public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Peter Todd <pete@petertodd•org>
To: bitcoin-dev@lists•linuxfoundation.org
Subject: [bitcoin-dev] BIP68: Second-level granularity doesn't make sense
Date: Mon, 23 Nov 2015 23:36:18 -0500	[thread overview]
Message-ID: <20151124043618.GA7999@muck> (raw)

[-- Attachment #1: Type: text/plain, Size: 2732 bytes --]

BIP68 currently represents by-height locks as a simple 16-bit integer of
the number of blocks - effectively giving a granularity of 600 seconds
on average - but for for by-time locks the representation is a 25-bit
integer with granularity of 1 second. However this granularity doesn't
make sense with BIP113, median time-past as endpoint for lock-time
calcualtions, and poses potential problems for future upgrades.


There's two cases to consider here:

1) No competing transactions

By this we mean that the nSequence field is being used simply to delay
when an output can be spent; there aren't competing transactions trying
to spend that output and thus we're not concerned about one transaction
getting mined before another "out of order". For instance, an 2-factor
escrow service like GreenAddress could use nSequence with
CHECKSEQUENCEVERIFY (CSV) to guarantee that users will eventually get
their funds back after some timeout.

In this use-case exact miner behavior is irrelevant. Equally given the
large tolerances allowed on block times, as well as the poisson
distribution of blocks generated, granularity below an hour or two
doesn't have much practical significance.


2) Competing transactions

Here we are relying on miners prefering lower sequence numbers. For
instance a bidirectional payment channel can decrement nSequence for
each change of direction; BIP68 suggests such a decrement might happen
in increments of one day.

BIP113 makes lock-time calculations use the median time-past as the
threshold for by-time locks. The median time past is calculated by
taking median time of the 11 previous blocks, which means when a miner
creates a block they have absolutely no control over what the median
time-past is; it's purely a function of the block tip they're building
upon.

This means that granularity below a block interval will, on average,
have absolutely no effect at all on what transaction the miner includes
even in the hypothetical case. In practice of course, users will want to
use significantly larger than 1 block interval granularity in protocols.


The downside of BIP68 as written is users of by-height locktimes have 14
bits unused in nSequence, but by-time locktimes have just 5 bits unused.
This presents an awkward situation if we add new meanings to nSequence
if we ever need more than 5 bits. Yet as shown above, the extra
granularity doesn't have a practical benefit.


Recommendation: Change BIP68 to make by-time locks have the same number
of bits as by-height locks, and multiply the by-time lock field by the
block interval.

-- 
'peter'[:-1]@petertodd.org
000000000000000001a06d85a46abce495fd793f89fe342e6da18b235ade373f

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 650 bytes --]

             reply	other threads:[~2015-11-24  4:36 UTC|newest]

Thread overview: 3+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2015-11-24  4:36 Peter Todd [this message]
2015-11-24  5:05 ` Btc Drak
2015-11-24  5:58   ` Peter Todd

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20151124043618.GA7999@muck \
    --to=pete@petertodd$(echo .)org \
    --cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox