1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
|
Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192]
helo=mx.sourceforge.net)
by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <zooko@zooko.com>) id 1V213l-0004Yo-ND
for bitcoin-development@lists.sourceforge.net;
Wed, 24 Jul 2013 15:33:01 +0000
X-ACL-Warn:
Received: from 216-155-145-223.cinfuserver.com ([216.155.145.223]
helo=zooko.com)
by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:AES256-SHA:256)
(Exim 4.76) id 1V213k-00065X-0t
for bitcoin-development@lists.sourceforge.net;
Wed, 24 Jul 2013 15:33:01 +0000
Received: by zooko.com (Postfix, from userid 1000)
id 8217F1F30055; Wed, 24 Jul 2013 19:32:52 +0400 (MSK)
Date: Wed, 24 Jul 2013 19:32:52 +0400
From: zooko <zooko@zooko.com>
To: Jeff Garzik <jgarzik@bitpay.com>
Message-ID: <20130724153251.GE1009@zooko.com>
References: <CANEZrP2GvgZP_1z3EoSs3p+db7tZB6JfEVAewLpGE5eRpGgR3w@mail.gmail.com>
<smumwpcg8sw.fsf@linuxpal.mit.edu>
<CAAS2fgTxU4fb6n+fHPomOVDkEY+uoepd7QTPMxbxALYm2Sf3kg@mail.gmail.com>
<20130724023526.GD1009@zooko.com>
<CAAS2fgQJ6B5q4xmB-UfC=jeiYDkqxK71oTvtp7MqHXRn43duTQ@mail.gmail.com>
<CANEZrP00vN0TFsxnpSO3RoC_aiAbGS9LG9KXM1+KqWRv8YsJXg@mail.gmail.com>
<CAJHLa0OrYZbPCBfuuLLj4rCj45WvEgqaH5YS=Zr1i9i+m6hPTg@mail.gmail.com>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <CAJHLa0OrYZbPCBfuuLLj4rCj45WvEgqaH5YS=Zr1i9i+m6hPTg@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-Spam-Score: 1.0 (+)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
0.0 TVD_RCVD_IP TVD_RCVD_IP
1.0 RDNS_DYNAMIC Delivered to internal network by host with
dynamic-looking rDNS
X-Headers-End: 1V213k-00065X-0t
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>,
Greg Troxel <gdt@work.lexort.com>
Subject: Re: [Bitcoin-development] Linux packaging letter
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Wed, 24 Jul 2013 15:33:01 -0000
On Wed, Jul 24, 2013 at 09:52:33AM -0400, Jeff Garzik wrote:
>
> I'm working on a more digestable alternative:
> https://gist.github.com/jgarzik/6065679
Hi Jeff! Thanks for working on it. Even if that letter
(https://gist.github.com/jgarzik/6065679) doesn't supplant
https://docs.google.com/a/leastauthority.com/document/d/1naenR6N6fMWSpHM0f4jpQhYBEkCEQDbLBs8AXC19Y-o/edit#heading=h.i7tz3gqh65mi
as a message-to-packagers, it looks like it will still turn out to be a useful
text.
My first question about it is this part:
"""
Make a mistake, lose $1 billion
The consequences of bitcoin consensus failure are very high, comparable to avionics or medical device software. As of this writing, over $1 billion of value depends on bitcoin software being able to reliably achieve consensus over the worldwide Internet. This is the digital equivalent of Fort Knox: consensus must be achieved, or bitcoin has no value.
"""
This makes it sound like if, for example, Debian were to link bitcoind to the
system leveldb, and then upgrade the system leveldb to fix a bug that affects
bitcoind, that this would spell the end of Bitcoin.
I hope that's not true!
I'd like to try to be more specific about two things:
1. What is the behavior that a dependency or a patch could cause that would be
problematic? I liked what Luke-Jr said earlier in this thread -- that in some
cases a bitcoin node (i.e. a bitcoind process) needs certain bugs or
limitations in order to maintain consensus with other bitcoin nodes. Maybe you
could use a statement like that, without attempting to explain in *what* cases
that applies.
2. What is the consequence if this goes wrong? This is something I don't
understand as well. I think the answer is:
2.a. All bitcoin nodes which encounter one of these cases and are
differently-buggy than the upstream bitcoind form their own consensus,
causing a blockchain fork.
2.b. There is a risk of double-spending attacks.
2.c. The process for healing a blockchain fork is not very smooth or
well-understood.
Regards,
Zooko
|