Oddbean new post about | logout
 I read through most of what you linked to here and I haven’t found a single connection between MEV and CTV in any of it.

In what way do you think CTV will cause this issue? None of what it does can be done *to* someone, you have to sign and place all the signature requirements into it yourself. The first article does a decent job of explaining why it’s very useful, but also makes almost no change in the security assumptions, because it’s just another type of restriction you can place on your own coins.

Literally Lightning is trying to do exactly what CTV does, except in a complicated, multi step, numerous interaction way. So if the basic function of CTV is bad somehow, then so would a multisig that attempts to have rules not in the actual transaction to adhere to…

ie. You and I are in a multisig and we agree that .1 belongs to you and .2 belongs to me. CTV literally just makes that simple and easy to understand, instead of complicated and needing multiple interactions and signings. 
 Thanks for the response. I appreciate the focus on the issues and the discussion. Will respond when I can. 
 Ok, could you please tell me which statements you disagree with so we can start from there:

1. Centralizing MEV is bad

2. Out of band payment to miners to enter private mempool can create centralizing MEV

3. Speculators may pay miners out of band fees if they can receive a financial advantage. 

4. Trading financial instruments creates opportunities for financial advantage if you can execute your transaction quicker than others.

5. Op_CTV enables smart contracts that could be used to create and trade financial contacts, possibly even creating a Uniswap-like DEX. 

6. There is a risk that op_ctv could create centralizing MEV 
 You can’t control out of band payments in any way whatsoever, to suggest you can is silly, imo.

CTV doesn’t “enable smart contracts” in some elaborate way that isn’t already possible. Lightning is a “smart contract,” multisig is, atomic swaps are. What you describe is a completely generic idea and is 100% possible right now with all the op codes we have. CTV does not suddenly make a shitcoin trading empire possible where it wasn’t before, it literally formalizes, simplifies, and removes multiple interactions needed to do many of the same things we are doing *already.*

Multisig doesn’t scale to large groups because everyone has to be present. All CTV does is make it so parties can make changes independently and without constant cooperation and synchronized signatures from every single party.

So I disagree with the whole framing. It doesn’t make any sense in the context of what the tool is. 
 “CTV doesn’t “enable smart contracts” in some elaborate way that isn’t already possible.”

Have you heard of Sapio?

https://www.coindesk.com/tech/2020/07/14/this-new-coding-language-could-help-unlock-bitcoins-smart-contract-potential/

https://btctranscripts.com/vr-bitcoin/2020-07-11-jeremy-rubin-sapio-101/

https://bitcoin.stackexchange.com/questions/106850/is-there-anything-specific-to-the-design-of-the-sapio-language-that-makes-it-wel

https://blog.primebit.com/2020/07/22/sapio-a-new-language-aimed-at-increasing-bitcoins-smart-contract-potential/?amp=1 
 Hey Guy, did you fall down the Sapio rabbit hole as I did? Pretty interesting (and disturbing) stuff! 

Anyway, unless I’m missing something, it seems that you were misled on CTV’s capabilities. 

You said: “CTV doesn’t “enable smart contracts” in some elaborate way that isn’t already possible…”

Your statement is not true … straight from Jeremy Rubin himself:

“When we write a program in Sapio, we are designing an arbitrary state machine that can run any program.”

…and…

“As such, Sapio is a very powerful framework for designing Bitcoin smart contracts […].”

So CTV does provide a NEW powerful framework that allows ARBITRARY programs, which aren’t possible today. 

Jeremy even says at one point that you can write options contracts in Sapio. This confirms what I said about financial trading. 

Jeremy also says clearly that Sapio is ONLY POSSIBLE with CTV:

“CTV makes all this stuff really possible and without it it is severely limited in what contexts you’d want to be able to use it. …
Getting CTV adopted is really instrumental to making this vision that I showed you actually work.”

So, to recap:

You’ve said repeatedly that CTV was only providing capabilities that we have already. 

You said that CTV doesn’t provide “elaborate” new smart contract capabilities. 

You now have strong evidence that both of these statements are not true. 

Do you understand now why my earlier framing was accurate? If you’re still fuzzy on anything please let me know. 

Hoping you also understand better why I challenge these attempts to quickly change bitcoin’s core protocol. 

Of course I would love to have channel factories capable of opening a million lightning channels at once. But not if there is any risk to bitcoin. 

The problem is that none of us really know what OP_CTV can do. It seems this discussion is a perfect case in point. You’re super smart, incredibly well read, spending most of your time in this space, but still under the belief that OP_CTV just provides better hashing, stuff we already have. 

Nobody understands all the ways it can be abused, so nobody really understands what the risk to bitcoin really is. 

You think we need channel factories? Great! The dev community should explore how to add that without any “side effects”. We absolutely need vaults. Hopefully they can figure out how to get that done without side effects too. 

But adding arbitrary programs to the core protocol which could harm decentralization? No freaking way. We’ve seen that horror story play out on crypto blockchains. 
 I already left this convo and don’t have time to read all that, I have been well aware of Sapir for years and I’m guessing you’ve never heard of BitVM if you think this is something new. 
 Sapio runs logic on-chain but BitVM is currently designed to run logic off-chain. You can’t equate them. 

Big difference in terms of risk to centralizing MEV, don’t you think? 

It will be interesting to see how BitVM develops though. 

You’re not going to respond? Once I brought receipts and then you suddenly “didn’t have the time”? Disappointed. I thought we cared about what’s best for bitcoin rather than our established positions. 
 “You’re not going to respond? Once I brought receipts and then you suddenly “didn’t have the time”? Disappointed. I thought we cared about what’s best for bitcoin rather than our established positions.”

I was literally just trying to find the time because I am insanely busy and also out of town at the moment, but you beating your chest like you are the only one who cares about anything and this sort of attitude is what makes me not want to. If you want me to respond this isn’t how to do it.

And no, Sapio doesn’t change anything, as I said I knew about it and I’m pretty sure I did an episode on it a couple years back. 
 You’ll recall that when I was busy, i politely thanked you for your message and let you know that I would reply when I could. 

Perhaps you forgot saying “I already left this convo and don’t have time to read all that…” But you always intended to reply? Ok, sure. 

Repeating “Sapio doesn’t change anything” is weak sauce — baseless contradiction, no logic, no evidence, just nothing. 

I’ve quoted the author of OP_CTV extensively and he clearly contradicts you. I was hoping you would respond with something coherent so I might be able to learn, if I was missing something. 
 “Smart contract” is a buzzword. Lightning and multisig can do what you explain above. It’s just more annoying and requires more interactions. Are we getting rid of those things because of “smart contracts”? 

CTV is not a “framework”, Sapio is. It’s a coding language to work with bitcoin script, CTV is not the problem here and I also think you misunderstand MEV on top of this. There are already options contracts in Bitcoin, it’s already financialized. Also something that you can’t stop. There have been futures contracts for years. 

It’s completely impossible to stop practically everything you listed and maybe I’m wrong, but you don’t seem to understand what the *actual* problems with those things are, rather than thinking there’s some concrete line where it does/doesn’t exist and thinking that CTV leaps over it. 
 I’ll give an example to look into if you care:

Lightning pool can execute any arbitrary code to enforce ownership of bitcoin. Has been able to for a couple of years. It simply uses the Lightning punishment system to enforce ownership. CTV only makes it so you can pre-sign the exits and do it non-interactively… as I explained at the very beginning. 
 Thank you for the response! 

I can see our conversation is misaligned. Might be helpful to clarify my position. I’m not pushing back on particular functionality, per se. I’m only pushing back on how particular functionality interacts with the base chain — if that interaction might create centralizing incentives. 

For example, I don’t reject smart contracts, arbitrary code execution, or the like, if done via multisig, lightning pools, or even BitVM (as I understand it today). I push back when it is done in a way that could harm bitcoin decentralization (eg OP_CTV). 

What’s the difference? On-chain vs off-chain logic. 

CTV’s logic is on-chain so I’m concerned about CTV creating centralizing MEV and therefore potentially creating incentives that promote miner centralization. 

Let’s imagine that there was a trading marketplace on bitcoin where speculators were buying and selling securities, like how Uniswap enables trading on Ethereum. 

If bids, offers, and pending transactions were visible and transactable on-chain, there would be an incentive for traders to bribe miners to help them jump the queue to transact before other traders. These bribes would flow as out-of-band payments through private APIs to the largest miners, creating an advantage for larger miners (hence promoting centralization). 

There seems to be much less risk if the bids, offers, and pending transactions are off-chain and where the chain is only used for final settlement. For example, I don’t see any risk of people trading stocks on Nasdaq and settling with bitcoin. That’s just using bitcoin as money. No problems there! I DO see a big risk if people are trading stocks on a “bitcoin Uniswap” if there is any possibility that people may want to pay miners privately to jump the queue. 

This is why lightning pools and BitVM don’t concern me — the logic is off-chain and the chain is only used for final settlement. 

This is why I perceive a difference with CTV / Sapio. Everything seems to be on-chain. If someone could use it to create something like Uniswap then it poses a centralization risk to miners. 

You can also think about this another way, specifically that types of transactions classified as safe or unsafe. 

For example, the safest transactions are using the chain for final settlement, and are publicly broadcast so that no miner can have an advantage. 

Unsafe transactions are those using the chain for some other purpose where there is some incentive to connect privately to a large miner. (That’s why inscriptions were so bad. Promoting node centralization by filling the chain with spam, while promoting miner centralization through private transaction APIs. Double whammy!)

Eg, MARA’s Slipstream API:
https://x.com/JStefanop1/status/1760764664651133162

Jeremy was clear that OP_CTV could be used for anything. He even demo’ed playing tic tac toe on chain. This is why I put CTV in the unsafe category. 

I’m also not trying to quantify the risk. I’m in no position to assess whether it’s likely or not that someone will abuse CTV, CAT, etc, or how they might try. (And, nobody can really know.) My position is that these changes to the protocol should be rejected solely based on their architecture and potential for abuse.