Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 42D43E32 for ; Tue, 2 Feb 2016 01:40:51 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-qk0-f177.google.com (mail-qk0-f177.google.com [209.85.220.177]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 5A032159 for ; Tue, 2 Feb 2016 01:40:50 +0000 (UTC) Received: by mail-qk0-f177.google.com with SMTP id o6so60014006qkc.2 for ; Mon, 01 Feb 2016 17:40:50 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=coryfields-com.20150623.gappssmtp.com; s=20150623; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=iyPrToAYa5FjmgcrJqk/5lLGMFcfabBwgv4USdVgzDs=; b=WbPZ65Sy8pTHSfJ9eANZlsTfk5Q7I+YVt1nvTAatowwn4mXykahoYi72YRjwSt49Tl MSxPEsTybIctVqGTZP5O88si51FerA9OTEDOoPHHBkU3rskFAyh7E1F7FF/WLlsuKgZf jZup9rwS7LrtvosWQr0Uqj0ctKAIbxRF9Bek2ihyVMGhw6MFfQY2xUcOfvvbp5LzluMk PvYX727WWWPV/m64w2RqCNB2gB0lXgRIqdgReGQgiThk/8ZTtSUbShgpDyIF3dnBK6nY HXN0SAI29egLfZxPIWeZ5EhsGds9kuuU67HmuorplyVfXEAijV12eK18BQiB2DcpIU26 basA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=iyPrToAYa5FjmgcrJqk/5lLGMFcfabBwgv4USdVgzDs=; b=QGMUfJj3ap/pI8zCIGPtohbjhpbL7h3QYuUXfFAQAF5yx2tZOB28gCC4n6tNgwq2/A BFQ9Ny8WAeK4/j7yVCQVVZSRHtyR3IQ8RXKnFaW5LSeIkOblDr2SZ6E748iCAYsjLxRL tt5MppWnxTSXuXTuiDrwwBnq7Ce7Aeho7mxWOAru25Yg4Hu2RTqUMDuModjH8gyTmbhc vNL4O3wIxJS4/UQA24rIf5a9LAmtCDTkDLQdI+R+VB9l8f9RTZPtEJzzemvg3LUg72TF xHD3oDoHA1Lp/ud6Cyy1d5gWybbmuqNncbpp/9quOjWHxr95PrZ2uAU8KO5ioCmnrFHA njfw== X-Gm-Message-State: AG10YOR1sW4RkJBHAEjbM84nQhjjLDS3PXu6q/Q/is0y9HmDz1LMuboudh9zL7hv0NFPabIRfVv/WwY2b2/RiQ== MIME-Version: 1.0 X-Received: by 10.55.42.227 with SMTP id q96mr32145231qkq.101.1454377249378; Mon, 01 Feb 2016 17:40:49 -0800 (PST) Received: by 10.55.48.197 with HTTP; Mon, 1 Feb 2016 17:40:49 -0800 (PST) In-Reply-To: <201602012308.35215.luke@dashjr.org> References: <201601301850.03469.luke@dashjr.org> <201602011946.24405.luke@dashjr.org> <201602012308.35215.luke@dashjr.org> Date: Mon, 1 Feb 2016 20:40:49 -0500 Message-ID: From: Cory Fields To: Luke Dashjr Content-Type: text/plain; charset=UTF-8 X-Spam-Status: No, score=-1.0 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_LOW,URIBL_SBL autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Mailman-Approved-At: Tue, 02 Feb 2016 01:44:34 +0000 Cc: Bitcoin Dev Subject: Re: [bitcoin-dev] SegWit GBT updates X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Development Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 02 Feb 2016 01:40:51 -0000 On Mon, Feb 1, 2016 at 6:08 PM, Luke Dashjr wrote: > On Monday, February 01, 2016 9:43:33 PM Cory Fields wrote: >> On Mon, Feb 1, 2016 at 2:46 PM, Luke Dashjr wrote: >> > Allowing for simpler cases both encourages the lazy case, and enables >> > pools to require miners use it. It also complicates the server-side >> > implementation somewhat, and could in some cases make it more vulnerable >> > to DoS attacks. Keep in mind that GBT is not merely a bitcoind protocol, >> > but is used between pool<->miner as well... For now, it makes sense to >> > leave >> > "default_witness_commitment" as a bitcoind-specific extension to >> > encourage adoption, but it seems better to leave it out of the standard >> > protocol. Let me know if this makes sense or if I'm overlooking >> > something. >> >> I think that's a bit of a loaded answer. What's to keep a pool from >> building its own commitment and requiring miners to use that? I don't >> see how providing the known-working commitment for the >> passed-in-hashes allows the pool/miner to do anything they couldn't >> already, with the exception of skipping some complexity. Please don't >> confuse encouraging with enabling. > > Making it simpler to do a centralised implementation than a decentralised one, > is both enabling and encouraging. GBT has always been designed to make it > difficult to do in a centralised manner. > But your suggestion is "use libblkmaker" which will build the trees for me. By that logic, isn't libblkmaker making a centralized implementation easier? Shouldn't that usage be discouraged as well? And along those lines, shouldn't the fact that it's used as a pool <-> miner protocol be discouraged rather than touted as a feature? I don't wish to sound hostile, I'm just trying follow the logic. I can't rationalize why GBT shouldn't expose the commitment that it knows to be correct (when paired with the transactions it provides), purely to make things difficult. >> What's the DoS vector here? > > It's more work for the pool to provide it, similar to the "midstate" field was > with getwork. Someone performing a DoS needs to do less work to force the pool > to do complex calculations (unless the same transaction tree / commitment is > used for all miners, which would be an unfortunate limitation). It's being provided to them. And if they're using a modified set of tx's, they'll need to re-calculate it in order to verify the result anyway. I suspect I'm not understanding this argument. > >> >> The issue in particular here is that a non-trivial burden is thrust >> >> upon mining software, increasing the odds of bugs in the process. >> > >> > It can always use libblkmaker to handle the "heavy lifting"... In any >> > case, the calculation for the commitment isn't significantly more than >> > what it must already do for the stripped merkle tree. >> >> Agreed. However for the sake of initial adoption, it's much easier to >> have a known-correct value to use. Even if it's just for the sake of >> checking against. > > Sure, I'm not suggesting we remove this from bitcoind (probably the only place > that makes initial adoption easier). > How about exposing it as a feature/capability, then? That way pools can expect it from bitcoind, but won't be required to expose it downstream. >> >> [4]: >> >> https://github.com/theuni/ckpool/commit/7d84b1d76b39591cc1c1ef495ebec513 >> >> cb 19a08e >> > >> > I'm pretty sure this commit is actually /introducing/ a bug in working >> > (albeit ugly) code. The height, while always positive, is serialised as >> > a signed number, so 0x80 needs to be two bytes: 80 00. >> >> You're right, thanks. The current code breaks on heights of (for ex) >> 16513. I'll fix up my changes to take the sign bit into account. > > I'm curious what bug it was fixing? Was it overwriting data beyond the number? Using 16513 as an example: serialized by bitcoind: 0x028140 serialized by ckpool: 0x03814000 ckpool works because blocks after 32768 end up looking the same, but it will break again at 2113664. > > Luke