Jorge Tim贸n [ARCHIVE] on Nostr: 馃搮 Original date posted:2022-03-17 馃摑 Original message:On Tue, Mar 15, 2022 at ...
馃搮 Original date posted:2022-03-17
馃摑 Original message:On Tue, Mar 15, 2022 at 4:45 PM Anthony Towns <aj at erisian.com.au> wrote:
>
> On Fri, Mar 11, 2022 at 02:04:29PM +0000, Jorge Tim贸n via bitcoin-dev wrote:
> People opposed to having taproot transactions in their chain had over
> three years to do that coordination before an activation method was merged
> [0], and then an additional seven months after the activation method was merged before taproot enforcement began [1].
>
> [0] 2018-01-23 was the original proposal, 2021-04-15 was when speedy
> trial activation parameters for mainnet and testnet were merged.
> [1] 2021-11-14
People may be opposed only to the final version, but not the initial
one or the fundamental concept.
Please, try to think of worse case scenarios.
Perhaps there's no opposition until after activation code has been
released and miners are already starting to signal.
Perhaps at that moment a reviewer comes and points out a fatal flaw.
> For comparison, the UASF activation attempt for segwit took between 4
> to 6 months to coordinate, assuming you start counting from either the
> "user activated soft fork" concept being raised on bitcoin-dev or the
> final params for BIP 148 being merged into the bips repo, and stop
> counting when segwit locked in.
That was extremely risky and could have been a disaster. It went well,
but in my opinion a BIP8 approach from the beginning would have been
much less risky. Instead of improvising these things we should plan
ahead. But for "user forced" activations and for "user forced"
rejections.
Just remember you may reject your own code.
> > Please, try to imagine an example for an activation that you wouldn't like
> > yourself. Imagine it gets proposed and you, as a user, want to resist it.
>
> Sure. There's more steps than just "fork off onto a minority chain"
> though.
>
> 1) The first and most important step is to explain why you want to
> resist it, either to convince the proposers that there really is
> a problem and they should stand down, or so someone can come up
> with a way of fixing the proposal so you don't need to resist it.
> Ideally, that's all that's needed to resolve the objections. (That's
> what didn't happen with opposition to segwit)
Agreed, for any given proposal, the first approach should be rational
discussion.
Some times we consider other arguments irrational simply because we
don't understand them though.
> 2) If that somehow doesn't work, and people are pushing ahead with a
> consensus change despite significant reasonable opposition; the next
> thing to do would be to establish if either side is a paper tiger
> and setup a futures market. That has the extra benefit of giving
> miners some information about which (combination of) rules will be
> most profitable to mine for.
>
> Once that's setup and price discovery happens, one side or the other
> will probably throw in the towel -- there's not much point have a
> money that other people aren't interested in using. (And that more
> or less is what happened with 2X)
Future markets can be manipulated.
Regarding 2x, that's not how I remember it. If I remember correctly,
"discovered" a price in btc for bcash that was
orders of magnitude higher than what it is today.
> If a futures market like that is going to be setup, I think it's
> best if it happens before signalling for the soft fork starts --
> the information miners will get from it is useful for figuring out
> how much resources to invest in signalling, eg. I think it might even
> be feasible to set something up even before activation parameters are
> finalised; you need something more than just one-on-one twitter bets
> to get meaningful price discovery, but I think you could probably
> build something based on a reasonably unbiassed oracle declaring an
> outcome, without precisely defined parameters fixed in a BIP.
Whatever miners signal, until there are two chains and their real
rewards can be traded, it's hard to know what they will mine
afterwards.
They could signal a change with 100% and then after it is activated on
one chain and resisted on another, they 95% of them may switch to the
old chain simply because its rewards are 20 times more valuable. This
may happen 3 days after activation or 3 months, or more.
It could depend on how fast some relevant information about the new
change spreads.
Which is specially hard to estimate in a censored world like ours.
> So if acting like reasonable people and talking it through doesn't
> work, this seems like the next step to me.
Not to me, but you're free to create your future markets or trade in them.
I wouldn't do any of them, and I would advice against it.
> 3) But maybe you try both those and they fail and people start trying
> to activate the soft fork (or perhaps you just weren't paying
> attention until it was too late, and missed the opportunity).
Yes, some changes may be rejected late because some people weren't
paying attention or weren't paid attention, indeed.
Or perhaps it's your own proposal and you realize it is flawed
yourself. There are infinite hypothetical scenarios we could consider
for this to happen.
> I think the speedy trial approach here is ideal for a last ditch
> "everyone stays on the same chain while avoiding this horrible change"
> attempt. The reason being that it allows everyone to agree to not
> adopt the new rules with only very little cost: all you need is for
> 10% of hashpower to not signal over a three month period.
No, 10% of hashpower is not "very little cost", that's very expensive.
> That's cheaper than bip9 (5% over 12 months requires 2x the
> cumulative hashpower), and much cheaper than bip8 which requires
> users to update their software
Updating software is not expensive. the code for bip8 could have been
merged long before taproot was even initially proposed.
It could be merged now before another proposal.
Updating software is certainly not more expensive than getting 10% of
the hashrate.
> 4) At this point, if you were able to prevent activation, hopefully
> that's enough of a power move that people will take your concerns
> seriously, and you get a second chance at step (1). If that still
> results in an impasse, I'd expect there to be a second, non-speedy
> activation of the soft fork, that either cannot be blocked at all, or
> cannot be blocked without having control of at least 60% of hashpower.
And if you never got 10% hashpower, we move to the next step, I guess.
> 5) If you weren't able to prevent activation (whether or not you
> prevented speedy trial from working), then you should have a lot
> of information:
>
> - you weren't able to convince people there was a problem
>
> - you either weren't in the economic majority and people don't
> think your concept of bitcoin is more valuable (perhaps they
> don't even think it's valuable enough to setup a futures market
> for you)
>
> - you can't get control of even 10% of hashpower for a few months
>
> and your only option is to accept defeat or create a new chain.
What if it's still the other people who are lacking information?
It wouldn't be a new chain, it would be the old chain without the new
evil change, until you manage to show the other people that the change
was indeed evil.
Remember, in this example, the new change being evil is not a
possibility, but an assumption.
What you're arguing is "if you haven't been able to stop the evil
change, then perhaps it wasn't evil all along and the people trying to
resist it were wrong and don't know it".
But that contradicts the premise: an evil change being deployed using
speedy trial.
> Since your new chain won't have a hashpower majority, you'll likely
> have significant problems if you don't hard fork in a change to
> how proof-of-work works; my guess is you'd either want to switch
> to a different proof-of-work algorithm, or make your chain able
> to be merge-mined against bitcoin, though just following BCH/BSV's
> example and tweaking the difficulty adjustment to be more dynamic
> could work too.
No, I disagree. You'll just get the hashpower you pay for with subsidy and fees.
A better difficulty update filter and merge mining could help you, I
guess. But that could be a threat on its own.
Also, as pointed out earlier, "mining majority" is dynamic and depends
on the rewards.
> (For comparison, apparently BCH has 0.8% of bitcoin's hashrate,
> BSV has 0.2%. Meanwhile, Namecoin, RSK and Syscoin, which support
> merge-mining, are apparently at 68%, 42% and 17% respectively)
Google tells me 0.0073BTC.
In perfect competition and leaving fees aside (in which probably
bitcoin wins too), BCH should have approximately 0.0073% the hashrate
bitcoin hash. This tells me someone who likes BCH is throwing money
away to subsidize its security.
Or perhaps it's something else I'm not taking into account or your
estimate is wrong.
But BCH having 0.8% of bitcoin's hashrate sounds like too much to me.
And yet, what did your future markers "discovered" pre hard fork?
> At the point that you're doing a hard fork, making a clean split is
> straightforward: schedule the hard fork for around the same time as
> the start of enforcement of the soft fork you oppose, work out how
> to make sure you're on your own p2p network, and figure out how
> exchanges and lightning channels and everything else are going to
> cope with the coin split.
You shouldn't need to do a hardfork to resist a consensus change you don't like.
"around the same time", with bip8 and the resistance mechanism
proposed by luke, it doesn't need to be "around the same time
according to some expert who will tell you what to put in your
software", but "exactly at the same time, and you only need to know
which pproposal version bit you're opposing".
> 6) There's potentially also the case where a soft fork locks-in
> and later everyone realises the people who were opposing it were
> right all along and the fork is a really bad idea.
>
> If everyone agreed that some idea was irredeemably bad -- eg,
> OP_VERIF -- then we could soft fork them out and just forbid
> blocks/transactions that attempt to use them. Or conceivably we could
> do a hardfork and have more options about how to fix the problem.
Yeah, great example. It doesn't have to be an "evil change" as such,
it can just be a "deeply wrong change" or something.
Or if we were using BIP8 and had the resistance mechanism proposed by
luke, all we would need to do is change one line and recompile:
I don't remember his enumeration constants but, something like...
- bip8Params.EvilProposalActivationMode = FORCE_ACTIVATION;
+ bip8Params.EvilProposalActivationMode = FORBID_ACTIVATION;
Say we discover it 3 days before forced activation.
Well, that would still be much less rushed that the berkeleyDB thing,
wouldn't it?
As you point out, after activation it is much more painful to fix
things. In some cases a hardfork may be the best solution a
posteriori, but I guess that gets out of the scope for activation
mechanisms.
If there's only opposition after it is deployed, whatever the
activation mechanism, in that particular case, would be irrelevant.
Whatever evil change it was, we would have probably swallowed whatever
the activation mechanism, because we only thought it evil or wrong a
posteriori.
馃摑 Original message:On Tue, Mar 15, 2022 at 4:45 PM Anthony Towns <aj at erisian.com.au> wrote:
>
> On Fri, Mar 11, 2022 at 02:04:29PM +0000, Jorge Tim贸n via bitcoin-dev wrote:
> People opposed to having taproot transactions in their chain had over
> three years to do that coordination before an activation method was merged
> [0], and then an additional seven months after the activation method was merged before taproot enforcement began [1].
>
> [0] 2018-01-23 was the original proposal, 2021-04-15 was when speedy
> trial activation parameters for mainnet and testnet were merged.
> [1] 2021-11-14
People may be opposed only to the final version, but not the initial
one or the fundamental concept.
Please, try to think of worse case scenarios.
Perhaps there's no opposition until after activation code has been
released and miners are already starting to signal.
Perhaps at that moment a reviewer comes and points out a fatal flaw.
> For comparison, the UASF activation attempt for segwit took between 4
> to 6 months to coordinate, assuming you start counting from either the
> "user activated soft fork" concept being raised on bitcoin-dev or the
> final params for BIP 148 being merged into the bips repo, and stop
> counting when segwit locked in.
That was extremely risky and could have been a disaster. It went well,
but in my opinion a BIP8 approach from the beginning would have been
much less risky. Instead of improvising these things we should plan
ahead. But for "user forced" activations and for "user forced"
rejections.
Just remember you may reject your own code.
> > Please, try to imagine an example for an activation that you wouldn't like
> > yourself. Imagine it gets proposed and you, as a user, want to resist it.
>
> Sure. There's more steps than just "fork off onto a minority chain"
> though.
>
> 1) The first and most important step is to explain why you want to
> resist it, either to convince the proposers that there really is
> a problem and they should stand down, or so someone can come up
> with a way of fixing the proposal so you don't need to resist it.
> Ideally, that's all that's needed to resolve the objections. (That's
> what didn't happen with opposition to segwit)
Agreed, for any given proposal, the first approach should be rational
discussion.
Some times we consider other arguments irrational simply because we
don't understand them though.
> 2) If that somehow doesn't work, and people are pushing ahead with a
> consensus change despite significant reasonable opposition; the next
> thing to do would be to establish if either side is a paper tiger
> and setup a futures market. That has the extra benefit of giving
> miners some information about which (combination of) rules will be
> most profitable to mine for.
>
> Once that's setup and price discovery happens, one side or the other
> will probably throw in the towel -- there's not much point have a
> money that other people aren't interested in using. (And that more
> or less is what happened with 2X)
Future markets can be manipulated.
Regarding 2x, that's not how I remember it. If I remember correctly,
"discovered" a price in btc for bcash that was
orders of magnitude higher than what it is today.
> If a futures market like that is going to be setup, I think it's
> best if it happens before signalling for the soft fork starts --
> the information miners will get from it is useful for figuring out
> how much resources to invest in signalling, eg. I think it might even
> be feasible to set something up even before activation parameters are
> finalised; you need something more than just one-on-one twitter bets
> to get meaningful price discovery, but I think you could probably
> build something based on a reasonably unbiassed oracle declaring an
> outcome, without precisely defined parameters fixed in a BIP.
Whatever miners signal, until there are two chains and their real
rewards can be traded, it's hard to know what they will mine
afterwards.
They could signal a change with 100% and then after it is activated on
one chain and resisted on another, they 95% of them may switch to the
old chain simply because its rewards are 20 times more valuable. This
may happen 3 days after activation or 3 months, or more.
It could depend on how fast some relevant information about the new
change spreads.
Which is specially hard to estimate in a censored world like ours.
> So if acting like reasonable people and talking it through doesn't
> work, this seems like the next step to me.
Not to me, but you're free to create your future markets or trade in them.
I wouldn't do any of them, and I would advice against it.
> 3) But maybe you try both those and they fail and people start trying
> to activate the soft fork (or perhaps you just weren't paying
> attention until it was too late, and missed the opportunity).
Yes, some changes may be rejected late because some people weren't
paying attention or weren't paid attention, indeed.
Or perhaps it's your own proposal and you realize it is flawed
yourself. There are infinite hypothetical scenarios we could consider
for this to happen.
> I think the speedy trial approach here is ideal for a last ditch
> "everyone stays on the same chain while avoiding this horrible change"
> attempt. The reason being that it allows everyone to agree to not
> adopt the new rules with only very little cost: all you need is for
> 10% of hashpower to not signal over a three month period.
No, 10% of hashpower is not "very little cost", that's very expensive.
> That's cheaper than bip9 (5% over 12 months requires 2x the
> cumulative hashpower), and much cheaper than bip8 which requires
> users to update their software
Updating software is not expensive. the code for bip8 could have been
merged long before taproot was even initially proposed.
It could be merged now before another proposal.
Updating software is certainly not more expensive than getting 10% of
the hashrate.
> 4) At this point, if you were able to prevent activation, hopefully
> that's enough of a power move that people will take your concerns
> seriously, and you get a second chance at step (1). If that still
> results in an impasse, I'd expect there to be a second, non-speedy
> activation of the soft fork, that either cannot be blocked at all, or
> cannot be blocked without having control of at least 60% of hashpower.
And if you never got 10% hashpower, we move to the next step, I guess.
> 5) If you weren't able to prevent activation (whether or not you
> prevented speedy trial from working), then you should have a lot
> of information:
>
> - you weren't able to convince people there was a problem
>
> - you either weren't in the economic majority and people don't
> think your concept of bitcoin is more valuable (perhaps they
> don't even think it's valuable enough to setup a futures market
> for you)
>
> - you can't get control of even 10% of hashpower for a few months
>
> and your only option is to accept defeat or create a new chain.
What if it's still the other people who are lacking information?
It wouldn't be a new chain, it would be the old chain without the new
evil change, until you manage to show the other people that the change
was indeed evil.
Remember, in this example, the new change being evil is not a
possibility, but an assumption.
What you're arguing is "if you haven't been able to stop the evil
change, then perhaps it wasn't evil all along and the people trying to
resist it were wrong and don't know it".
But that contradicts the premise: an evil change being deployed using
speedy trial.
> Since your new chain won't have a hashpower majority, you'll likely
> have significant problems if you don't hard fork in a change to
> how proof-of-work works; my guess is you'd either want to switch
> to a different proof-of-work algorithm, or make your chain able
> to be merge-mined against bitcoin, though just following BCH/BSV's
> example and tweaking the difficulty adjustment to be more dynamic
> could work too.
No, I disagree. You'll just get the hashpower you pay for with subsidy and fees.
A better difficulty update filter and merge mining could help you, I
guess. But that could be a threat on its own.
Also, as pointed out earlier, "mining majority" is dynamic and depends
on the rewards.
> (For comparison, apparently BCH has 0.8% of bitcoin's hashrate,
> BSV has 0.2%. Meanwhile, Namecoin, RSK and Syscoin, which support
> merge-mining, are apparently at 68%, 42% and 17% respectively)
Google tells me 0.0073BTC.
In perfect competition and leaving fees aside (in which probably
bitcoin wins too), BCH should have approximately 0.0073% the hashrate
bitcoin hash. This tells me someone who likes BCH is throwing money
away to subsidize its security.
Or perhaps it's something else I'm not taking into account or your
estimate is wrong.
But BCH having 0.8% of bitcoin's hashrate sounds like too much to me.
And yet, what did your future markers "discovered" pre hard fork?
> At the point that you're doing a hard fork, making a clean split is
> straightforward: schedule the hard fork for around the same time as
> the start of enforcement of the soft fork you oppose, work out how
> to make sure you're on your own p2p network, and figure out how
> exchanges and lightning channels and everything else are going to
> cope with the coin split.
You shouldn't need to do a hardfork to resist a consensus change you don't like.
"around the same time", with bip8 and the resistance mechanism
proposed by luke, it doesn't need to be "around the same time
according to some expert who will tell you what to put in your
software", but "exactly at the same time, and you only need to know
which pproposal version bit you're opposing".
> 6) There's potentially also the case where a soft fork locks-in
> and later everyone realises the people who were opposing it were
> right all along and the fork is a really bad idea.
>
> If everyone agreed that some idea was irredeemably bad -- eg,
> OP_VERIF -- then we could soft fork them out and just forbid
> blocks/transactions that attempt to use them. Or conceivably we could
> do a hardfork and have more options about how to fix the problem.
Yeah, great example. It doesn't have to be an "evil change" as such,
it can just be a "deeply wrong change" or something.
Or if we were using BIP8 and had the resistance mechanism proposed by
luke, all we would need to do is change one line and recompile:
I don't remember his enumeration constants but, something like...
- bip8Params.EvilProposalActivationMode = FORCE_ACTIVATION;
+ bip8Params.EvilProposalActivationMode = FORBID_ACTIVATION;
Say we discover it 3 days before forced activation.
Well, that would still be much less rushed that the berkeleyDB thing,
wouldn't it?
As you point out, after activation it is much more painful to fix
things. In some cases a hardfork may be the best solution a
posteriori, but I guess that gets out of the scope for activation
mechanisms.
If there's only opposition after it is deployed, whatever the
activation mechanism, in that particular case, would be irrelevant.
Whatever evil change it was, we would have probably swallowed whatever
the activation mechanism, because we only thought it evil or wrong a
posteriori.