Re: [bitcoin-dev] how to disable segwit in my build?

From: "Hampus Sjöberg" <hampus.sjoberg@gmail•com>
To: Dan Libby <dan@osc•co.cr>,
	 Bitcoin Protocol Discussion
	<bitcoin-dev@lists•linuxfoundation.org>
Subject: Re: [bitcoin-dev] how to disable segwit in my build?
Date: Fri, 14 Jul 2017 00:50:32 +0200	[thread overview]
Message-ID: <CAFMkqK-s=Xtg_40dMY7B3ecbOsjtcekHa6qFn2h8dVhuUMv=pw@mail.gmail.com> (raw)
In-Reply-To: <4921ce4f-06bc-8ff1-4e70-5bd55d1ff5ca@osc.co.cr>

[-- Attachment #1: Type: text/plain, Size: 4988 bytes --]

> I would like to understand it a bit better, as I think it applies
equally to any pre-segwit node, yes?   So let's say I am running 0.13.0
and someone sends me bitcoins to a P2PKH address, but that person
previously received them to a P2WPKH address.

Yes, this applies to all non-SegWit nodes.

> If I understand correctly, my node will accept the incoming tx inputs
but obviously will not perform any segwit related validation, thus those
inputs are not fully validated.

Yes.
So you have two choices to be fully secure:
1. Validate using the new rules of the network (in other words, run a
SegWit node)
2. Avoid any chain of transaction that contains a SegWit transaction

> I don't yet understand how my node
thinks they are valid at all given that it does not understand P2WPKH
address format, so either it doesn't need to, or P2WPKH is somehow
already valid.

So how softforks often work is that you make the transaction appear to be
always spendable for old nodes, regardless if it really was spendable or
not. This will make sure it is a softfork, the update is backwards
compatible.
If it would be the other way around, if new rules that the node doesn't
understand would always be invalid, it would be hardfork, which is what
we're trying to avoid in the first place.

> so if
someone can point me towards a document that explains it I'd be happy to
read that.

See
https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki#Backward_compatibility
So the witness program is encoded in a new format that old nodes do not
understand.
This means that for old nodes, a number >0 will be put on the stack. When
the script is done, it will be evaluated to true (because of >0) and be
counted as a valid spend.

https://github.com/bitcoin/bips/blob/master/bip-0143.mediawiki also
explains the new witness program more in detail (I left out some details in
my explanation).

Cheers
Hampus

2017-07-13 23:58 GMT+02:00 Dan Libby via bitcoin-dev <
bitcoin-dev@lists•linuxfoundation.org>:

> On 07/13/2017 09:35 AM, Jameson Lopp wrote:
> >
> >
> > On Thu, Jul 13, 2017 at 12:19 PM, Dan Libby via bitcoin-dev
> > <bitcoin-dev@lists•linuxfoundation.org
> > <mailto:bitcoin-dev@lists•linuxfoundation.org>> wrote:
> >
> >     On 07/13/2017 06:39 AM, Hampus Sjöberg via bitcoin-dev wrote:
> >     >> I believe that a good reason not to wish your node to be segwit
> >     > compliant is to avoid having to deal with the extra bandwidth that
> >     > segwit could require.   Running a 0.14.2 node means being ok with
> >1MB
> >     > blocks, in case segwit is activated and widely used. Users not
> >     > interested in segwit transactions may prefer to keep the cost of
> their
> >     > node lower.
> >     >
> >     > If the majority of the network decides to deploy SegWit, it would
> be in
> >     > your best interest to validate the SegWit transactions, because you
> >     > might will be downgraded to near-SPV node validation.
> >     > It would be okay to still run a "non-SegWit" node if there's no
> SegWit
> >     > transactions in the chain of transactions for your bitcoins,
> otherwise
> >     > you cannot fully verify the the ownership of your bitcoins.
> >     > I'm not sure the practicality of this in the long run, but it
> makes a
> >     > case for having an up-to-date non-SegWit node, although I think
> it's a
> >     > bit of a stretch.
> >
> >     Right.  Well, if I never upgrade to segwit, then there seems little
> >     (zero?) risk of having any segwit tx in my tx chain.
> >
> >
> > If you mean you wish to avoid receiving UTXOs that have value that was
> > at one point previously encumbered by a SegWit output then no, you can't
> > avoid that. No more than you can currently avoid receiving BTC that were
> > at one point in time encumbered by a P2SH output.
>
> fair enough.  This actually wasn't an area I'd considered much before
> Hampus brought it up.
>
> I would like to understand it a bit better, as I think it applies
> equally to any pre-segwit node, yes?   So let's say I am running 0.13.0
> and someone sends me bitcoins to a P2PKH address, but that person
> previously received them to a P2WPKH address.
>
> If I understand correctly, my node will accept the incoming tx inputs
> but obviously will not perform any segwit related validation, thus those
> inputs are not fully validated.  I don't yet understand how my node
> thinks they are valid at all given that it does not understand P2WPKH
> address format, so either it doesn't need to, or P2WPKH is somehow
> already valid.  I know this has all been discussed in the past, so if
> someone can point me towards a document that explains it I'd be happy to
> read that.
>
> thanks!
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists•linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>

[-- Attachment #2: Type: text/html, Size: 6533 bytes --]