehavior of my account and move the unspent funds on the tip off. They can post a revocation reason (see #5) in an op_return), or put the key on hold (see #6).
The challenge is key rotation/recovery. The two kinds of multisig in Bitcoin are the recommend P2SH and the older but not deprecated op_checkmultisig.
Key rotation/recovery with is difficult as P2SH doesn't use keys the same way as P2PKH as it , so in order for the multisig participants to change the tip owner key to a new address they would need to point to a P2PKH transaction by using some code in the revoking transactions op_return. Until we can support script signatures (see #14) this means that DDO changes would require two transactions increasing cost.
Key rotation/recovery with op_checkmultisig has different challenges — it include the signatures of the signers for which can be used to recover their public keys, but then we'd need to support multiple public keys for signing the DDOs (and potentially verifiable claims) but there are not any good examples of this in JSON linked data signatures yet.
For purposes of this hackathon we should focus on single signature P2PKH but for the spec we probably should talk about possible multisign scenarios.
Copied from original issue: WebOfTrustInfo/btcr-hackathon#17