From: Jeremy <jlrubin@mit•edu>
To: "David A. Harding" <dave@dtrt•org>,
Bitcoin Protocol Discussion
<bitcoin-dev@lists•linuxfoundation.org>
Subject: Re: [bitcoin-dev] Taproot activation proposal "Speedy Trial"
Date: Fri, 5 Mar 2021 20:44:33 -0800 [thread overview]
Message-ID: <CAD5xwhjOFUPpXZ97CWSSpngEiAt7tmTikS+==-0AKbHPzEXieg@mail.gmail.com> (raw)
In-Reply-To: <20210306034343.fhwrxmq6gbb2os5m@ganymede>
[-- Attachment #1: Type: text/plain, Size: 10225 bytes --]
Thank you for resurfacing and collating this concept.
At this time I don't see major issues with this course of action and think
it represents not only a reasonable compromise between all different
perspectives, but also gives us an opportunity to learn more about less
'slow' yet safe consensus upgrades. In particular, I am very happy to see
the earliest activation concept included.
Best,
Jeremy
--
@JeremyRubin <https://twitter.com/JeremyRubin>
<https://twitter.com/JeremyRubin>
On Fri, Mar 5, 2021 at 7:44 PM David A. Harding via bitcoin-dev <
bitcoin-dev@lists•linuxfoundation.org> wrote:
> On the ##taproot-activation IRC channel, Russell O'Connor recently
> proposed a modification of the "Let's see what happens" activation
> proposal.[1] The idea received significant discussion and seemed
> acceptable to several people who could not previously agree on a
> proposal (although this doesn't necessarily make it their first
> choice). The following is my attempt at a description.
>
> 1. Start soon: shortly after the release of software containing this
> proposed activation logic, nodes will begin counting blocks towards
> the 90% threshold required to lock in taproot.[2]
>
> 2. Stop soon: if the lockin threshold isn't reached within approximately
> three months, the activation attempt fails. There is no mandatory
> activation and everyone is encouraged to try again using different
> activation parameters.
>
> 2. Delayed activation: in the happy occasion where the lockin threshold
> is reached, taproot is guaranteed to eventually activate---but not
> until approximately six months after signal tracking started.
>
> ## Example timeline
>
> (All dates approximate; see the section below about BIP9 vs BIP8.)
>
> - T+0: release of one or more full nodes with activation code
> - T+14: signal tracking begins
> - T+28: earliest possible lock in
> - T+104: locked in by this date or need to try a different activation
> process
> - T+194: activation (if lockin occurred)
>
> ## Analysis
>
> The goal of Speedy Trial is to allow a taproot activation attempt to
> either quickly succeed or quickly fail---without compromising safety in
> either case. Details below:
>
> ### Mitigating the problems of early success
>
> New rules added in a soft fork need to be enforced by a large part of
> the economy or there's a risk that a long chain of blocks breaking the
> rules will be accepted by some users and rejected by others, causing a
> chain split that can result in large direct losses to transaction
> receivers and potentially even larger indirect losses to holders due to
> reduced confidence in the safety of the Bitcoin system.
>
> One step developers have taken in the past to ensure widespread adoption
> of new consensus rules is programming in a delay between the time software
> with those rules is expected to be released and when the software starts
> tracking which blocks signal for activation. For example:
>
> Soft fork | Release | Start | Delta
> -----------------+------------+------------+----------
> BIP68 (v0.12.1) | 2016-04-15 | 2016-05-11 | 26 days
> BIP141 (v0.13.1) | 2016-10-27 | 2016-11-18 | 24 days
>
> Sources: BitcoinCore.org,
> https://gist.github.com/ajtowns/1c5e3b8bdead01124c04c45f01c817bc
>
> Speedy Trial replaces most of that upfront delay with a backend delay.
> No matter how fast taproot's activation threshold is reached by miners,
> there will be six months between the time signal tracking starts and when
> nodes will begin enforcing taproot's rules. This gives the userbase even
> more time to upgrade than if we had used the most recently proposed start
> date for a BIP8 activation (~July 23rd).[2]
>
> ### Succeed, or fail fast
>
> The earlier version of this proposal was documented over 200 days ago[3]
> and taproot's underlying code was merged into Bitcoin Core over 140 days
> ago.[4] If we had started Speedy Trial at the time taproot
> was merged (which is a bit unrealistic), we would've either be less than
> two months away from having taproot or we would have moved on to the
> next activation attempt over a month ago.
>
> Instead, we've debated at length and don't appear to be any closer to
> what I think is a widely acceptable solution than when the mailing list
> began discussing post-segwit activation schemes over a year ago.[5] I
> think Speedy Trial is a way to generate fast progress that will either
> end the debate (for now, if activation is successful) or give us some
> actual data upon which to base future taproot activation proposals.
>
> Of course, for those who enjoy the debate, discussion can continue while
> waiting for the results of Speedy Trial.
>
> ### Base activation protocol
>
> The idea can be implemented on top of either Bitcoin Core's existing
> BIP9 code or its proposed BIP8 patchset.[6]
>
> - BIP9 uses two time-based[7] parameters, starttime and timeout. Using
> these values plus a time-based parameter for the minimum activation
> delay would give three months for miners to activate taproot, but some
> of that time near the start or the end might not be usable due to
> signals only being measured in full retarget periods. However, the
> six month time for users to upgrade their node would be not be
> affected by either slow or fast block production.
>
> BIP9 is already part of Bitcoin Core and I think the changes being
> proposed would be relatively small, resulting in a small patch that
> could be easy to review.
>
> - BIP8 uses two height-based parameters, startheight and timeoutheight.
> Using height values would ensure miners had a certain number of
> retarget periods (6) to lock in taproot and that there'd be a certain
> number of blocks (about 24,000) until activation, although latest lock
> in and expected activation could occur moderately earlier or later
> than the estimated three and six months.
>
> BIP8 would likely be used if Speedy Trial fails, so it could be
> advantageous to base this proposal on BIP8 so that we gain
> experience running that code in production.
>
> For additional discussion about using times versus heights, see today's
> log for ##taproot-activation.[11]
>
> ### Additional concerns
>
> - Encourages false signaling: false signaling is when miners signal
> readiness to enforce rules that their nodes don't actually support.
> This was partially responsible for a six-block reorg shortly after the
> final BIP66 activation[8] and was found to still be a problem during
> the BIP68 lockin period despite BIP9 being designed to avoid it.[9]
>
> Because Speedy Trial only gives miners a maximum of three months to
> signal support for taproot, it may encourage such false signaling. If
> taproot locks in as a result of their signaling but most of them fail
> to upgrade by the activation date several months later, unprepared
> miners could lose large amounts of money and users could see long
> reorgs (with unupgraded nodes and SPV lite clients potentially losing
> money).
>
> Compared to other activation proposals, I think the only difference is
> Speedy Trial's short timeline. False signaling is possible with any
> other proposal and the same problems can occur if miners fail to
> upgrade for any mandatory activation.
>
> ### Additional advantages
>
> - No mandatory signaling: at no time are miners required to signal by
> Speedy Trial. This includes no mandatory signaling during the
> locked_in period(s), although such signaling will be encouraged (as it
> was with BIP9[10]).
>
> - Party time: to a lesser degree, a benefit mentioned for flag day
> activation may also apply here: we could get up to six months
> advanced notice of taproot activation, allowing users, developers, and
> organizations to prepare software, announcements, and celebrations for
> that event.
>
> ## Implementation details and next steps
>
> Initial discussion about implementation may be found in today's
> ##taproot-activation log.[11] If it appears Speedy Trial may have
> traction, Russell O'Connor has offered to work on a patch against BIP8
> implementing it.
>
> ## Acknowledgments
>
> The original idea for a short-duration attempt was discussed in the
> ##taproot-activation IRC channel last July and the revised idea saw
> additional evaluation there this week. Despite growing frustration,
> discussion has been overwhelmingly constructive, for which all the
> contributors should be commended. Although this should not in any way
> imply endorsement, I'm grateful for the review and comments on a draft
> of this email by Adam Gibson, Andrew Chow, Anthony Towns, Chris Belcher,
> Jeremy Rubin, Jonas Nick, Luke Dashjr, Michael Folkson, Russell
> O'Connor, and IRC users maybehuman and proofofkeags
>
> ## Footnotes
>
> [1]
> https://en.bitcoin.it/wiki/Taproot_activation_proposals#Let.E2.80.99s_see_what_happens.2C_BIP8.28false.2C_3m.29
>
> [2] A threshold of 1,815/2,016 blocks (90%) in a single retarget period
> seemed to have near-universal support during the 2021-02-16 IRC
> meeting. See:
> https://en.bitcoin.it/wiki/Taproot_activation_proposal_202102
>
> [3]
> https://en.bitcoin.it/w/index.php?title=Taproot_activation_proposals&oldid=68062
>
> [4] https://github.com/bitcoin/bitcoin/pull/19953
>
> [5]
> https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2020-January/017547.html
>
> [6] https://github.com/bitcoin/bitcoin/pull/19573
>
> [7] BIP9's times are based on the median of the past 11 blocks, which
> usually trails UTC by about 90 minutes but which can trail behind
> realtime significantly if miners are doing weird things.
>
> [8] https://en.bitcoin.it/wiki/July_2015_chain_forks
>
> [9] https://buildingbitcoin.org/bitcoin-core-dev/log-2016-06-21.html#l-32
>
> [10]
> https://github.com/bitcoin/bitcoin/blob/ed25cb58f605ba583c735f330482df0bf9348f3a/src/test/versionbits_tests.cpp#L337-L339
>
> [11] http://gnusha.org/taproot-activation/2021-03-05.log
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists•linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
[-- Attachment #2: Type: text/html, Size: 13821 bytes --]
next prev parent reply other threads:[~2021-03-06 4:44 UTC|newest]
Thread overview: 16+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-03-06 3:43 David A. Harding
2021-03-06 4:44 ` Jeremy [this message]
2021-03-06 6:04 ` Andrew Chow
2021-03-06 14:44 ` Russell O'Connor
2021-03-15 2:51 ` Luke Dashjr
2021-03-15 3:14 ` Andrew Chow
2021-03-06 9:29 ` Anthony Towns
2021-03-06 10:26 ` Eric Voskuil
2021-03-06 18:11 ` Matt Corallo
2021-03-06 20:23 ` David A. Harding
2021-03-06 21:48 ` Matt Corallo
2021-03-06 20:44 ` Ariel Luaces
2021-03-06 20:55 ` Keagan McClelland
2021-03-06 19:56 Michael Folkson
2021-03-06 21:55 ` Matt Corallo
2021-03-15 14:06 Michael Folkson
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAD5xwhjOFUPpXZ97CWSSpngEiAt7tmTikS+==-0AKbHPzEXieg@mail.gmail.com' \
--to=jlrubin@mit$(echo .)edu \
--cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
--cc=dave@dtrt$(echo .)org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox