On Mon, Sep 28, 2015 at 9:28 AM, Peter Todd wrote: > > 2) Mr. Todd (or somebody) needs to write up a risk/benefit security > > tradeoff analysis doo-hickey document and publish it. I'm reasonably > > confident that the risks to SPV nodes can be mitigated (e.g. by deploying > > mempool-only first, before the soft fork rolls out), but as somebody who > > has only been moderately paying attention, BETTER COMMUNICATION is > needed. > > What should SPV wallet authors be doing right now, if anything? Once the > > soft fork starts to roll out or activates, what do miners need to be > aware > > of? SPV wallet authors? > > Do you have such a document for your BIP101? That would save me a lot of > time, and the need for that kind of document is significantly higher > with BIP101 anyway. > Hmmm? When I asked YOU for that kind of security analysis document, you said you'd see if any of your clients would be willing to let you publish one you'd done in the past. Then I never heard back from you. So, no, I don't have one for BIP 101, but unless you were lying and just trying to add Yet Another Hoop for BIP 101 to jump through, you should already have something to start from. RE: mempool only: yes, pull-req 5000 satisfies (and that's what I was thinking of). There should be a nice, readable blog post explaining to other full node implementors and wallet implementors why that was done for Core and what they should do to follow 'best practices to be soft-fork ready.' -- -- Gavin Andresen