public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Zheming Lin <heater@gmail.com>
To: James Hilliard <james.hilliard1@gmail.com>
Cc: Bitcoin Dev <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] Proposal: Demonstration of Phase in Full Network Upgrade Activated by Miners
Date: Tue, 13 Jun 2017 14:50:26 +0800	[thread overview]
Message-ID: <2002E56E-45F8-4B4B-A7A5-CBEF739D5D8B@gmail.com> (raw)
In-Reply-To: <CADvTj4pu8LbETyduWj__U2txyvqZD9B8FFmLDPSiM4t+pTSuZQ@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 13662 bytes --]

Hi James:

Thank you very much for detailed feedback. Sorry for my understanding of English being poor. I’ll try to answer that.


> 在 2017年6月13日,13:44,James Hilliard <james.hilliard1@gmail.com> 写道:
> 
> On Mon, Jun 12, 2017 at 9:23 PM, Zheming Lin via bitcoin-dev
> <bitcoin-dev@lists.linuxfoundation.org <mailto:bitcoin-dev@lists.linuxfoundation.org>> wrote:
>> The BIP is described using Chinese and English. If any part is missing or need more specific, please reply. Forgive for my poor English.
>> 
>> This method will incorporate any upgrade that affects non-mining nodes. They should beware that the rule has been changed.
>> 
>> TLDR: Major miners activate and orphan the minor. That ensures all miners upgrades. Then invalid the tx from not upgrading nodes. Nodes must upgrade (with other protocol upgrade codes) in order to work. Then the final miner vote over protocol upgrade, with all nodes has the same upgraded codes.
>> 
>> ==Motivation==
>> 
>> 鉴于最初的比特币协议并未考虑不参与挖矿的钱包节点,导致这些钱包节点的协议升级是被动的,懒惰的。当在升级方向上出现分歧时,矿工也不愿意在错误的链上挖矿,但矿工又没有任何方法可以确保正在延长的链是被钱包节点广泛接受的链。这将影响钱包节点的安全。<br/>
>> In view of the fact that the original Bitcoin consensus did not consider the non-mining wallet nodes(as mentioned above), the result is that upgrading the consensus of these wallet nodes is passive and lazy. When there is disagreement in the direction of the upgrade, the miners have no mechanism to ensure that the chain being extended is the chain widely accepted by the wallet nodes. This also adversely affects the security of the wallet nodes.<br/>
> Wallet nodes being able to fully validate and choose whether or not to
> accept a particular chain is an important part of bitcoins security
> model.

是的我认为这些节点非常重要,因此不愿意看到这些节点因为无法预见到网络上可能发生的改变而蒙受损失。这些节点依然拥有选择的权利,比如通过类似于 BIP148 的方法。

I admitted that these nodes a very important. so we don’t want these nodes suffer financial loss by undetectable network change. These nodes always have choice like BIP148.

>> 
>> 使用该方法可以在保证钱包节点资产安全的情况下,且通过增加激励让钱包节点升级协议。一旦钱包节点升级协议,保证矿工节点不仅工作在算力最长链上,还工作在比特币生态环境中其他钱包节点所使用的最长链上。在中本聪共识下不会出现分叉,以实现渐进式的协议升级。<br/>
>> 
>> Apart from ensuring the asset security of wallet nodes, this method can be used to provide additional incentives to upgrade the protocol for the wallet nodes. Once the wallet nodes upgrade their protocol, the miners' nodes can be guaranteed to work - not only on the longest chain, but also on the longest chain used by other wallet nodes in the broader bitcoin sphere. Under the Nakamoto Consensus, there will be no persistent forks as protocol upgrades can be phased in.<br/>
> There is no way to guarantee a wallet node will accept a particular
> block since that is always up to the user.

我们无法对此进行保证。但是我们能够提供一种让这些节点了解并参与部署改变的激励。
We can not have any guarantee. but we can have incentives that they participate and be aware about the change happening.
用户总是可以进行选择。
Users always have choice.

>> 
>> ==Specification==
>> 
>> 1. 挖矿节点将使用 versionbits 版本位来定义支持信号。BIP 生效时,所有区块需要使用制定的 nVersion 来发送信号<br/>
>> 2. 挖矿节点将使用 tx version 来定义当前的交易版本。当前的 tx version 是 1,将允许 tx version 为 2 的交易,并在第二个宽限期之后,使 tx version 为 1 的交易非法。<br/>
>> 
>> 1. Mining nodes signal by setting a version bit. While this BIP is active, all blocks must set the chosen nVersion.<br/>
>> 2. Mining nodes will use tx version to define current version transactions. Current tx version is 1, and tx version 2 will be allowed. After the second grace period, tx version 1 will be regarded as invalid.<br/>
> Sounds like this would cause issues with pre-signed time locked transactions.

我们可以在第四阶段中重新允许这些交易。无论升级是否成功激活,他们都需要为此做好准备。他们并不能被丢下甚至被欺骗为什么都没有发生。
They can be re-enable in the successful or unsuccessful activation of the fourth stage. Whether or not, what they need is to be prepared for the future coming. But they can’t be left behind or be cheated like nothing happened.

>> 
>> 
>> ==Deployment==
>> 协议升级,将分成三步逐步实施。并有一个可选的第四步来集成协议升级代码。<br/>
>> 
>> Protocol upgrading will phase in over three stages. We can have an optional fourth stage to integrate codes of protocol upgrade.<br/>
>> 
>> 1. 信号阶段。挖矿节点使用 versionbits 发送支持信号。挖矿节点在监测到 55% 的区块即前 1109/2016 个区块均发送了相同的支持信号,进入下一阶段。<br/>
>> 2. 矿工节点升级。经过了第一个宽限期 2016 的区块后,且总信号区块超过了 2218/4032,就开始使用新的区块版本打包区块,并同时开始孤立旧版本。此时所有节点和钱包,将可以使用新版本号发送交易,同时兼容旧版本号交易。<br/>
>> 3. 钱包节点升级。在挖矿节点监测到第二个宽限期 4032 个连续的新版本的区块后,开始拒绝旧版本号的交易,只打包/转播新版本号的交易。同时将从内存池中删除旧版本号的交易。<br/>
>> 4. (可选的)协议升级。在第三阶段中包含有第四阶段的升级代码。当我们确保钱包节点升级到支持新版本交易后,必然包含了第四阶段的升级代码。则此时可以通过矿工节点投票的方式完成全网络的协议升级。
>> 
>> 1. Signal stage: Mining nodes signal using BIP9. The next stage will be activated after 55% (1109) of 2016 blocks has the signal.<br/>
>> 
>> 2. Mining nodes upgrade stage: After a first grace period of 2016 blocks and total signalling blocks passed 2218 of 4032 blocks, miners broadcasting blocks with new versionbits in block headers will orphan blocks with old versionbits. At this stage all nodes can send transactions with new versionbits, and transactions with old versionbits will be compatible.<br/>
>> 
>> 3. Non-mining nodes upgrade stage: after 4032 continuous blocks with new versionbits, mining nodes will start to refuse transactions with old versionbits. Only transactions with new versionbits can be relayed and included in blocks. Transactions with old versionbits can be safely purged from memory pools.<br/>
>> 
>> 4. (Optional)Protocol Upgrade stage: The codes dealing with protocol upgrade can be integrated in the third stage. After the non-mining nodes upgrades to support newer version of transactions, the codes with protocol upgrade must be included and now we can use miner vote to activate and finish this upgrade.<br/>
>> 
>> 至此,协议升级完成。<br/>
>> 
>> At this point, the protocol upgrade have phased in.<br/>
>> 
>> ==Benefits==
>> 
>> 1. 仅需要多数的矿工发信号后即可激活。在中本聪的比特币论文中,99.9% 的可能性下,55% 的矿工将在 340 个区块后确保成为最长链。这将最大可能减小通过控制少数算力而拖延网络升级的可能性。我们可以预见到在算力信号超过 51% 后,挖矿节点将迅速的在第一个宽限期内进行升级。<br/>
>> 2. 在两个宽限期内,钱包节点交易不受影响,有足够的时间升级钱包软件。<br/>
>> 3. 版本信息包含在 block header 中,并不影响 SPV 挖矿过程。(看起来是?)<br/>
>> 4. 在两个宽限期后,钱包节点将必须升级钱包,否则因没有算力支持将无法发送交易,也无法确认。相对于在节点间重新达成新的共识,这种状况并没有更糟糕。<br/>
>> 5. 钱包节点的账本将得到尊重和保护。使用链下钱包的用户将需要在钱包服务提供商的声明之后决定提至链上钱包或跟随。<br/>
>> 6. 将来的协议升级,可以在升级客户端版本同时绑定协议升级代码并进行独立的激活投票。这将预留足够的时间让节点升级软件以支持新的协议。即使矿工投票激活失败也不影响现状。<br/>
>> 
>> 1. The activation only requires majority miners signal. As described in the paper by Satoshi Nakamoto, 55% miners will be in the longest chain after 340 blocks, with 99.9% certainty. This will minimize the possibility of delaying network upgrades by controlling a small number of hashing power. We can foresee that after 51% signalling, all miners will upgrade within the first grace period. <br/>
> Technically soft forks can be implemented at 55% hashpower already
> without an orphaning period(like BIP16). Those that don't upgrade
> would just be at risk of mining invalid blocks. One would not want to
> use this method to try and activate a controversial hard fork since
> it's trivial for miners to false signal. The orphaning period
> effectively forces miners to make a decision but does not necessarily
> force them to make a particular decision since they can simply choose
> to reject the fork and false signal.

假信号的问题在我看来无法解决。但如果多数不同意这个改变,为什么他们还要欺骗?如果多数如中本聪共识中描述的那样是诚实可信的,那就不会有任何问题。通过算力总能分出胜负。
False signal can’t be solved in my opinion. If the majority part just don’t agree with the change, why they cheat? If the majority part is honest as described in nakamoto consensus, I think that won’t be a problem. CPU power always decides.


>> 2. During the first two grace periods, non-mining nodes will not be affected. They have enough time to upgrade their software. <br/>
>> 3. Versionbits included in block header, not influencing the SPY mining. <br/>
> The widely deployed stratum based SPV mining does not really provide a
> proper way to validate nversion of the previous block, it only lets
> you see the nversion of the current stratum job since you don't get a
> full bock header. There's always a risk here that miners build on top
> of invalid blocks when SPV mining.

也许我是错的我并不肯定。请对如何让这个方法兼容 SPY 挖矿提出建设性意见。
Maybe I’m wrong. Please give some advice that how to make it compatible with SPY mining.

>> 4. After two grace periods, all nodes must be upgraded. Otherwise they cannot send transactions or get any confirmations. Compared with forming new consensus among nodes, the situation is not worse than before. <br/>
> Previous consensus changes have largely been done in backwards
> compatible ways which lets users opt-in to new features. In general
> backwards compatibility is considered a good thing, this seems to make
> that worse.

这并没有强制我们的节点作出任何改变共识的表示。仅仅让这些节点为接下来可能的改变做好准备。
It would not force our nodes to do anything that changes the consensus. But they should be prepared for the **maybe** upcoming changes.
协议的改变将通过矿工投票产生,但是这个过程应该被所有节点所知晓并承认。
Protocol upgrades could be done using miners vote. but the progress of voting should be acknowledged by all nodes.


>> 5. The ledger in non-mining wallet nodes is honored and reserved. Users of off-chain wallet services can decide whether or not to follow the service providers after they got the public notification from the service providers. <br/>
>> 6. Protocol upgrades in the future can be bonded with the upgrades of nodes, and the upgrades activate through miners vote independently. There would be enough time for nodes to be upgraded in order to support new protocols. Even in case of failing in miner activation, the situation will not worsen and the status quo will remain. <br/>
>> 
>> 
>> ==Risks==
>> 
>> 1. 算力的波动会影响最长链的结果。因此越高的激活比例要求将减少短时间分叉的危险。<br/>
>> 2. 矿工可能发假信号来避免被孤立,但在钱包节点看来无法区分是否是假信号,只能升级。而钱包节点升级之后,矿工也将跟随。<br/>
>> 3. 钱包节点可能发假信号来仅升级版本号而不支持绑定的协议升级代码,但钱包节点数量无法判别,严肃的真实节点应当跟随可证实的矿工投票结果。<br/>
>> 4. 存在少部分矿工和钱包节点共谋,在新协议升级激活后依然使用老协议挖矿的可能。这种可能随时发生无法杜绝,但通过让沉默的大多数钱包节点升级的方式可以降低这种行为带来的利益。<br/>
>> 
>> 1. The fluctuation of the hashing power will affect the result of the longest chain. Higher activating requirement means a lower risk of temporary fork. <br/>
>> 2. Miners could simply signal to avoid being orphaned, but from the perspective of non-mining wallet nodes, they can't distinguish the false signal from the true signal. They must upgrade with the assumption that the signals are all true. After all the non-mining nodes have upgraded, the miners signalling false signal should follow. <br/>
> Miners can simply announce they are false signalling with coinbase
> tags and other methods. This activation method would likely not be
> viable for controversial changes.

如果大多数矿工是诚实的,假信号不会有问题。
False signal won’t be a problem if majority miners are honest.

>> 3. Non-mining wallet nodes could false signal without supporting the new protocol but since the total number of nodes cannot be distinguished, genuine nodes should follow the proven result provided by miners vote. <br/>
> Users would likely take into account markets and other factors when
> deciding what to do, the total number of nodes doesn't really matter
> much. Miner signalling is not necessarily indicative of economic and
> user support.

矿工需要在可以确保大多数用户不被升级影响的情况下才能公正投票。
Miners should vote unbiasedly under the condition that most users are not affected by protocol upgrading.


>> 4. Miners and non-mining nodes could conspire to fork using old protocol consensus. It can't be eliminated, just like in the past but through most passive non-mining nodes being upgraded, their benefit is reduced. <br/>
>> 
>> 
>> ==Implementation==
>> ___TBD___
>> 
>> _______________________________________________
>> bitcoin-dev mailing list
>> bitcoin-dev@lists.linuxfoundation.org <mailto:bitcoin-dev@lists.linuxfoundation.org>
>> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>

[-- Attachment #2: Type: text/html, Size: 39992 bytes --]

  reply	other threads:[~2017-06-13  6:50 UTC|newest]

Thread overview: 24+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-06-13  2:23 [bitcoin-dev] Proposal: Demonstration of Phase in Full Network Upgrade Activated by Miners Zheming Lin
2017-06-13  5:44 ` James Hilliard
2017-06-13  6:50   ` Zheming Lin [this message]
2017-06-13  7:19     ` James Hilliard
2017-06-13  8:13       ` Zheming Lin
2017-06-13  8:37         ` James Hilliard
2017-06-13 19:35   ` Jared Lee Richardson
2017-06-14  0:23     ` James Hilliard
2017-06-14  1:08       ` Jared Lee Richardson
2017-06-13  8:24 ` Zheming Lin
2017-06-13 10:20   ` James Hilliard
2017-06-13 18:11 ` Gregory Maxwell
2017-06-14 16:39   ` Zheming Lin
2017-06-14 17:20     ` Jameson Lopp
2017-06-14 18:29       ` Zheming Lin
2017-06-14 18:55         ` Jameson Lopp
2017-06-14 19:04           ` Zheming Lin
2017-06-14 20:11             ` Jameson Lopp
2017-06-16 14:39               ` Zheming Lin
2017-06-15  5:04           ` Eric Voskuil
2017-06-15 18:38             ` Erik Aronesty
2017-06-16  3:09               ` Eric Voskuil
2017-07-22  3:58                 ` Zheming Lin
2017-06-14 18:30       ` Zheming Lin

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=2002E56E-45F8-4B4B-A7A5-CBEF739D5D8B@gmail.com \
    --to=heater@gmail.com \
    --cc=bitcoin-dev@lists.linuxfoundation.org \
    --cc=james.hilliard1@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox