1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
|
Return-Path: <dave@dtrt.org>
Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133])
by lists.linuxfoundation.org (Postfix) with ESMTP id 77DF8C0037;
Fri, 29 Dec 2023 18:30:33 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
by smtp2.osuosl.org (Postfix) with ESMTP id 3E96840128;
Fri, 29 Dec 2023 18:30:33 +0000 (UTC)
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org 3E96840128
X-Virus-Scanned: amavisd-new at osuosl.org
X-Spam-Flag: NO
X-Spam-Score: -1.902
X-Spam-Level:
X-Spam-Status: No, score=-1.902 tagged_above=-999 required=5
tests=[BAYES_00=-1.9, SPF_HELO_PASS=-0.001, SPF_PASS=-0.001]
autolearn=ham autolearn_force=no
Received: from smtp2.osuosl.org ([127.0.0.1])
by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
with ESMTP id elAhn303Sbeh; Fri, 29 Dec 2023 18:30:32 +0000 (UTC)
X-Greylist: delayed 601 seconds by postgrey-1.37 at util1.osuosl.org;
Fri, 29 Dec 2023 18:30:32 UTC
DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org 0F443400FD
Received: from smtpauth.rollernet.us (smtpauth.rollernet.us
[IPv6:2607:fe70:0:3::d])
by smtp2.osuosl.org (Postfix) with ESMTPS id 0F443400FD;
Fri, 29 Dec 2023 18:30:31 +0000 (UTC)
Received: from smtpauth.rollernet.us (localhost [127.0.0.1])
by smtpauth.rollernet.us (Postfix) with ESMTP id 78DBE2800864;
Fri, 29 Dec 2023 10:11:43 -0800 (PST)
Received: from webmail.rollernet.us (webmail.rollernet.us
[IPv6:2607:fe70:0:14::a])
(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
key-exchange X25519 server-signature RSA-PSS (2048 bits) server-digest SHA256)
(Client did not present a certificate)
by smtpauth.rollernet.us (Postfix) with ESMTPSA;
Fri, 29 Dec 2023 10:11:43 -0800 (PST)
MIME-Version: 1.0
Date: Fri, 29 Dec 2023 08:11:43 -1000
From: "David A. Harding" <dave@dtrt.org>
To: jlspc <jlspc@protonmail.com>, Bitcoin Protocol Discussion
<bitcoin-dev@lists.linuxfoundation.org>
In-Reply-To: <IhmJ-631z02S9ZjKb4VtaqVWa_W9U0s1Tnn2fhhGGMlXPUD4r5E08UX-N0iYaXTAk4s_90pemkdCRurPZIQjT9WE9gQSHPKbdpcn4aN_-Vs=@protonmail.com>
References: <sJXy1yFGGxPpgtCexzW2WZhMMpJonGlOaT0Gb_eyQdUIOKPRXQ8tqrNvvunPF5E19kFEAeq5IHXx7Y7qkAFoEkGBS3JP5Tq3uFtSAVRg4NY=@protonmail.com>
<CAFC_Vt7yJCN3a8d5dxmsbpz6i50pXAbSBhgA_HvBYifnoJxrQQ@mail.gmail.com>
<IhmJ-631z02S9ZjKb4VtaqVWa_W9U0s1Tnn2fhhGGMlXPUD4r5E08UX-N0iYaXTAk4s_90pemkdCRurPZIQjT9WE9gQSHPKbdpcn4aN_-Vs=@protonmail.com>
User-Agent: Roundcube Webmail/1.4.15
Message-ID: <62edca3a0c61b7dca5f7dcddf8e33f6a@dtrt.org>
X-Sender: dave@dtrt.org
Content-Type: text/plain; charset=US-ASCII;
format=flowed
Content-Transfer-Encoding: 7bit
X-Rollernet-Abuse: Contact abuse@rollernet.us to report. Abuse policy:
http://www.rollernet.us/policy
X-Rollernet-Submit: Submit ID 46bc.658f0bdf.57331.0
Cc: lightning-dev@lists.linuxfoundation.org
Subject: Re: [bitcoin-dev] Scaling Lightning Safely With Feerate-Dependent
Timelocks
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Fri, 29 Dec 2023 18:30:33 -0000
On 2023-12-28 08:06, jlspc via bitcoin-dev wrote:
> On Friday, December 22nd, 2023 at 8:36 AM, Nagaev Boris
> <bnagaev@gmail.com> wrote:
>> To validate a transaction with FDT [...]
>> a light client would have to determine the median fee
>> rate of the recent blocks. To do that without involving trust, it has
>> to download the blocks. What do you think about including median
>> feerate as a required OP_RETURN output in coinbase transaction?
>
> Yes, I think that's a great idea!
I think this points to a small challenge of implementing this soft fork
for pruned full nodes. Let's say a fee-dependent timelock (FDT) soft
fork goes into effect at time/block _t_. Both before and for a while
after _t_, Alice is running an older pruned full node that did not
contain any FDT-aware code, so it prunes blocks after _t_ without
storing any median feerate information about them (not even commitments
in the coinbase transaction). Later, well after _t_, Alice upgrades her
node to one that is aware of FDTs. Unfortunately, as a pruned node, it
doesn't have earlier blocks, so it can't validate FDTs without
downloading those earlier blocks.
I think the simplest solution would be for a recently-upgrade node to
begin collecting median feerates for new blocks going forward and to
only enforce FDTs for which it has the data. That would mean anyone
depending on FDTs should be a little more careful about them near
activation time, as even some node versions that nominally enforced FDT
consensus rules might not actually be enforcing them yet.
Of course, if the above solution isn't satisfactory, upgraded pruned
nodes could simply redownload old blocks or, with extensions to the P2P
protocol, just the relevant parts of them (i.e., coinbase transactions
or, with a soft fork, even just commitments made in coinbase
transactions[1]).
-Dave
[1] An idea discussed for the segwit soft fork was requiring the witness
merkle root OP_RETURN to be the final output of the coinbase transaction
so that all chunks of the coinbase transaction before it could be
"compressed" into a SHA midstate and then the midstate could be extended
with the bytes of the OP_RETURN commitment to produce the coinbase
transaction's txid, which could then be connected to the block header
using the standard Bitcoin-style merkle inclusion proof. This would
allow trailing commitments in even a very large coinbase transaction to
be communicated in just a few hundred bytes (not including the size of
the commitments themselves). This idea was left out of segwit because
at least one contemporary model of ASIC miner had a hardware-enforced
requirement to put a mining reward payout in the final output.
|
