Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 397AD1097 for ; Mon, 1 Feb 2016 23:09:12 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from zinan.dashjr.org (zinan.dashjr.org [192.3.11.21]) by smtp1.linuxfoundation.org (Postfix) with ESMTP id A38CB16A for ; Mon, 1 Feb 2016 23:09:11 +0000 (UTC) Received: from ishibashi.localnet (unknown [IPv6:2001:470:5:265:61b6:56a6:b03d:28d6]) (Authenticated sender: luke-jr) by zinan.dashjr.org (Postfix) with ESMTPSA id 5F0C338A9581; Mon, 1 Feb 2016 23:08:36 +0000 (UTC) X-Hashcash: 1:25:160201:lists@coryfields.com::A14IjGD0NpNUEUjA:6/GA X-Hashcash: 1:25:160201:bitcoin-dev@lists.linuxfoundation.org::gITV6r24Z5TLxzTn:dYm+i From: Luke Dashjr To: Cory Fields Date: Mon, 1 Feb 2016 23:08:34 +0000 User-Agent: KMail/1.13.7 (Linux/4.1.13-gentoo; KDE/4.14.8; x86_64; ; ) References: <201601301850.03469.luke@dashjr.org> <201602011946.24405.luke@dashjr.org> In-Reply-To: X-PGP-Key-Fingerprint: E463 A93F 5F31 17EE DE6C 7316 BD02 9424 21F4 889F X-PGP-Key-ID: BD02942421F4889F X-PGP-Keyserver: hkp://pgp.mit.edu MIME-Version: 1.0 Content-Type: Text/Plain; charset="utf-8" Content-Transfer-Encoding: 7bit Message-Id: <201602012308.35215.luke@dashjr.org> X-Spam-Status: No, score=-0.7 required=5.0 tests=BAYES_00,RCVD_IN_SBL, RP_MATCHES_RCVD,URIBL_SBL autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Cc: Bitcoin Dev Subject: Re: [bitcoin-dev] SegWit GBT updates X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Development Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 01 Feb 2016 23:09:12 -0000 On Monday, February 01, 2016 9:43:33 PM Cory Fields wrote: > On Mon, Feb 1, 2016 at 2:46 PM, Luke Dashjr wrote: > > Allowing for simpler cases both encourages the lazy case, and enables > > pools to require miners use it. It also complicates the server-side > > implementation somewhat, and could in some cases make it more vulnerable > > to DoS attacks. Keep in mind that GBT is not merely a bitcoind protocol, > > but is used between pool<->miner as well... For now, it makes sense to > > leave > > "default_witness_commitment" as a bitcoind-specific extension to > > encourage adoption, but it seems better to leave it out of the standard > > protocol. Let me know if this makes sense or if I'm overlooking > > something. > > I think that's a bit of a loaded answer. What's to keep a pool from > building its own commitment and requiring miners to use that? I don't > see how providing the known-working commitment for the > passed-in-hashes allows the pool/miner to do anything they couldn't > already, with the exception of skipping some complexity. Please don't > confuse encouraging with enabling. Making it simpler to do a centralised implementation than a decentralised one, is both enabling and encouraging. GBT has always been designed to make it difficult to do in a centralised manner. > What's the DoS vector here? It's more work for the pool to provide it, similar to the "midstate" field was with getwork. Someone performing a DoS needs to do less work to force the pool to do complex calculations (unless the same transaction tree / commitment is used for all miners, which would be an unfortunate limitation). > >> The issue in particular here is that a non-trivial burden is thrust > >> upon mining software, increasing the odds of bugs in the process. > > > > It can always use libblkmaker to handle the "heavy lifting"... In any > > case, the calculation for the commitment isn't significantly more than > > what it must already do for the stripped merkle tree. > > Agreed. However for the sake of initial adoption, it's much easier to > have a known-correct value to use. Even if it's just for the sake of > checking against. Sure, I'm not suggesting we remove this from bitcoind (probably the only place that makes initial adoption easier). > >> [4]: > >> https://github.com/theuni/ckpool/commit/7d84b1d76b39591cc1c1ef495ebec513 > >> cb 19a08e > > > > I'm pretty sure this commit is actually /introducing/ a bug in working > > (albeit ugly) code. The height, while always positive, is serialised as > > a signed number, so 0x80 needs to be two bytes: 80 00. > > You're right, thanks. The current code breaks on heights of (for ex) > 16513. I'll fix up my changes to take the sign bit into account. I'm curious what bug it was fixing? Was it overwriting data beyond the number? Luke