ryan at breen.xyz [ARCHIVE] on Nostr: 📅 Original date posted:2023-08-28 🗒️ Summary of this message: Mainchain nodes ...
📅 Original date posted:2023-08-28
🗒️ Summary of this message: Mainchain nodes do not validate sidechain blocks. Sidechain nodes called sentinels watch for invalid withdrawals and publish attestations. Bitcoin full nodes can hold miners accountable by forking off the network if they make improper withdrawals. Trust in sidechain validators is chosen by each Bitcoin full node. The downside is the difficulty of getting enough nodes on board and maintaining a healthy network of sentinels. The upside is that sidechains can be user-activated and allow full nodes to hold miners accountable. If the sidechain developers create malicious code, the fallout would be the same as any other sidechain proposal. Sentinel chains have no restrictions on how they operate.
📝 Original message:
I appreciate your questions, ZmnSCPxj.
I will answer your second question first: Mainchain nodes do not ever validate sidechain blocks. Sidechain nodes watch Bitcoin for invalid withdrawals, and publish signed attestations to a public broadcast network (such as Nostr) that a transaction is making an invalid withdrawal. These sidechain nodes are the so-called sentinels.
Bitcoin full nodes wishing to participate in holding miners accountable for stealing will watch the public broadcast network for attestations of improper withdrawals and treat those transactions as de facto invalid, thus forking violating miners off the network. In this way, launching a Sentinel chain mimics a user-activated soft fork, but without any changes to Bitcoin Core consensus logic.
Bitcoin full nodes would choose their own limited set of sidechain validators to trust. They might run their own sidechain node and trust that result exclusively. They might instead choose to trust a set of high quality community members such as companies, etc.
A downside to this method are the same as the difficulties of launching a soft fork. Making sure enough nodes (or miners) are on board to enforce the new rules prior to launch of a sidechain, or a minority of users will fork off the network. Additionally, maintaining a healthy network of sentinels for a sidechain is an additional angle to consider.
The upside of this method is that sidechains can be user-activated, not just miner-activated like under the BIP-300 framework. And it allows Bitcoin full nodes to hold miners accountable for obeying the sidechain withdrawal rules.
--------------------
To answer your first question: When you say the sentinel chain software, are you asking what would happen if the sidechain developers create malicious code in sidechain node software? I suppose that would depend on the upgrade process of the sidechain, but the maximum fallout from malicious Sentinel chains is the exact same as any other sidechain proposal: the sidechain users get rugged.
The concept behind Sentinel chains puts no restriction on how sentinel chains may operate, only how the “difficult” part of launching a 2WP sidechain, peg-outs from sidechain to mainchain, may work without advanced cryptographic techniques such a ZKPs.
Thanks,
Ryan (ursuscamp on twitter)
> On Aug 28, 2023, at 9:48 AM, ZmnSCPxj <ZmnSCPxj at protonmail.com> wrote:
>
> Good morning Ryan,
>
> If I modify your Sentinel Chain open-source software so that it is honest for 999 sidechain blocks, then lies and says that the 1000th block is invalid even though it actually is, what happens?
>
> Do mainchain nodes need to download the previous 999 sidechain blocks, run the sidechain rules on them, and then validate the 1000th sidechain block itself?
>
> Regards,
> ZmnSCPxj
🗒️ Summary of this message: Mainchain nodes do not validate sidechain blocks. Sidechain nodes called sentinels watch for invalid withdrawals and publish attestations. Bitcoin full nodes can hold miners accountable by forking off the network if they make improper withdrawals. Trust in sidechain validators is chosen by each Bitcoin full node. The downside is the difficulty of getting enough nodes on board and maintaining a healthy network of sentinels. The upside is that sidechains can be user-activated and allow full nodes to hold miners accountable. If the sidechain developers create malicious code, the fallout would be the same as any other sidechain proposal. Sentinel chains have no restrictions on how they operate.
📝 Original message:
I appreciate your questions, ZmnSCPxj.
I will answer your second question first: Mainchain nodes do not ever validate sidechain blocks. Sidechain nodes watch Bitcoin for invalid withdrawals, and publish signed attestations to a public broadcast network (such as Nostr) that a transaction is making an invalid withdrawal. These sidechain nodes are the so-called sentinels.
Bitcoin full nodes wishing to participate in holding miners accountable for stealing will watch the public broadcast network for attestations of improper withdrawals and treat those transactions as de facto invalid, thus forking violating miners off the network. In this way, launching a Sentinel chain mimics a user-activated soft fork, but without any changes to Bitcoin Core consensus logic.
Bitcoin full nodes would choose their own limited set of sidechain validators to trust. They might run their own sidechain node and trust that result exclusively. They might instead choose to trust a set of high quality community members such as companies, etc.
A downside to this method are the same as the difficulties of launching a soft fork. Making sure enough nodes (or miners) are on board to enforce the new rules prior to launch of a sidechain, or a minority of users will fork off the network. Additionally, maintaining a healthy network of sentinels for a sidechain is an additional angle to consider.
The upside of this method is that sidechains can be user-activated, not just miner-activated like under the BIP-300 framework. And it allows Bitcoin full nodes to hold miners accountable for obeying the sidechain withdrawal rules.
--------------------
To answer your first question: When you say the sentinel chain software, are you asking what would happen if the sidechain developers create malicious code in sidechain node software? I suppose that would depend on the upgrade process of the sidechain, but the maximum fallout from malicious Sentinel chains is the exact same as any other sidechain proposal: the sidechain users get rugged.
The concept behind Sentinel chains puts no restriction on how sentinel chains may operate, only how the “difficult” part of launching a 2WP sidechain, peg-outs from sidechain to mainchain, may work without advanced cryptographic techniques such a ZKPs.
Thanks,
Ryan (ursuscamp on twitter)
> On Aug 28, 2023, at 9:48 AM, ZmnSCPxj <ZmnSCPxj at protonmail.com> wrote:
>
> Good morning Ryan,
>
> If I modify your Sentinel Chain open-source software so that it is honest for 999 sidechain blocks, then lies and says that the 1000th block is invalid even though it actually is, what happens?
>
> Do mainchain nodes need to download the previous 999 sidechain blocks, run the sidechain rules on them, and then validate the 1000th sidechain block itself?
>
> Regards,
> ZmnSCPxj