From: jl2012 <jl2012@xbt.hk>
To: bitcoin-dev@lists.linuxfoundation.org
Subject: [bitcoin-dev] BIP draft: Hard fork opt-in mechanism for SPV nodes
Date: Fri, 05 Feb 2016 13:40:57 -0500 [thread overview]
Message-ID: <5e8eb817e242e59260703a4d1505252f@xbt.hk> (raw)
[-- Attachment #1: Type: text/plain, Size: 4380 bytes --]
BIP draft: Hard fork opt-in mechanism for SPV nodes:
https://github.com/bitcoin/bips/pull/320
This is a supplement, instead of a replacement, of the hardfork bit BIP:
https://github.com/bitcoin/bips/pull/317
They solves different problems:
The hardfork bit tells full and SPV that a planned hardfork (instead of
a softfork) has happened.
This BIP makes sure SPV nodes won't lose any money in a hardfork, even
if they do not check the hardfork bit.
---------------------
BIP: ?
Title: Hard fork opt-in mechanism for SPV nodes
Author: Johnson Lau <jl2012@xbt.hk>
Status: Draft
Type: Standard Track
Created: 2016-02-05
ABSTRACT
This document specifies a new algorithm for the transaction commitment
in block header, to ensure that SPV nodes will not automatically follow
a planned hard fork without explicit opt-in consent.
[1]MOTIVATION
A hard fork in Bitcoin is a consensus rule change where previously
invalid blocks become valid. For the operators of fully validating
nodes, migration to the new fork requires conscious actions. However,
this may not be true for SPV node, as many consensus rules are
transparent to them. SPV nodes may follow the chain with most
proof-of-work, even if the operators do not agree with the economical or
ideological properties of the chain.
By specifying a new algorithm for the transaction commitment in block
header, migration to the new fork requires explicit opt-in consent for
SPV nodes. It is expected that this proposal will be implemented with
other backward-incompatible consensus rule changes at the same time.
[2]SPECIFICATION
The calculation of Merkle root remains unchanged. Instead of directly
committing the Merkle root to the header, we commit
Double-SHA256(zero|merkle_root|zero)
where zero is 0x0000....0000 with 32 bytes.
[3]RATIONALE
Since the header structure is not changed, non-upgraded SPV nodes will
still be able to verify the proof-of-work of the new chain, and they
will follow the new chain if it has most proof-of-work. However, they
will not be able to the accept any incoming transactions on the new
chain since they cannot verify them with the new commitment format. At
the same time, SPV nodes will not accept any new transactions on the old
chain, as they find it has less proof-of-work. Effectively, SPV nodes
stop accepting any transactions, until their operators take further
actions.
Zero-padding is applied before and after the merkle_root, so it is not
possible to circumvent the rule change with any current implementations,
even for faulty ones.
A future hard fork should change the padding value to stop non-upgraded
SPV nodes from processing new transactions.
Hard forks may sometimes be totally uncontroversial and make barely
noticeable change (BIP50 [4], for example). In such cases, changing the
padding value may not be needed as it may cause unnecessary disruption.
The risk and benefit should be evaluated case-by-case.
[5]COMPATIBILITY
As a mechanism to indicate hard fork deployment, this BIP breaks
backward compatibility intentionally. However, without further changes
in the block header format, non-upgraded full nodes and SPV nodes could
still verify the proof-of-work of upgraded blocks.
INTERACTION WITH FRAUD PROOF SYSTEM A fraud proof system is full nodes
that will generate compact proofs to testify invalid blocks on the
blockchain, verifiable by SPV nodes. Hard forks without any malicious
intention may also be considered as a "fraud" among non-upgraded nodes.
This may not be desirable, as the SPV node may accept devalued tokens on
the old chain with less proof-of-work. With this BIP, non-upgraded SPV
nodes will always believe the new chain is valid (since they cannot
verify any fraud proof), while cannot be defrauded as they will not see
any incoming transactions.
[6]COPYRIGHT
This document is placed in the public domain.
Links:
------
[1]
https://github.com/jl2012/bips/blob/merkleroot/spvoptinhf.mediawiki#motivation
[2]
https://github.com/jl2012/bips/blob/merkleroot/spvoptinhf.mediawiki#specification
[3]
https://github.com/jl2012/bips/blob/merkleroot/spvoptinhf.mediawiki#rationale
[4] https://github.com/jl2012/bips/blob/merkleroot/bip-0050.mediawiki
[5]
https://github.com/jl2012/bips/blob/merkleroot/spvoptinhf.mediawiki#compatibility
[6]
https://github.com/jl2012/bips/blob/merkleroot/spvoptinhf.mediawiki#copyright
[-- Attachment #2: Type: text/html, Size: 5376 bytes --]
next reply other threads:[~2016-02-05 18:41 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-02-05 18:40 jl2012 [this message]
2016-02-05 23:25 ` [bitcoin-dev] BIP draft: Hard fork opt-in mechanism for SPV nodes Luke Dashjr
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5e8eb817e242e59260703a4d1505252f@xbt.hk \
--to=jl2012@xbt.hk \
--cc=bitcoin-dev@lists.linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox