Re: [bitcoin-dev] Introducing a POW through a soft-fork

[Peter Todd <pete@petertodd.org>]

[-- Attachment #1: Type: text/plain, Size: 1647 bytes --]

On Wed, Nov 01, 2017 at 05:48:27AM +0000, Devrandom via bitcoin-dev wrote:

Some quick thoughts...

> Hi all,
> 
> Feedback is welcome on the draft below.  In particular, I want to see if
> there is interest in further development of the idea and also interested in
> any attack vectors or undesirable dynamics.
> 
> (Formatted version available here:
> https://github.com/devrandom/btc-papers/blob/master/aux-pow.md )
> 
> # Soft-fork Introduction of a New POW

First of all, I don't think you can really call this a soft-fork; I'd call it a
"pseudo-soft-fork"

My reasoning being that after implementation, a chain with less total work than
the main chain - but more total SHA256^2 work than the main chain - might be
followed by non-supporting clients. It's got some properties of a soft-fork,
but it's security model is definitely different.

> ### Aux POW intermediate block
> 
> Auxiliary POW blocks are introduced between normal blocks - i.e. the chain
> alternates between the two POWs.
> Each aux-POW block points to the previous normal block and contains
> transactions just like a normal block.
> Each normal block points to the previous aux-POW block and must contain all
> transactions from the aux-POW block.

Note how you're basically proposing for the block interval to be decreased,
which has security implications due to increased orphan rates.

> ### Heaviest chain rule change
> 
> This is a semi-hard change, because non-upgraded nodes can get on the wrong
> chain in case of attack.  However,

Exactly! Not really a soft-fork.

-- 
https://petertodd.org 'peter'[:-1]@petertodd.org

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 488 bytes --]