Date: Thu, 8 Apr 2021 21:11:06 +1000
From: Anthony Towns <aj@erisian.com.au>
To: Rusty Russell <rusty@rustcorp.com.au>,
 Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Message-ID: <20210408111106.GA31864@erisian.com.au>
References: <CAD5xwhiXE=yJFi+9aZQqMOCaiUrJ_UEvcESR3E0j2SA1RnbqmA@mail.gmail.com>
 <874kgkkpji.fsf@rustcorp.com.au>
 <CAMnpzfopMNO=73wqvXpOn9u8X4MwJArqGxODJAS4-9iFiZOd6A@mail.gmail.com>
 <87pmz6it7q.fsf@rustcorp.com.au>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
In-Reply-To: <87pmz6it7q.fsf@rustcorp.com.au>
User-Agent: Mutt/1.10.1 (2018-07-13)
Subject: Re: [bitcoin-dev] March 23rd 2021 Taproot Activation Meeting Notes
Precedence: list

On Wed, Apr 07, 2021 at 02:31:13PM +0930, Rusty Russell via bitcoin-dev wrote:
> >> It's totally a political approach, to avoid facing the awkward question.
> >> Since I believe that such prevaricating makes a future crisis less
> >> predictable, I am forced to conclude that it makes bitcoin less robust.
> > LOT=true does face the awkward question, but there are downsides:
> >   - in the requirement to drop blocks from apathetic miners (although
> >     as Luke-Jr pointed out in a previous reply on this list they have
> >     no contract under which to raise a complaint); and
> Surely, yes.  If the users of bitcoin decide blocks are invalid, they're
> invalid.

That's begging the question though -- yes, if _everyone_ decides bitcoin
works such-n-such a way, then there's no debate. But that's trivial:
who's left to debate, when everyone agrees?

On the otherhand, if people disagree with you, who's to say they're in
the minority and "the users" are on your side?

> With a year's warning, and developer and user consensus
> against them, I think we've reached the limits of acceptable miner
> apathy.

The question is "how do you establish developer and user consensus?"

In particular, if you're running a business accepting payments via
"bitcoin", how do you know what software to run to stay in consensus
with everyone else running bitcoin, so you know the payments you receive
are good?

Ideally, we try to make the answer to that trivial: just download any
version of bitcoind and run it with the default configuration. More
recent (supported) versions are better due to potential security fixes
and performance improvements, of course.

> >   - in the risk of a chain split, should gauging economic majority
> >     support - which there is zero intrinsic tooling for - go poorly.
> Agreed that we should definitely do better here: in practice people
> would rely on third party explorers for information on the other side of
> the split.  Tracking the cumulative work on invalid chains would be a
> good idea for bitcoind in general (AJ suggested this, IIRC).

Those measures are only useful *after* there's been a chain split. I'm
certainly in favour of better protections like that -- adversarial
thinking, prepper-ism, whatever -- but we should be trying really hard to
avoid ending up in that situation; and even better to avoid even ending
up *risking* that situation.

> Again, openly creating a contingency plan is not brinkmanship,

I think the word "brinkmanship" is being a bit overused in this thread...

lockinontimeout is designed for a chain split -- its only action is
to ignore one side of a split should it occur. That's not useless --
splitting the chain is a plausible scenario in the event of someone
dedicating something like $200M+ per week to attacking bitcoin, and we
should have contingencies in place for that sort of thing.

But it's like carrying a gun around -- yeah, there are times when that
might be helpful for self-protection or to put a tyrant into the ground;
but putting it down on the table everytime you sit down for a coffee*
and tapping it and saying "look, I'm sure you'll do the right thing and
serve me properly and I'll leave happy and give you a big tip; this is
just a contingency plan" isn't super great.

And even then, lockinontimeout isn't really a very *good* contingency
plan in the event of a chain split: if your side of the split isn't
in the majority, you're relying on the other side -- the one with all
the money -- being stupid and not having a dontlockinever=yes option to
protect them from wipeout, and without a hardfork to change proof-of-work
or the difficulty adjustment, you'll have enormous difficulties getting
blocks at all.

* The only thing worth spending bitcoin on.

> I think we should be normalizing the understanding that bitcoin users
> are the ultimate decider.

Yes. 

What we shouldn't be normalising is that the way users decide is by
risking their business by having their node reject blocks and hoping
that everyone else will also reject the same set of blocks.

(After all, businesses handling lots of bitcoin being willing to force
the issue via running node software that rejects "invalid" blocks,
was the whole plan for making s2x a fait accompli...)

I've written up what I believe is a better approach to dealing with
the possibility of miners not upgrading to enforce a soft-fork quickly
here:

https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2021-March/018723.html

I belive it would be straightforward to implement that after a failed
speedy trial; technically anyway.

Cheers,
aj