> sounds good, though I'm unclear on how exactly to achieve (2) given that
any party I have ever transacted with (or otherwise knows an address of
mine) can send me coins at any time. So it seems the only possible way
to be certain is to run a node that has never published an address to a
3rd party. Is that accurate?

Yes, as soon as you receive new Bitcoins, there's a chance that they have been in a SegWit transaction at some point.

I'm not sure if you can see the chain of transactions for an address in bitcoin-cli, but if that is possible, you should be able to double check the transaction types.

> Another thing that could be done is to modify my own node so that it
actually rejects such tx, but then I have modified consensus rules
myself, thus defeating the goal of remaining with status-quo rules, and
anyway the rest of the network would accept the tx. I guess the benefit
is that I could be certain of the remaining funds I have.

Hmm yes, if you reject a such transaction, you'll hardfork the network.

If you ignore it in your wallet, you'll be safe, but you'll lose those bitcoins ofc.

It's a difficult situation.

> I suppose that it would be possible without modifying any rule to
construct a "certain balance" and an "uncertain balance".

Should be possible.

> Hampus, thanks for the explanation!

You're welcome!

I personally very much like and want SegWit, but I respect people that wants to maintain the status quo, it's what will make Bitcoin strong in the long run.

Cheers

Hampus

2017-07-14 1:20 GMT+02:00 Dan Libby via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org>:

Hampus, thanks for the explanation!

On 07/13/2017 03:50 PM, Hampus Sjöberg wrote:

> Yes.
> So you have two choices to be fully secure:
> 1. Validate using the new rules of the network (in other words, run a
> SegWit node)
> 2. Avoid any chain of transaction that contains a SegWit transaction

sounds good, though I'm unclear on how exactly to achieve (2) given that
any party I have ever transacted with (or otherwise knows an address of
mine) can send me coins at any time. So it seems the only possible way
to be certain is to run a node that has never published an address to a
3rd party. Is that accurate?

Another thing that could be done is to modify my own node so that it
actually rejects such tx, but then I have modified consensus rules
myself, thus defeating the goal of remaining with status-quo rules, and
anyway the rest of the network would accept the tx. I guess the benefit
is that I could be certain of the remaining funds I have.

I suppose that it would be possible without modifying any rule to
construct a "certain balance" and an "uncertain balance".

I don't intend to do such modifications! just grasping for understanding.

> See
> https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki#Backward_compatibility
> So the witness program is encoded in a new format that old nodes do not
> understand.
> This means that for old nodes, a number >0 will be put on the stack.
> When the script is done, it will be evaluated to true (because of >0)
> and be counted as a valid spend.
>
> https://github.com/bitcoin/bips/blob/master/bip-0143.mediawiki also
> explains the new witness program more in detail (I left out some details
> in my explanation).

I read the relevant parts, thanks!

_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev