summaryrefslogtreecommitdiff
path: root/6b/05af6b2582c8deed8cadfa8191a2a95f709996
blob: 6154fc3b7d434e6a15049ed0b73c46261ed220ee (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
Return-Path: <eric@voskuil.org>
Received: from whitealder.osuosl.org (smtp1.osuosl.org [140.211.166.138])
 by lists.linuxfoundation.org (Postfix) with ESMTP id 8B6EEC0051
 for <bitcoin-dev@lists.linuxfoundation.org>;
 Tue, 18 Aug 2020 17:16:15 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by whitealder.osuosl.org (Postfix) with ESMTP id 7FF19864B2
 for <bitcoin-dev@lists.linuxfoundation.org>;
 Tue, 18 Aug 2020 17:16:15 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from whitealder.osuosl.org ([127.0.0.1])
 by localhost (.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id gPrEtiv0ZcQm
 for <bitcoin-dev@lists.linuxfoundation.org>;
 Tue, 18 Aug 2020 17:16:14 +0000 (UTC)
X-Greylist: delayed 00:15:39 by SQLgrey-1.7.6
Received: from mail-vs1-f46.google.com (mail-vs1-f46.google.com
 [209.85.217.46])
 by whitealder.osuosl.org (Postfix) with ESMTPS id E282486174
 for <bitcoin-dev@lists.linuxfoundation.org>;
 Tue, 18 Aug 2020 17:16:13 +0000 (UTC)
Received: by mail-vs1-f46.google.com with SMTP id a1so10513618vsp.4
 for <bitcoin-dev@lists.linuxfoundation.org>;
 Tue, 18 Aug 2020 10:16:13 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=voskuil-org.20150623.gappssmtp.com; s=20150623;
 h=content-transfer-encoding:from:mime-version:subject:date:message-id
 :references:cc:in-reply-to:to;
 bh=Jc53nrAqFJzWpeihvWmPt4pPa8IxoJsUWg6qJW7UN5M=;
 b=DolzfglfOiWu9znjkfmx0i9K7jHIMlUbIZxHMKdc1vFGc0DpuM2v8vvR+DJr5jvgzo
 +0f44HohXAKxhDO48sD/n1dsCS7w1nQGz6j3OT/H7edjjwFLXAWsvstrJgPYzkSGJfIX
 cw7WK1FOSgtpu+1O/2FlZ4MqVCDXjNZzTEMgBBciLLhpLFI8ZxTWc6fvkA4RIjdkRQOa
 GTllFVoLmYlO6Np9gJpOUtXQKXYVLpAxkzRsVc+U97XIlVHyK4Wd6rsPZmPn6bYNZrHQ
 5gcMT3+fnms32b8Rma1+kdYPpA0jEuHPEgsIbvPbcjOtmmoZeV3aznnXOFgWJ8g2XB6m
 rCbA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:content-transfer-encoding:from:mime-version
 :subject:date:message-id:references:cc:in-reply-to:to;
 bh=Jc53nrAqFJzWpeihvWmPt4pPa8IxoJsUWg6qJW7UN5M=;
 b=ldXJPBvZiaaOTCXM1gVPDadCViqUTDxanvDAJD8JHOvRZJLJKfNdoYPF5Js4XgeEnO
 r2He7cj3bdNGGrWIimr6TDYpVt219if2ID13LQFFAemX9TGuiwjMEVRnHpNwVHsht0aY
 56q/WoHXF/uKk0xnh+nXFf6B+Jzb8J6uEh1AC1Ba4j1O1Zny9Zwj+yynwO7nCpa9IOLD
 iVZ/QzDd7cJ3j5gCONA5fS/s1JGo7yBGyG0xwkFllezs0CGWvxFITXrMCMM1TdhUY4qQ
 /gh40DH2MEmFNaF+T5kr4JB0Cusn2dZTRMb/LGgsrOQJxn+6Nz2KS7zs0z8FAXzbrA71
 MAtw==
X-Gm-Message-State: AOAM531wdwaGM+sui7P8aQVwujrIQKgaH8B7cYt3BaFtSYIIllkqT9Ft
 388gLBMEgA6qwCYmX+CLKTfXW3Y5U5I93ddJ
X-Google-Smtp-Source: ABdhPJw5hlnUT042QEXN8VVf5nfJ/AVjoGh4l18JeMOpvK6M3qXTCL5XvWjntUdRahMujDusex5lVw==
X-Received: by 2002:a62:838a:: with SMTP id h132mr15784812pfe.72.1597769699983; 
 Tue, 18 Aug 2020 09:54:59 -0700 (PDT)
Received: from [10.0.1.161] (c-73-109-7-33.hsd1.wa.comcast.net. [73.109.7.33])
 by smtp.gmail.com with ESMTPSA id
 n3sm25092146pfq.131.2020.08.18.09.54.59
 (version=TLS1_3 cipher=TLS_AES_128_GCM_SHA256 bits=128/128);
 Tue, 18 Aug 2020 09:54:59 -0700 (PDT)
Content-Type: multipart/alternative;
 boundary=Apple-Mail-601D1338-A5BA-40E5-8410-A242E48E8B36
Content-Transfer-Encoding: 7bit
From: Eric Voskuil <eric@voskuil.org>
Mime-Version: 1.0 (1.0)
Date: Tue, 18 Aug 2020 09:54:58 -0700
Message-Id: <84F1FD44-0482-4F77-8FFA-65492E445D23@voskuil.org>
References: <8a7031f2-a598-ac09-f2df-1672cd82980b@mattcorallo.com>
In-Reply-To: <8a7031f2-a598-ac09-f2df-1672cd82980b@mattcorallo.com>
To: Matt Corallo <lf-lists@mattcorallo.com>,
 Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
X-Mailer: iPhone Mail (17G68)
X-Mailman-Approved-At: Tue, 18 Aug 2020 17:28:28 +0000
Subject: Re: [bitcoin-dev] Generalizing feature negotiation when new p2p
	connections are setup
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>, 
 <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>, 
 <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Tue, 18 Aug 2020 17:16:15 -0000


