From: Michael Folkson <michaelfolkson@gmail•com>
To: Matt Corallo <lf-lists@mattcorallo•com>
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists•linuxfoundation.org>
Subject: Re: [bitcoin-dev] Reorgs on SigNet - Looking for feedback on approach and parameters
Date: Fri, 10 Sep 2021 20:00:39 +0100 [thread overview]
Message-ID: <CAFvNmHRKBt-KndgEtuT6da8qJAJgHSoime40J3x6Q=8tnnYpOw@mail.gmail.com> (raw)
In-Reply-To: <50970c07-b447-0b49-3f2b-b8a4961761f1@mattcorallo.com>
> Huh? Why would the goal be to match mainnet? The goal, as I understand it, is to allow software to
use SigNet without modification *to make testing simpler* - keep the
header format the same to let
SPV clients function without (significant) modification, etc. The
point of the whole thing is to
make testing as easy as possible, why would we do otherwise.
I guess Kalle (and AJ) can answer this question better than me but my
understanding is that the motivation for Signet was that testnet
deviated erratically from mainnet behavior (e.g. long delays before
any blocks were mined followed by a multitude of blocks mined in a
short period of time) which meant it wasn't conducive to normal
testing of applications. Why would you want a mainnet like chain? To
check if your application works on a mainnet like chain without
risking any actual value before moving to mainnet. The same purpose as
testnet but more reliably resembling mainnet behavior. You are well
within your rights to demand more than that but my preference would be
to push some of those demands to custom signets rather than the
default Signet.
Testing out proposed soft forks in advance of them being considered
for activation would already be introducing a dimension of complexity
that is going to be hard to manage [0]. I'm generally of the view that
if you are going to introduce a complexity dimension, keep the other
dimensions as vanilla as possible. Otherwise you are battling
complexity in multiple different dimensions and it becomes hard or
impossible to maintain it and meet your initial objectives.
But if this feature of extremely regular re-orgs is an in demand
feature for testers I think the question then becomes what the default
be (I would suggest re-orgs every 8 hours rather than no re-orgs at
all) and then the alternative which you can switch to, re-orgs every
block or every 6 blocks or whatever.
> I believe my suggestion was not correctly understood. I'm not suggesting *users* sign blocks or
otherwise do anything manually here, only that the existing block
producers each generate a new key,
and we then only sign reorgs with *those* keys. Users will be able to
set a flag to indicate "I want
to accept sigs from either sets of keys, and see reorgs" or "I only
want sigs from the non-reorg
keys, and will consider the reorg keys-signed blocks invalid"
Ah I did misunderstand, yes this makes more sense. Thanks for the correction.
[0] https://bitcoin.stackexchange.com/questions/98642/can-we-experiment-on-signet-with-multiple-proposed-soft-forks-whilst-maintaining
On Fri, Sep 10, 2021 at 7:24 PM Matt Corallo <lf-lists@mattcorallo•com> wrote:
>
>
>
> On 9/10/21 06:05, Michael Folkson wrote:
> >> I see zero reason whatsoever to not simply reorg ~every block, or as often as is practical. If users opt in to wanting to test with reorgs, they should be able to test with reorgs, not wait a day to test with reorgs.
> >
> > One of the goals of the default Signet was to make the default Signet
> > resemble mainnet as much as possible. (You can do whatever you want on
> > a custom signet you set up yourself including manufacturing a re-org
> > every block if you wish.) Hence I'm a bit wary of making the behavior
> > on the default Signet deviate significantly from what you might
> > experience on mainnet. Given re-orgs don't occur that often on mainnet
> > I can see the argument for making them more regular (every 8 hours
> > seems reasonable to me) on the default Signet but every block seems
> > excessive. It makes the default Signet into an environment for purely
> > testing whether your application can withstand various flavors of edge
> > case re-orgs. You may want to test whether your application can
> > withstand normal mainnet behavior (no re-orgs for long periods of
> > time) first before you concern yourself with re-orgs.
>
> Huh? Why would the goal be to match mainnet? The goal, as I understand it, is to allow software to
> use SigNet without modification *to make testing simpler* - keep the header format the same to let
> SPV clients function without (significant) modification, etc. The point of the whole thing is to
> make testing as easy as possible, why would we do otherwise.
