From: Chris Acheson <mail@chrisacheson.net>
To: bitcoin-dev@lists.linuxfoundation.org
Subject: [bitcoin-dev] I do not support the BIP 148 UASF
Date: Fri, 14 Apr 2017 06:52:46 -0400 [thread overview]
Message-ID: <03e427ef-c655-7ec6-78a2-717b78bc43af@chrisacheson.net> (raw)
Speaking as one of the BIP148 agitators:
> There have been some other UASF proposals that avoid the forced
> disruption-- by just defining a new witness bit and allowing
> non-upgraded-to-uasf miners and nodes to continue as non-upgraded, I
> think they are vastly superior. They would be slower to deploy, but I
> do not think that is a flaw.
I'm assuming that you're referring to the flag date "segwit is on now"
approach. This is more dangerous than the orphaning approach that BIP148
uses.
If we orphan non-signalling blocks on the flag date and don't have
majority hash power supporting us, there will be a chain split on the
flag day. We expect this to happen, we plan for it, and we employ
strategies to mitigate any damage. The bulk of the economy has
coordinated around this event happening. We even had the opportunity to
pull the plug before the flag date if things were looking too grim.
After the dust settles, 100% of the miners are guaranteed to have
upgraded, assuming they didn't choose to forgo 2+ weeks of income. Any
further chain splits would have to be the result of deliberate action by
51%+ of the mining power.
If we just have segwit activate on the flag date without orphaning the
blocks of non-segwit miners, we set ourselves up for a chain split at
some unknown time in the future. Without majority hash power on our
side, as soon as someone mines a segwit-invalid transaction, the chain
will split, with upgraded nodes and miners on one side, and non-upgraded
nodes and miners on the other side. The segwit-invalid transaction
doesn't even need to come from someone with their own mining equipment.
Open a short on BTC, rent some hash power, profit.
Since we don't know when this attack will occur, we won't be organized
and ready for it. It's also easy for both miners and users to get
complacent about it and fail to upgrade. The damage will be far worse
than if we had used the orphaning approach.
> "First do no harm." We should use the least disruptive mechanisms
> available, and the BIP148 proposal does not meet that test. To hear
> some people-- non-developers on reddit and such-- a few even see the
> forced orphaning of 148 as a virtue, that it's punitive for
> misbehaving miners. I could not not disagree with that perspective any
> more strongly.
Punitive action against miners is not the point of BIP148, it's an
unavoidable side-effect of making the UASF less disruptive for the users
of Bitcoin. Minimizing disruption for users must take priority over
minimizing disruption for miners. Given the intensity of this dispute
and the bad faith of certain actors, some schadenfreude is bound to
occur. Don't let that distract you from the actual reasons that BIP148
is designed the way it is.
> We should have patience. Bitcoin is a system that should last for all
> ages and power mankind for a long time-- ten years from now a couple
> years of dispute will seem like nothing. But the reputation we earn
> for stability and integrity, for being a system of money people can
> count on will mean everything.
I respect this perspective, and I agree with it to a certain extent.
However, continuing to wait has costs. I do not believe we have the
luxury of continuing to wait for a couple more years. In doing so it's
entirely possible that we may damage our reputation for stability and
integrity rather than build on it.
We have a window of opportunity with BIP148, and it would be a waste not
to act on it. In the event that we still lack sufficient support by
July, we can abandon the project, and make plans for how best to proceed
from there.
next reply other threads:[~2017-04-14 22:55 UTC|newest]
Thread overview: 41+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-04-14 10:52 Chris Acheson [this message]
-- strict thread matches above, loose matches on Subject: below --
2017-04-15 13:42 [bitcoin-dev] I do not support the BIP 148 UASF Mark Friedenbach
2017-04-15 14:54 ` Ryan Grant
2017-04-15 18:50 ` Gregory Maxwell
2017-04-19 16:17 ` Erik Aronesty
2017-04-20 14:23 ` Alphonse Pace
2017-04-20 15:48 ` Erik Aronesty
2017-04-14 7:56 Gregory Maxwell
2017-04-14 16:50 ` praxeology_guy
2017-04-14 17:36 ` Chris Stewart
2017-04-14 18:33 ` praxeology_guy
2017-04-14 19:12 ` Tom Zander
2017-04-14 19:20 ` Tom Zander
2017-04-14 19:33 ` James Hilliard
2017-04-14 20:34 ` Tom Zander
2017-04-14 20:51 ` James Hilliard
2017-04-14 20:58 ` Tom Zander
2017-04-14 21:10 ` James Hilliard
2017-04-14 21:12 ` Gregory Maxwell
2017-04-14 20:59 ` Gregory Maxwell
2017-04-15 2:01 ` Steven Pine
2017-04-15 3:05 ` Chris Stewart
2017-04-15 3:29 ` Gregory Maxwell
2017-04-15 4:10 ` Steven Pine
2017-04-15 4:47 ` Gregory Maxwell
2017-04-15 6:28 ` Cameron Garnham
2017-04-15 7:04 ` Gregory Maxwell
2017-04-15 7:46 ` Chris Acheson
2017-04-15 13:23 ` Natanael
2017-04-15 13:54 ` Greg Sanders
2017-04-15 8:05 ` Cameron Garnham
2017-04-20 18:39 ` shaolinfry
2017-04-25 18:28 ` Gregory Maxwell
2017-04-25 18:46 ` Luke Dashjr
2017-05-02 16:54 ` Erik Aronesty
2017-05-22 19:23 ` Suhas Daftuar
2017-05-23 4:03 ` Steven Pine
2017-05-23 6:30 ` Karl Johan Alm
2017-05-23 12:55 ` Luke Dashjr
2017-05-23 13:20 ` Jorge Timón
2017-05-23 9:47 ` Hampus Sjöberg
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=03e427ef-c655-7ec6-78a2-717b78bc43af@chrisacheson.net \
--to=mail@chrisacheson.net \
--cc=bitcoin-dev@lists.linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox