Return-Path: Received: from smtp1.osuosl.org (smtp1.osuosl.org [IPv6:2605:bc80:3010::138]) by lists.linuxfoundation.org (Postfix) with ESMTP id 6F029C000B for ; Thu, 17 Mar 2022 14:04:46 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id 5DE4A847A9 for ; Thu, 17 Mar 2022 14:04:46 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -1.898 X-Spam-Level: X-Spam-Status: No, score=-1.898 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_NONE=0.001] autolearn=ham autolearn_force=no Authentication-Results: smtp1.osuosl.org (amavisd-new); dkim=pass (2048-bit key) header.d=jtimon-cc.20210112.gappssmtp.com Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id mn-2xwEVcMs9 for ; Thu, 17 Mar 2022 14:04:45 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 Received: from mail-yb1-xb33.google.com (mail-yb1-xb33.google.com [IPv6:2607:f8b0:4864:20::b33]) by smtp1.osuosl.org (Postfix) with ESMTPS id 24E148478E for ; Thu, 17 Mar 2022 14:04:44 +0000 (UTC) Received: by mail-yb1-xb33.google.com with SMTP id h126so10451188ybc.1 for ; Thu, 17 Mar 2022 07:04:44 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=jtimon-cc.20210112.gappssmtp.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=HJR+C4bB5gpylTsDtRd4zJNgmA/Frci+/8TQsk1PCHI=; b=8NVCft3ozEhDlsYfKEBJyeAB966AEzY1+yo9X/gBP6Xt0izYKlpJer5CeShA99UoCQ DBXF+nBJGvlykRsW34r7eirW6n7V7xqxhPfYQggHHQkqtjYDCZOHdqVvjygQ8fRsdkdE cxGxhxmwp+jQEhMEfJfPHqB35cOk2GNvdni5lchC7A2jvyXgmNEsn4tz+DCnKcB8/Gb5 86I1o0fJfOi3segymfIODmIxK6BzJYWYOqAaysRIziJ4V5AxoRJ5zM2KKh9p4u71main LWeWTuRvVNK88GJQLhx7ajz1NVrVk6S0rA4QM6xUX01mD7w1BytD8X4wH0Vl4bebdLjx SXBw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=HJR+C4bB5gpylTsDtRd4zJNgmA/Frci+/8TQsk1PCHI=; b=3dlSxw7eKjx6qQBK/1PWb7Ajv9MZSbr0yCql1S3x2gYctDZnP2skxXu+VSXLlDb9Jd xF6pb8h4OGynXDtl0afNIcuIncDegqUoTkrFM6/nB8JTzVdskDLv5quUV1j8VI+YCBHG 79yl0IR5Fd5Xx8i0alrZ1TF40Gtp2h6fgbPRk6mwbOVkQpOz0zTuNDEZDwm3tjhTSC+f S1juJPMu4n7ZKz92G1pfZy25O9hC18WkYYCwT1J97DgzXfgHcD/K4XprlDyZmhc2Q5ul ExGsBx/KlKk3zcd2V53Cu+niejX94VeOKtu04cdKMfap3DLsG3aMr7frI2R4iImUDUVZ ciIA== X-Gm-Message-State: AOAM532K4OPR6borGEGUXzVS/GAatVn0iIORRjpab/y9z19LnA5VEgI2 dYxSgkh170DZszuli+jVbyzfQIujmKkNv5Xcb8/OieQK+bWjawJI X-Google-Smtp-Source: ABdhPJxvltbh+g8fAE6CiKcGg2fr4lcybhhz1344FK/FcRkbm+Q0SqPhVISxisuBR4HmgXz9kZL2QLIiigi9l/O06ng= X-Received: by 2002:a5b:dc8:0:b0:624:a898:dea6 with SMTP id t8-20020a5b0dc8000000b00624a898dea6mr4913735ybr.600.1647525883560; Thu, 17 Mar 2022 07:04:43 -0700 (PDT) MIME-Version: 1.0 References: <20220315154549.GA7580@erisian.com.au> In-Reply-To: <20220315154549.GA7580@erisian.com.au> From: =?UTF-8?B?Sm9yZ2UgVGltw7Nu?= Date: Thu, 17 Mar 2022 15:04:32 +0100 Message-ID: To: Anthony Towns Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Mailman-Approved-At: Thu, 17 Mar 2022 14:13:01 +0000 Cc: Bitcoin Protocol Discussion Subject: Re: [bitcoin-dev] Speedy Trial X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 Mar 2022 14:04:46 -0000 On Tue, Mar 15, 2022 at 4:45 PM Anthony Towns wrote: > > On Fri, Mar 11, 2022 at 02:04:29PM +0000, Jorge Tim=C3=B3n via bitcoin-de= v wrote: > People opposed to having taproot transactions in their chain had over > three years to do that coordination before an activation method was merge= d > [0], and then an additional seven months after the activation method was = merged before taproot enforcement began [1]. > > [0] 2018-01-23 was the original proposal, 2021-04-15 was when speedy > trial activation parameters for mainnet and testnet were merged. > [1] 2021-11-14 People may be opposed only to the final version, but not the initial one or the fundamental concept. Please, try to think of worse case scenarios. Perhaps there's no opposition until after activation code has been released and miners are already starting to signal. Perhaps at that moment a reviewer comes and points out a fatal flaw. > For comparison, the UASF activation attempt for segwit took between 4 > to 6 months to coordinate, assuming you start counting from either the > "user activated soft fork" concept being raised on bitcoin-dev or the > final params for BIP 148 being merged into the bips repo, and stop > counting when segwit locked in. That was extremely risky and could have been a disaster. It went well, but in my opinion a BIP8 approach from the beginning would have been much less risky. Instead of improvising these things we should plan ahead. But for "user forced" activations and for "user forced" rejections. Just remember you may reject your own code. > > Please, try to imagine an example for an activation that you wouldn't l= ike > > yourself. Imagine it gets proposed and you, as a user, want to resist i= t. > > Sure. There's more steps than just "fork off onto a minority chain" > though. > > 1) The first and most important step is to explain why you want to > resist it, either to convince the proposers that there really is > a problem and they should stand down, or so someone can come up > with a way of fixing the proposal so you don't need to resist it. > Ideally, that's all that's needed to resolve the objections. (That's > what didn't happen with opposition to segwit) Agreed, for any given proposal, the first approach should be rational discussion. Some times we consider other arguments irrational simply because we don't understand them though. > 2) If that somehow doesn't work, and people are pushing ahead with a > consensus change despite significant reasonable opposition; the next > thing to do would be to establish if either side is a paper tiger > and setup a futures market. That has the extra benefit of giving > miners some information about which (combination of) rules will be > most profitable to mine for. > > Once that's setup and price discovery happens, one side or the other > will probably throw in the towel -- there's not much point have a > money that other people aren't interested in using. (And that more > or less is what happened with 2X) Future markets can be manipulated. Regarding 2x, that's not how I remember it. If I remember correctly, "discovered" a price in btc for bcash that was orders of magnitude higher than what it is today. > If a futures market like that is going to be setup, I think it's > best if it happens before signalling for the soft fork starts -- > the information miners will get from it is useful for figuring out > how much resources to invest in signalling, eg. I think it might even > be feasible to set something up even before activation parameters are > finalised; you need something more than just one-on-one twitter bets > to get meaningful price discovery, but I think you could probably > build something based on a reasonably unbiassed oracle declaring an > outcome, without precisely defined parameters fixed in a BIP. Whatever miners signal, until there are two chains and their real rewards can be traded, it's hard to know what they will mine afterwards. They could signal a change with 100% and then after it is activated on one chain and resisted on another, they 95% of them may switch to the old chain simply because its rewards are 20 times more valuable. This may happen 3 days after activation or 3 months, or more. It could depend on how fast some relevant information about the new change spreads. Which is specially hard to estimate in a censored world like ours. > So if acting like reasonable people and talking it through doesn't > work, this seems like the next step to me. Not to me, but you're free to create your future markets or trade in them. I wouldn't do any of them, and I would advice against it. > 3) But maybe you try both those and they fail and people start trying > to activate the soft fork (or perhaps you just weren't paying > attention until it was too late, and missed the opportunity). Yes, some changes may be rejected late because some people weren't paying attention or weren't paid attention, indeed. Or perhaps it's your own proposal and you realize it is flawed yourself. There are infinite hypothetical scenarios we could consider for this to happen. > I think the speedy trial approach here is ideal for a last ditch > "everyone stays on the same chain while avoiding this horrible change= " > attempt. The reason being that it allows everyone to agree to not > adopt the new rules with only very little cost: all you need is for > 10% of hashpower to not signal over a three month period. No, 10% of hashpower is not "very little cost", that's very expensive. > That's cheaper than bip9 (5% over 12 months requires 2x the > cumulative hashpower), and much cheaper than bip8 which requires > users to update their software Updating software is not expensive. the code for bip8 could have been merged long before taproot was even initially proposed. It could be merged now before another proposal. Updating software is certainly not more expensive than getting 10% of the hashrate. > 4) At this point, if you were able to prevent activation, hopefully > that's enough of a power move that people will take your concerns > seriously, and you get a second chance at step (1). If that still > results in an impasse, I'd expect there to be a second, non-speedy > activation of the soft fork, that either cannot be blocked at all, or > cannot be blocked without having control of at least 60% of hashpower= . And if you never got 10% hashpower, we move to the next step, I guess. > 5) If you weren't able to prevent activation (whether or not you > prevented speedy trial from working), then you should have a lot > of information: > > - you weren't able to convince people there was a problem > > - you either weren't in the economic majority and people don't > think your concept of bitcoin is more valuable (perhaps they > don't even think it's valuable enough to setup a futures market > for you) > > - you can't get control of even 10% of hashpower for a few months > > and your only option is to accept defeat or create a new chain. What if it's still the other people who are lacking information? It wouldn't be a new chain, it would be the old chain without the new evil change, until you manage to show the other people that the change was indeed evil. Remember, in this example, the new change being evil is not a possibility, but an assumption. What you're arguing is "if you haven't been able to stop the evil change, then perhaps it wasn't evil all along and the people trying to resist it were wrong and don't know it". But that contradicts the premise: an evil change being deployed using speedy trial. > Since your new chain won't have a hashpower majority, you'll likely > have significant problems if you don't hard fork in a change to > how proof-of-work works; my guess is you'd either want to switch > to a different proof-of-work algorithm, or make your chain able > to be merge-mined against bitcoin, though just following BCH/BSV's > example and tweaking the difficulty adjustment to be more dynamic > could work too. No, I disagree. You'll just get the hashpower you pay for with subsidy and = fees. A better difficulty update filter and merge mining could help you, I guess. But that could be a threat on its own. Also, as pointed out earlier, "mining majority" is dynamic and depends on the rewards. > (For comparison, apparently BCH has 0.8% of bitcoin's hashrate, > BSV has 0.2%. Meanwhile, Namecoin, RSK and Syscoin, which support > merge-mining, are apparently at 68%, 42% and 17% respectively) Google tells me 0.0073BTC. In perfect competition and leaving fees aside (in which probably bitcoin wins too), BCH should have approximately 0.0073% the hashrate bitcoin hash. This tells me someone who likes BCH is throwing money away to subsidize its security. Or perhaps it's something else I'm not taking into account or your estimate is wrong. But BCH having 0.8% of bitcoin's hashrate sounds like too much to me. And yet, what did your future markers "discovered" pre hard fork? > At the point that you're doing a hard fork, making a clean split is > straightforward: schedule the hard fork for around the same time as > the start of enforcement of the soft fork you oppose, work out how > to make sure you're on your own p2p network, and figure out how > exchanges and lightning channels and everything else are going to > cope with the coin split. You shouldn't need to do a hardfork to resist a consensus change you don't = like. "around the same time", with bip8 and the resistance mechanism proposed by luke, it doesn't need to be "around the same time according to some expert who will tell you what to put in your software", but "exactly at the same time, and you only need to know which pproposal version bit you're opposing". > 6) There's potentially also the case where a soft fork locks-in > and later everyone realises the people who were opposing it were > right all along and the fork is a really bad idea. > > If everyone agreed that some idea was irredeemably bad -- eg, > OP_VERIF -- then we could soft fork them out and just forbid > blocks/transactions that attempt to use them. Or conceivably we could > do a hardfork and have more options about how to fix the problem. Yeah, great example. It doesn't have to be an "evil change" as such, it can just be a "deeply wrong change" or something. Or if we were using BIP8 and had the resistance mechanism proposed by luke, all we would need to do is change one line and recompile: I don't remember his enumeration constants but, something like... - bip8Params.EvilProposalActivationMode =3D FORCE_ACTIVATION; + bip8Params.EvilProposalActivationMode =3D FORBID_ACTIVATION; Say we discover it 3 days before forced activation. Well, that would still be much less rushed that the berkeleyDB thing, wouldn't it? As you point out, after activation it is much more painful to fix things. In some cases a hardfork may be the best solution a posteriori, but I guess that gets out of the scope for activation mechanisms. If there's only opposition after it is deployed, whatever the activation mechanism, in that particular case, would be irrelevant. Whatever evil change it was, we would have probably swallowed whatever the activation mechanism, because we only thought it evil or wrong a posteriori.