--Apple-Mail-601D1338-A5BA-40E5-8410-A242E48E8B36
Content-Type: text/plain;
	charset=utf-8
Content-Transfer-Encoding: quoted-printable

=E2=80=9CBitcoin protocol has always expected clients to ignore unknown mess=
ages=E2=80=9D

This is not true. Bitcoin has long implemented version negotiation, which is=
 the opposite expectation. Libbitcoin=E2=80=99s p2p protocol implementation i=
mmediately drops a peer that sends an invalid message according to the negot=
iated version. The fact that a given client does not validate the protocol d=
oes not make it an expectation that the protocol not be validated.

Features can clearly be optional within an actual protocol. There have been p=
ost-handshake negotiations implemented for optional messages which are valid=
 at the negotiated version. The protocol may be flexible while remaining val=
idateable. There is no reason to force a client to accept unknown message tr=
affic.

A generalized versioning change can be implemented in or after the handshake=
. The latter is already done on an ad-hoc basis. The former is possible as l=
ong as the peer=E2=80=99s version is sufficient to be aware of the behavior.=
 This does not imply any need to send invalid messages. The verack itself ca=
n simply be extended with a matrix of feature support. There is no reason to=
 complicate negotiation with an additional message(s).

FWIW, bip37 did this poorly, adding a feature field to the version message, r=
esulting in bip60. Due to this design, older protocol-validating clients wer=
e broken. In this case it was message length that was presumed to not be val=
idated.

e

> On Aug 18, 2020, at 07:59, Matt Corallo via bitcoin-dev <bitcoin-dev@lists=
.linuxfoundation.org> wrote:
>=20
> =EF=BB=BFThis sounds like a great idea!
>=20
> Bitcoin is no longer a homogeneous network of one client - it is many, wit=
h different features implemented in each. The Bitcoin protocol hasn't (fully=
) evolved to capture that reality. Initially the Bitcoin protocol had a simp=
le numerical version field, but that is wholly impractical for any diverse n=
etwork - some clients may not wish to implement every possible new relay mec=
hanic, and why should they have to in order to use other new features?
>=20
> Bitcoin protocol changes have, many times in recent history, been made via=
 new dummy "negotiation" messages, which take advantage of the fact that the=
 Bitcoin protocol has always expected clients to ignore unknown messages. Gi=
ven that pattern, it makes sense to have an explicit negotiation phase - aft=
er version and before verack, just send the list of features that you suppor=
t to negotiate what the connection will be capable of. The exact way we do t=
hat doesn't matter much, and sending it as a stream of messages which each i=
ndicate support for a given protocol feature perfectly captures the pattern t=
hat has been used in several recent network upgrades, keeping consistency.
>=20
> Matt
>=20
>> On 8/14/20 3:28 PM, Suhas Daftuar via bitcoin-dev wrote:
>> Hi,
>> Back in February I posted a proposal for WTXID-based transaction relay[1]=
 (now known as BIP 339), which included a proposal for feature negotiation t=
o take place prior to the VERACK message being received by each side.  In my=
 email to this list, I had asked for feedback as to whether that proposal wa=
s problematic, and didn't receive any responses.
>> Since then, the implementation of BIP 339 has been merged into Bitcoin Co=
re, though it has not yet been released.
>> In thinking about the mechanism used there, I thought it would be helpful=
 to codify in a BIP the idea that Bitcoin network clients should ignore unkn=
own messages received before a VERACK.  A draft of my proposal is available h=
ere[2].
>> I presume that software upgrading past protocol version 70016 was already=
 planning to either implement BIP 339, or ignore the wtxidrelay message prop=
osed in BIP 339 (if not, then this would create network split concerns in th=
e future -- so I hope that someone would speak up if this were a problem).  W=
hen we propose future protocol upgrades that would benefit from feature nego=
tiation at the time of connection, I think it would be nice to be able to us=
e the same method as proposed in BIP 339, without even needing to bump the p=
rotocol version.  So having an understanding that this is the standard of ho=
w other network clients operate would be helpful.
>> If, on the other hand, this is problematic for some reason, I look forwar=
d to hearing that as well, so that we can be careful about how we deploy fut=
ure p2p changes to avoid disruption.
>> Thanks,
>> Suhas Daftuar
>> [1] https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2020-February=
/017648.html <https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2020-Fe=
bruary/017648.html>
>> [2] https://github.com/sdaftuar/bips/blob/2020-08-generalized-feature-neg=
otiation/bip-p2p-feature-negotiation.mediawiki <https://github.com/sdaftuar/=
bips/blob/2020-08-generalized-feature-negotiation/bip-p2p-feature-negotiatio=
n.mediawiki>
>> _______________________________________________
>> bitcoin-dev mailing list
>> bitcoin-dev@lists.linuxfoundation.org
>> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev

--Apple-Mail-601D1338-A5BA-40E5-8410-A242E48E8B36
Content-Type: text/html;
	charset=utf-8
Content-Transfer-Encoding: quoted-printable

<html><head><meta http-equiv=3D"content-type" content=3D"text/html; charset=3D=
utf-8"></head><body dir=3D"auto"><div dir=3D"ltr">=E2=80=9CBitcoin protocol h=
as always expected clients to ignore unknown messages=E2=80=9D</div><div dir=
=3D"ltr"><br></div><div dir=3D"ltr">This is not true. Bitcoin has long imple=
mented version negotiation, which is the opposite expectation. Libbitcoin=E2=
=80=99s p2p protocol implementation immediately drops a peer that sends an i=
nvalid message according to the negotiated version.&nbsp;<span style=3D"care=
t-color: rgb(0, 0, 0); color: rgb(0, 0, 0);">The fact that a given client do=
es not validate the protocol does not make it an expectation that the protoc=
ol not be validated.</span></div><div dir=3D"ltr"><br></div><div dir=3D"ltr"=
><span style=3D"caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);">Features ca=
n clearly be optional within an actual protocol.&nbsp;</span><span style=3D"=
caret-color: rgb(0, 0, 0); color: rgb(0, 0, 0);">There have been post-handsh=
ake negotiations implemented for optional messages which are valid at the ne=
gotiated version. The protocol may be flexible while remaining validateable.=
 There is no reason to force a client to accept unknown message traffic.</sp=
an></div><div dir=3D"ltr"><span style=3D"caret-color: rgb(0, 0, 0); color: r=
gb(0, 0, 0);"><br></span></div><div dir=3D"ltr"><font color=3D"#000000"><spa=
n style=3D"caret-color: rgb(0, 0, 0);">A generalized versioning change can b=
e implemented in or after the handshake. The latter is already done on an ad=
-hoc basis. The former is possible as long as the peer=E2=80=99s version is s=
ufficient to be aware of the behavior. This does not imply any need to send i=
nvalid messages. The verack itself can simply be extended with a matrix of f=
eature support. There is no reason to complicate negotiation with an additio=
nal message(s).</span></font></div><div dir=3D"ltr"><font color=3D"#000000">=
<span style=3D"caret-color: rgb(0, 0, 0);"><br></span></font></div><div dir=3D=
"ltr"><font color=3D"#000000"><span style=3D"caret-color: rgb(0, 0, 0);">FWI=
W, bip37 did this poorly, adding a feature field to the version message, res=
ulting in bip60. Due to this design, older protocol-validating clients were b=
roken. In this case it was message length that was presumed to not be valida=
ted.</span></font></div><div dir=3D"ltr"><br></div><div dir=3D"ltr">e</div><=
div dir=3D"ltr"><br><blockquote type=3D"cite">On Aug 18, 2020, at 07:59, Mat=
t Corallo via bitcoin-dev &lt;bitcoin-dev@lists.linuxfoundation.org&gt; wrot=
e:<br><br></blockquote></div><blockquote type=3D"cite"><div dir=3D"ltr">=EF=BB=
=BF<span>This sounds like a great idea!</span><br><span></span><br><span>Bit=
coin is no longer a homogeneous network of one client - it is many, with dif=
ferent features implemented in each. The Bitcoin protocol hasn't (fully) evo=
lved to capture that reality. Initially the Bitcoin protocol had a simple nu=
merical version field, but that is wholly impractical for any diverse networ=
k - some clients may not wish to implement every possible new relay mechanic=
, and why should they have to in order to use other new features?</span><br>=
<span></span><br><span>Bitcoin protocol changes have, many times in recent h=
istory, been made via new dummy "negotiation" messages, which take advantage=
 of the fact that the Bitcoin protocol has always expected clients to ignore=
 unknown messages. Given that pattern, it makes sense to have an explicit ne=
gotiation phase - after version and before verack, just send the list of fea=
tures that you support to negotiate what the connection will be capable of. T=
he exact way we do that doesn't matter much, and sending it as a stream of m=
essages which each indicate support for a given protocol feature perfectly c=
aptures the pattern that has been used in several recent network upgrades, k=
eeping consistency.</span><br><span></span><br><span>Matt</span><br><span></=
span><br><span>On 8/14/20 3:28 PM, Suhas Daftuar via bitcoin-dev wrote:</spa=
n><br><blockquote type=3D"cite"><span>Hi,</span><br></blockquote><blockquote=
 type=3D"cite"><span>Back in February I posted a proposal for WTXID-based tr=
ansaction relay[1] (now known as BIP 339), which included a proposal for fea=
ture negotiation to take place prior to the VERACK message being received by=
 each side.&nbsp; In my email to this list, I had asked for feedback as to w=
hether that proposal was problematic, and didn't receive any responses.</spa=
n><br></blockquote><blockquote type=3D"cite"><span>Since then, the implement=
ation&nbsp;of BIP 339 has been merged into Bitcoin Core, though it has not y=
et been released.</span><br></blockquote><blockquote type=3D"cite"><span>In t=
hinking about the mechanism used there, I thought it would&nbsp;be helpful t=
o codify in a BIP the idea that Bitcoin network clients should ignore unknow=
n messages received before a VERACK.&nbsp; A draft of my proposal is availab=
le here[2].</span><br></blockquote><blockquote type=3D"cite"><span>I presume=
 that software upgrading past protocol version 70016 was already planning to=
 either implement BIP 339, or ignore the wtxidrelay message proposed in BIP 3=
39 (if not, then this would create network split concerns in the future -- s=
o I hope that someone would speak up if this were a problem).&nbsp; When we p=
ropose future protocol upgrades that would benefit from feature negotiation a=
t the time of connection, I think it would be nice to be able to use the sam=
e method as proposed in BIP 339, without even needing to bump the protocol v=
ersion.&nbsp; So having an understanding that this is the standard of how ot=
her network clients operate would be helpful.</span><br></blockquote><blockq=
uote type=3D"cite"><span>If, on the other hand, this is problematic for some=
 reason, I look forward to hearing that as well, so that we can be careful a=
bout how we deploy future p2p changes to avoid disruption.</span><br></block=
quote><blockquote type=3D"cite"><span>Thanks,</span><br></blockquote><blockq=
uote type=3D"cite"><span>Suhas Daftuar</span><br></blockquote><blockquote ty=
pe=3D"cite"><span>[1] https://lists.linuxfoundation.org/pipermail/bitcoin-de=
v/2020-February/017648.html &lt;https://lists.linuxfoundation.org/pipermail/=
bitcoin-dev/2020-February/017648.html&gt;</span><br></blockquote><blockquote=
 type=3D"cite"><span>[2] https://github.com/sdaftuar/bips/blob/2020-08-gener=
alized-feature-negotiation/bip-p2p-feature-negotiation.mediawiki &lt;https:/=
/github.com/sdaftuar/bips/blob/2020-08-generalized-feature-negotiation/bip-p=
2p-feature-negotiation.mediawiki&gt;</span><br></blockquote><blockquote type=
=3D"cite"><span>_______________________________________________</span><br></=
blockquote><blockquote type=3D"cite"><span>bitcoin-dev mailing list</span><b=
r></blockquote><blockquote type=3D"cite"><span>bitcoin-dev@lists.linuxfounda=
tion.org</span><br></blockquote><blockquote type=3D"cite"><span>https://list=
s.linuxfoundation.org/mailman/listinfo/bitcoin-dev</span><br></blockquote><s=
pan>_______________________________________________</span><br><span>bitcoin-=
dev mailing list</span><br><span>bitcoin-dev@lists.linuxfoundation.org</span=
><br><span>https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev</s=
pan><br></div></blockquote></body></html>=

--Apple-Mail-601D1338-A5BA-40E5-8410-A242E48E8B36--