1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
|
Return-Path: <rusty@ozlabs.org>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id 7624190
for <bitcoin-dev@lists.linuxfoundation.org>;
Sun, 1 Nov 2015 03:23:27 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from ozlabs.org (ozlabs.org [103.22.144.67])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 8801BEE
for <bitcoin-dev@lists.linuxfoundation.org>;
Sun, 1 Nov 2015 03:23:26 +0000 (UTC)
Received: by ozlabs.org (Postfix, from userid 1011)
id 61AB1140778; Sun, 1 Nov 2015 14:23:23 +1100 (AEDT)
From: Rusty Russell <rusty@rustcorp.com.au>
To: Gavin Andresen <gavinandresen@gmail.com>,
Bitcoin Dev <bitcoin-dev@lists.linuxfoundation.org>
In-Reply-To: <CABsx9T0Evf3B_NtmdKxc_M1xRQh-jSC4JzTHCx8Ez9RzCypvMg@mail.gmail.com>
References: <CABsx9T0Evf3B_NtmdKxc_M1xRQh-jSC4JzTHCx8Ez9RzCypvMg@mail.gmail.com>
User-Agent: Notmuch/0.20.2 (http://notmuchmail.org) Emacs/24.5.1
(x86_64-pc-linux-gnu)
Date: Sat, 31 Oct 2015 14:13:13 +1030
Message-ID: <8737wrwvn2.fsf@rustcorp.com.au>
MIME-Version: 1.0
Content-Type: text/plain
X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_40, DATE_IN_PAST_12_24,
RCVD_IN_DNSWL_MED, T_RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
Subject: Re: [bitcoin-dev] Compatibility requirements for hard or soft forks
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Development Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Sun, 01 Nov 2015 03:23:27 -0000
Gavin Andresen via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> writes:
> Should it be a requirement that ANY one-megabyte transaction that is valid
> under the existing rules also be valid under new rules?
>
> Pro: There could be expensive-to-validate transactions created and given a
> lockTime in the future stored somewhere safe. Their owners may have no
> other way of spending the funds (they might have thrown away the private
> keys), and changing validation rules to be more strict so that those
> transactions are invalid would be an unacceptable confiscation of funds.
Not just lockTime; potentially any tx locked away in a safe.
Consider low-S enforcement: high chance a non-expert user will be unable
to spend an old transaction. They need to compromise their privacy
and/or spend time and money. A milder "confiscation" but a more likely
one.
By that benchmark, we should aim for "reasonable certainty". A
transaction which would never have been generated by any known software
is the minimum bar. Adding "...which would have to be deliberately
stupid with many redundant OP_CHECKSIG etc" surpasses it. The only extra
safeguard I can think of is clear, widespread notification of the
change.
Cheers,
Rusty.
|
