# Re: Not a suggestion

Post by: satoshi on August 11, 2010, 12:14:22 AM

This is a very interesting topic. &nbsp;If a solution was found, a much better, easier, more convenient implementation of Bitcoin would be possible.

Originally, a coin can be just a chain of signatures. &nbsp;With a timestamp service, the old ones could be dropped eventually before there's too much backtrace fan-out, or coins could be kept individually or in denominations. &nbsp;It's the need to check for the absence of double-spends that requires global knowledge of all transactions.

The challenge is, how do you prove that no other spends exist? &nbsp;It seems a node must know about all transactions to be able to verify that. &nbsp;If it only knows the hash of the in/outpoints, it can't check the signatures to see if an outpoint has been spent before. &nbsp;Do you have any ideas on this?

It's hard to think of how to apply zero-knowledge-proofs in this case.

We're trying to prove the absence of something, which seems to require knowing about all and checking that the something isn't included.

---

Source file: bitcoin-forum-satoshi-nakamoto.tgz

External link: https://bitcointalk.org/index.php?topic=770.msg8637#msg8637