this post was submitted on 09 Dec 2023
11 points (73.9% liked)
Monero
1653 readers
24 users here now
This is the lemmy community of Monero (XMR), a secure, private, untraceable currency that is open-source and freely available to all.
Wallets
Android (Cake Wallet) / (Monero.com)
iOS (Cake Wallet) / (Monero.com)
Instance tags for discoverability:
Monero, XMR, crypto, cryptocurrency
founded 1 year ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
In MW, if you keep a copy of every transaction you've ever signed that has been broadcast, their signature is in it as well so it is trivial to prove payment was made. You don't get to store it for free forever on other people's hard drives if they turn around and spend the output, but you're free to keep a ledger of your own payments and they are provable.
Cahsiers have to put the money in the register to get change.
You make a good point about the ever growing blockchain of unspent outputs in lost wallets. And with an ever growing supply like grin or Monero, this will ultimately grow to infinity. The curve is very different than linear growth with the size of all combined transactions every block, so nowhere near as bad but it's still there. Pruning ancient ones... I don't know that I like that. We do pay a cost to continuous record on the blockchain, and that is in the form of inflation of the supply forever. It acts as a tax to use the blockchain to store our wealth, it doesn't go to every done but it does go to miners. We even pay on proportion to the value we get, since every unit is debased the same amount.
I was trying to come up with a scheme by which you could prune transactions if they're too old, but allow for someone to broadcast the unspent tx again to get it included again, but we run into the problem you mentioned, once it's gone from the ledger there's no previous transaction to reference that it is valid. You can show the signed transaction but there's no way yo know if it was valid when you signed it.
Currently MW is Andrew Poelstra's modification to it, which includes block kernels, so there is always proof that an old transaction happened. This defeats the memoryless purpose of MW the way it was initially designed, it was done to give MW programmability, and it does solve this problem of the entire record being gone, but it leaves us with an ever growing blockchain, albeit a much slower growing one because you only need the last unspent output and the transaction kernels from it's history rather than the whole set of them from every block. Like I said above, I think we can get programmability without these kernels, but we wouldn't be able to prune ancient unspent outputs while giving the owner a way to prove they existed if in fact the wallet isn't dead, and that is unsound if you want to be able to store value indefinitely, pruning ancient wallets in an irreversible way is just not an option.