From: ZmnSCPxj <ZmnSCPxj@protonmail•com>
To: Dan Libby <dan@osc•co.cr>
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists•linuxfoundation.org>
Subject: Re: [bitcoin-dev] hypothetical: Could soft-forks be prevented?
Date: Fri, 15 Sep 2017 00:01:47 -0400 [thread overview]
Message-ID: <SU02clg--S4TtIK4TZIytgdnHE8SzXBwSEb_FN5edtPAaojLwCEd6OTNkBUrDiH1FwHPuD4D5yByE7r4Fz_-CVzzU9KK0xvmDGlWNxTp3aU=@protonmail.com> (raw)
In-Reply-To: <9e212eae-08d5-d083-80d9-a8e29679fcdc@osc.co.cr>
[-- Attachment #1: Type: text/plain, Size: 3991 bytes --]
Good morning Dan,
My understanding is that it is impossible for soft forks to be prevented.
1. Anyone-can-spend
There are a very large number of anyone-can-spend scripts, and it would be very impractical to ban them all.
For example, the below output script is anyone-can-spend
<random number> OP_TRUE
So is the below:
OP_SIZE <random small number> OP_EQUAL
Or:
OP_1ADD <random number> OP_EQUAL
Or:
OP_BOOLAND
Or:
OP_BOOLOR
And so on.
So no, it is not practically possible to ban anyone-can-spend outputs, as there are too many potential scriptPubKey that anyone can spend.
It is even possible to have an output that requires a proof-of-work, like so:
OP_HASH256 <difficulty target> OP_LESSTHAN
All the above outputs are disallowed from propagation by IsStandard, but a miner can put them validly in a block, and IsStandard is not consensus code and can be modified.
2. Soft fork = restrict
It is possible (although unlikely) for a majority of miners to run soft forking code which the rest of us are not privy to.
For example, for all we know, miners are already blacklisting spends on Satoshi's coins. We would not be able to detect this at all, since no transaction that spends Satoshi's coins have been broadcast, ever. It is thus indistinguishable from a world where Satoshi lost his private keys. Of course, the world where Satoshi never spent his coins and miners are blacklisting Satoshi's coins, is more complex than the world where Satoshi never spent his coins, so it is more likely that miners are not blacklisting.
But the principle is there. We may already be in a softfork whose rules we do not know, and it just so happens that all our transactions today do not violate those rules. It is impossible for us to know this, but it is very unlikely.
Soft forks apply further restrictions on Bitcoin. Hard forks do not. Thus, if everyone else is entering a soft fork and we are oblivious, we do not even know about it. Whereas, if everyone else is entering a hard fork, we will immediately see (and reject) invalid transactions and blocks.
Thus the only way to prevent soft fork is to hard fork against the new soft fork, like Bcash did.
Regards,
ZmnSCPxj
-------- Original Message --------
Subject: [bitcoin-dev] hypothetical: Could soft-forks be prevented?
Local Time: September 13, 2017 5:50 PM
UTC Time: September 13, 2017 9:50 AM
From: bitcoin-dev@lists•linuxfoundation.org
To: Bitcoin Protocol Discussion <bitcoin-dev@lists•linuxfoundation.org>
Hi, I am interested in the possibility of a cryptocurrency software
(future bitcoin or a future altcoin) that strives to have immutable
consensus rules.
The goal of such a cryptocurrency would not be to have the latest and
greatest tech, but rather to be a long-term store of value and to offer
investors great certainty and predictability... something that markets
tend to like. And of course, zero consensus rule changes also means
less chance of new bugs and attack surface remains the same, which is
good for security.
Of course, hard-forks are always possible. But that is a clear split
and something that people must opt into. Each party has to make a
choice, and inertia is on the side of the status quo. Whereas
soft-forks sort of drag people along with them, even those who oppose
the changes and never upgrade. In my view, that is problematic,
especially for a coin with permanent consensus rule immutability as a
goal/ethic.
As I understand it, bitcoin soft-forks always rely on anyone-can-spend
transactions. If those were removed, would it effectively prevent
soft-forks, or are there other possible mechanisms? How important are
any-one-can spend tx for other uses?
More generally, do you think it is possible to programmatically
avoid/ban soft-forks, and if so, how would you go about it?
_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists•linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
[-- Attachment #2: Type: text/html, Size: 5443 bytes --]
next prev parent reply other threads:[~2017-09-15 4:01 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-09-13 9:50 Dan Libby
2017-09-15 4:01 ` ZmnSCPxj [this message]
2017-09-15 9:14 ` Adam Back
2017-09-15 11:47 ` Tier Nolan
2017-09-15 20:01 ` Dan Libby
2017-09-15 19:55 ` Dan Libby
2017-09-15 20:40 ` Simone Bronzini
2017-09-15 21:48 ` Dan Libby
2017-09-16 1:42 ` Andrew Poelstra
2017-09-16 3:38 ` ZmnSCPxj
[not found] ` <CADSvpf7sC-Rh0qoGKgagQV7Mo_BV6ymeadgfMzJ_oXPCTyJ6Mw@mail.gmail.com>
2017-09-15 20:15 ` Dan Libby
2017-09-18 6:40 Daniel Wilczynski
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='SU02clg--S4TtIK4TZIytgdnHE8SzXBwSEb_FN5edtPAaojLwCEd6OTNkBUrDiH1FwHPuD4D5yByE7r4Fz_-CVzzU9KK0xvmDGlWNxTp3aU=@protonmail.com' \
--to=zmnscpxj@protonmail$(echo .)com \
--cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
--cc=dan@osc$(echo .)co.cr \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox