Pieter,

I think that you have misrepresented Chris' view by taking it out of context. His complete quote reads "If drivechains are successful they should be viewed as the way we scale -- not hard forking the protocol." Chris is comparing Drivechains/sidechains to a hard fork.

You went on to "disagree", but every point of contention you introduced was something that would apply to both drivechain-sourced capacity and hardfork-sourced capacity. Neither improves scalability, and both allow users only the opportunity to select a different security model. If I understand you, the point at which a security model does not become "interesting" to you, would be the exact same point in the drivechain and hardfork worlds. Both, at any rate, have the same effect on "validation cost to auditors".

The only true difference is the "extra risk of miners being able to vote to steal your money", but as I have pointed out on this mailing list several times, I do not actually believe that there is any marginal risk -- miners can already "vote to steal your money" in the double-spend and ln-channel-theft contexts. I have also argued that the "risk" is actually desirable in an opt-in context, because it puts the burden of proof on miners/developers (to convince users that they should move over to the sidechain). Since their sidechain coins cannot appreciate in value relative to the mainchain coins, users would only opt-in if they felt that they were sufficiently compensated for any and all risks. Hence, it is difficult to list this item as a drawback when, to the user, it is a strict improvement (at least, by any epistemological standard that I can think of). If you have new objections to these claims, I'm sure we would all benefit from hearing them, myself most of all.

Paul


On 7/11/2017 4:01 PM, Pieter Wuille wrote:
On Jul 11, 2017 09:18, "Chris Stewart via bitcoin-dev" <bitcoin-dev@lists.linuxfoundation.org> wrote:
Concept ACK.

If drivechains are successful they should be viewed as the way we scale

I strongly disagree with that statement.

Drivechains, and several earlier sidechains ideas, are not a scalability improvement, but merely enabling users to opt-in for another security model.

While obviously any future with wider adoption will need different technologies that have different trade-offs, and anyone is free to choose their security model, I don't think this particular one is interesting. In terms of validation cost to auditors, it is as bad as just a capacity increase on chain, while simultaneously adding the extra risk of miners being able to vote to steal your money.

Cheers,

--
Pieter