>
> Further, because one goal here is to enable clients to opt in or out of the reorg chain at will
> (presumably by just changing one config flag in bitcoin.conf), why would we worry about making it
> "similar to mainnet". If users want an experience "similar to mainnet", they can simply turn off
> reorgs and they'll see a consistent chain moving forward which never reorgs, similar to the
> practical experience of mainnet.
>
> Once you've opted into reorgs, you almost certainly are looking to *test* reorgs - you just
> restarted Bitcoin Core with the reorg flag set, waiting around for a reorg after doing that seems
> like the experience of testnet3 today, and the whole reason why we wanted signet to begin with -
> things happen sporadically and inconsistently, making developers wait around forever. Please lets
> not replicate the "gotta wait for blocks before I can go to lunch" experience of testnet today on
> signet, I'm tired of eating lunch late.
>
> >> Why bother with a version bit? This seems substantially more complicated than the original proposal that surfaced many times before signet launched to just have a different reorg signing key. Thus, users who wish to follow reorgs can use a 1-of-2 (or higher multisig) and users who wish to not follow reorgs would use a 1-of-1 (or higher multisig), simply marking the reorg blocks as invalid without touching any header bits that non-full clients will ever see.
> >
> > If I understand this correctly this is introducing a need for users to
> > sign blocks when currently with the default Signet the user does not
> > need to concern themselves with signing blocks. That is entirely left
> > to the network block signers of the default Signet (who were AJ and
> > Kalle last time I checked). Again I don't think this additional
> > complexity is needed on the default Signet when you can set up your
> > own custom Signet if you want to test edge case scenarios that deviate
> > significantly from what you are likely to experience on mainnet. A
> > flag set via a configuration argument (the AJ, 0xB10C proposal) with
> > no-reorgs (or 8 hour re-orgs) as the default seems to me like it would
> > introduce no additional complexity to the casual (or alpha stage)
> > tester experience though of course it introduces implementation
> > complexity.
> >
> > To move the default Signet in the direction of resembling mainnet even
> > closer would be to randomly generate batches of transactions to fill
> > up blocks and create a fee market. It would be great to be able to
> > test features like RBF and Lightning unhappy paths (justice
> > transactions, perhaps even pinning attacks etc) on the default Signet
> > in future.
>
> I believe my suggestion was not correctly understood. I'm not suggesting *users* sign blocks or
> otherwise do anything manually here, only that the existing block producers each generate a new key,
> and we then only sign reorgs with *those* keys. Users will be able to set a flag to indicate "I want
> to accept sigs from either sets of keys, and see reorgs" or "I only want sigs from the non-reorg
> keys, and will consider the reorg keys-signed blocks invalid"
>
> Matt
--
Michael Folkson
Email: michaelfolkson@gmail•com
Keybase: michaelfolkson
PGP: 43ED C999 9F85 1D40 EAF4 9835 92D6 0159 214C FEE3
next prev parent reply other threads:[~2021-09-10 19:00 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2021-09-10 13:05 Michael Folkson
2021-09-10 18:24 ` Matt Corallo
2021-09-10 19:00 ` Michael Folkson [this message]
2021-09-10 19:22 ` Matt Corallo
2021-09-10 20:00 ` David A. Harding
-- strict thread matches above, loose matches on Subject: below --
2021-09-13 12:30 Michael Folkson
2021-09-13 16:24 ` Matt Corallo
2021-09-07 16:07 0xB10C
2021-09-07 16:44 ` Jeremy
2021-09-08 7:59 ` Anthony Towns
2021-09-12 14:29 ` vjudeu
2021-09-12 14:54 ` Greg Sanders
2021-09-10 0:50 ` Matt Corallo
2021-09-12 7:53 ` Anthony Towns
2021-09-13 5:33 ` Matt Corallo
2021-09-14 4:56 ` Anthony Towns
2021-09-15 15:24 ` Matt Corallo
2021-10-15 4:41 ` Anthony Towns
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAFvNmHRKBt-KndgEtuT6da8qJAJgHSoime40J3x6Q=8tnnYpOw@mail.gmail.com' \
--to=michaelfolkson@gmail$(echo .)com \
--cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
--cc=lf-lists@mattcorallo$(echo .)com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox