* [bitcoin-dev] bitcoin-inquistion: evaluating soft forks on signet
@ 2022-09-16 7:15 Anthony Towns
2022-09-16 16:46 ` Matt Corallo
` (2 more replies)
0 siblings, 3 replies; 15+ messages in thread
From: Anthony Towns @ 2022-09-16 7:15 UTC (permalink / raw)
To: bitcoin-dev
Subhead: "Nobody expects a Bitcoin Inquistion? C'mon man, *everyone*
expects a Bitcoin Inquisition."
As we've seen from the attempt at a CHECKTEMPLATEVERIFY activation earlier
in the year [0], the question of "how to successfully get soft fork
ideas from concept to deployment" doesn't really have a good answer today.
Obviously, a centralised solution to this problem exists: we could
establish a trusted group, perhaps one containing devs, industry
representatives, investors, etc, have them review proposals and their
implementations, and follow their lead when they decide that a proposal
has met their standards and should be widely deployed. Some might even
say "sipa is precisely that group". The problem with having a group of
that nature isn't one of effectiveness, but rather that they are then
vulnerable to pressure and corruption, which isn't desirable if we want
everyone using Bitcoin to truly be peers, and often isn't desirable for
the prospective members of the group either. So that's not something we
should want people to volunteer for, nor is it a duty we should thrust
on people. Or at least, that's my opinion, anyway.
I think any alternative approach to doing consensus changes (while
avoiding a chain split) has to look something like this:
* propose an idea (research phase)
* implement the idea (development phase)
* demonstrate the idea is worthwhile (evaluation phase)
* once everyone is convinced, activate (deployment phase)
Without an evaluation phase that is thorough enough to convince (almost)
everyone, I think deployment becomes controversial and perhaps effectively
impossible (at least without some trusted leadership group). But with an
evaluation phase that demonstrates to everyone who's interested that the
proposal has actual value, minimal cost and no risk, I think activation
could be fairly easy and straightforward.
I contend that the most significant problem we have is in the "evaluation
phase". How do you convince enough people that a change is sufficiently
beneficial to justify the risk of messing with their money? If you're
only trying to convince a few experts, then perhaps you can do that with
papers and talks; but limiting the evaluation to only a few experts is
effectively just falling back to the centralised approach.
So I think that means that part of the "evaluation phase" should involve
implementing real systems on top of the proposed change, so that you
can demonstrate real value from the change. It's easy to say that
"CTV can enable vaults" or "CTV can make opening a lightning channel
non-interactive" -- but it's harder to go from saying something
is possible to actually making it happen, so, at least to me, it
seems reasonable to be skeptical of people claiming benefits without
demonstrating they're achievable in practice.
I contend the easiest way we could make it easy to demonstrate a soft
fork working as designed is to deploy it on the default global signet,
essentially as soon as it has a fully specified proposal and a reasonably
high-quality implementation.
The problem with that idea is that creates a conundrum: you can't activate
a soft fork on the default signet without first merging the code into
bitcoin core, you can't merge the code into bitcoin core until it's been
fully evaluated, and the way you evaluate it is by activating it on the
default signet?
I think the weakest link in that loop is the first one: what if we did
activate soft forks on the default signet prior to the code being merged
into core? To that end, I'm proposing a fork of core that I'm calling
"bitcoin-inquisition", with the idea that it branches from stable
releases of core and adds support for proposed changes to consensus
(CTV, ANYPREVOUT, TLUV, OP_CAT, etc...) and potentially also relay
policy (relay changes are often implied by consensus changes, but also
potentially things like package relay).
https://github.com/bitcoin-inquisition/bitcoin/wiki
https://github.com/bitcoin-inquisition/bitcoin/pulls
The idea being that if you're trying to work on "upgrading lightning
to support eltoo", you can iterate through changes needed to consensus
(via bitcoin-inquisition) and client apps (cln, lnd, eclair etc), while
testing them in public (on signet) and having any/all the pre-existing
signet infrastructure available (faucets, explorers etc) without having
to redeploy it yourself. Having multiple consensus changes deployed in
one place also seems like it might make it easier to compare alternative
approaches (eg CTV vs ANYPREVOUT vs OP_TXHASH vs OP_TX, etc).
So that's the concept. For practical purposes, I haven't yet merged
either CTV or APO support into the bitcoin-inquisition 23.0 branch yet,
and before actually mining blocks I want to make the signet miner able
to automatically detect/recover if the bitcoin-inquisition node either
crashes or starts producing incompatible blocks.
Anyway, I wanted to post the idea publicly, both to give folks an
opportunity to poke holes in the idea, or to suggest any further
improvements or otherwise do any review before the CTV and APO patches
get merged.
Some other details that may be of interest.
The biggest challenge with soft forks and the idea of "iterating
through changes" is that making improvements can create a hard fork,
which then forces everyone running old software to update, which can be
pretty inconvenient, especially if you don't actually care about that
change. Since signet (and regtest) mining is effectively permissioned,
we can avoid that problem by having all these proposed soft forks
come with a pre-baked ability to abandon the soft fork (much as David
Harding described in [1]). Once a soft fork is abandoned, it can either
be ignored forever (and later versions of the software can not include
the code to enforce it at all), or it can be replaced by a new version
of the soft fork.
Another benefit that comes from signet chains being permissioned is
that miners can be expected to coordinate upgrading out of band, so
there is no need for a 90% signalling threshold. Instead, activation
(and abandonment) of a soft fork can be triggered by a single block
signalling. That further means there is no need for any individual
block to signal for multiple forks, and instead of having 29 different
signals, we can instead easily have up to 2**29. I've chosen to make
the standard signal have 16 bits for specifying a bip number (0-65535)
and 8 bits for specifying a version of that bip, which seems like it
should be more than enough at least for a while. More details at [2].
I'm basing bitcoin-inquisition solely off stable releases. This is partly
because it can be annoying to constantly rebase consensus changes aginst
bitcoin core's master branch, but also I think it might help consensus
changes be easily backported once they pass the "evaluation phase"
and move into the "deployment phase".
I'm not sure what level of code quality PRs should have before being
merged into bitcoin-inquisition. I think CTV is plenty good enough,
but I'm not sure about APO, particularly its test coverage. If you want
to influence what becomes the tradition here, contributing a review,
or posting patches against the upsteam branch might be a good start?
Does this make the global default signet miners, or perhaps the
bitcoin-inquisition maintainers the "trusted group" that we want to
avoid? Hopefully not -- anyone can run their own fork or do their own
fork of bitcoin core, so if the miners/maintainers start trying to
arbitrarily block proposals they can be worked around without too much
hassle. And since they're clearly separate from any of the actions that
need to be taken for actual deployment once activation is complete,
they shouldn't have any ability to unduly promote fork proposals that
people aren't fully satisfied are ready for deployment.
Cheers,
aj
[0] https://bitcoinops.org/en/newsletters/2022/04/27/#discussion-about-activating-ctv
[1] https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-April/020242.html
[2] https://github.com/bitcoin-inquisition/bitcoin/wiki/Heretical-Deployments
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [bitcoin-dev] bitcoin-inquistion: evaluating soft forks on signet
2022-09-16 7:15 [bitcoin-dev] bitcoin-inquistion: evaluating soft forks on signet Anthony Towns
@ 2022-09-16 16:46 ` Matt Corallo
2022-09-17 6:14 ` Anthony Towns
2022-09-18 18:47 ` Antoine Riard
2022-10-02 6:12 ` Anthony Towns
2 siblings, 1 reply; 15+ messages in thread
From: Matt Corallo @ 2022-09-16 16:46 UTC (permalink / raw)
To: Anthony Towns, Bitcoin Protocol Discussion
Apologies for any typos, somewhat jet-lagged atm.
On 9/16/22 3:15 AM, Anthony Towns via bitcoin-dev wrote:
> Subhead: "Nobody expects a Bitcoin Inquistion? C'mon man, *everyone*
> expects a Bitcoin Inquisition."
>
> As we've seen from the attempt at a CHECKTEMPLATEVERIFY activation earlier
> in the year [0], the question of "how to successfully get soft fork
> ideas from concept to deployment" doesn't really have a good answer today.
I strongly disagree with this. Going back many, many years we've had many discussions about fork
process, and the parts people (historically) agreed with tend to be:
(1) come up with an idea
(2) socialize the idea in the technical community, see if anyone comes up with any major issues or
can suggest better ideas which solve the same use-cases in cleaner ways
(3) propose the concrete idea with a more well-defined strawman, socialize that, get some kind of
rough consensus in the loosely-defined, subjective, "technical community" (ie just ask people and
adapt to feedback until you have found some kind of average of the opinions of people you, the
fork-champion, think are reasonably well-informed!).
(4) okay, admittedly beyond this is a bit less defined, but we can deal with it when we get there.
Turns out, the issue today is a lack of champions following steps 1-3, we can debate what the
correct answer is to step (4) once we actually have people who want to be champions who are willing
to (humbly) push an idea forward towards rough agreement of the world of technical bitcoiners
(without which I highly doubt you'd ever see broader-community consensus).
Matt
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [bitcoin-dev] bitcoin-inquistion: evaluating soft forks on signet
2022-09-16 16:46 ` Matt Corallo
@ 2022-09-17 6:14 ` Anthony Towns
2022-09-17 8:39 ` Matt Corallo
0 siblings, 1 reply; 15+ messages in thread
From: Anthony Towns @ 2022-09-17 6:14 UTC (permalink / raw)
To: Matt Corallo, Bitcoin Protocol Discussion
On Fri, Sep 16, 2022 at 12:46:53PM -0400, Matt Corallo via bitcoin-dev wrote:
> On 9/16/22 3:15 AM, Anthony Towns via bitcoin-dev wrote:
> > As we've seen from the attempt at a CHECKTEMPLATEVERIFY activation earlier
> > in the year [0], the question of "how to successfully get soft fork
> > ideas from concept to deployment" doesn't really have a good answer today.
> I strongly disagree with this.
Okay? "X is good" is obviously just a statement of opinion, so if you
want to disagree, that's obviously allowed.
I also kind of feel like that's the *least* interesting paragraph in the
entire email to talk further about; if you think the current answer's
already good, then the rest of the mail's just about (hopefully) making
it better, which would be worthwhile anyway?
> Going back many, many years we've had many
> discussions about fork process, and the parts people (historically) agreed
> with tend to be:
> (1) come up with an idea
> (2) socialize the idea in the technical community, see if anyone comes up
> with any major issues or can suggest better ideas which solve the same
> use-cases in cleaner ways
> (3) propose the concrete idea with a more well-defined strawman, socialize
> that, get some kind of rough consensus in the loosely-defined, subjective,
> "technical community" (ie just ask people and adapt to feedback until you
> have found some kind of average of the opinions of people you, the
> fork-champion, think are reasonably well-informed!).
> (4) okay, admittedly beyond this is a bit less defined, but we can deal with it when we get there.
> Turns out, the issue today is a lack of champions following steps 1-3, we
> can debate what the correct answer is to step (4) once we actually have
> people who want to be champions who are willing to (humbly) push an idea
> forward towards rough agreement of the world of technical bitcoiners
> (without which I highly doubt you'd ever see broader-community consensus).
Personally, I think this is easily refuted by contradiction.
1) If we did have a good answer for how to progress a soft-fork, then
the great consensus cleanup [0] would have made more progress over the
past 3.5 years. Maybe not all of the ideas in it were unambiguously good
[1], but personally, I'm convinced at least some of them are, and I
don't think I'm alone in thinking that. Even if the excuse is that its
original champion wasn't humble enough, there's something wrong with
the process if there doesn't exist some other potential champion with
the right balance of humility, confidence, interest and time who could
have taken it over in that timeframe.
2) Many will argue that CTV has already done steps (1) through (3) above:
certainly there's been an idea, it's been socialised through giving talks,
having discussion forums, having research workshops [2], documenting use
cases use cases; there's been a concrete implementation for years now,
with a test network that supports the proposed feature, and new tools
that demonstrate some of the proposed use cases, and while alternative
approaches have been suggested [3], none of them have even really made
it to step (2), let alone step (3). So that leaves a few possibilities
to my mind:
* CTV should be in step (4), and its lack of definition is a problem,
and trying the "deal with it when we get there" approach is precisely
what didn't work back in April.
* The evaluation process is too inconclusive: it should either be
saying "CTV is not good enough, fix these problems", or "CTV hasn't
sufficiently demonstrated its value/cost, work on X next", but it
isn't.
* Parts (2) to (3) are too hard, and that's preventing alternatives
from making progress, which in turn is preventing people from
being able to decide whether CTV is the superior approach, or some
alternative is.
But each of those possibilities indicates a significant problem with
our answer for developing soft forks.
I guess my belief is that it's mostly (2) and (3) being too hard (which
taproot overcame because many were excited about it, and CTV overcame
because Jeremy's put a lot of effort into it; but consensus cleanup,
APO, simplicity, TXHASH, etc have not similarly overcome at this point),
which leads to the evaluation process being inconclusive when plausible
alternatives exist.
(In particular, I think having the process be massively difficult is
going to naturally cause any "humble" champion to decide that they're
not up to the task of following the process through to completion)
Anyway, that's some additional reasons why I believe what I said above,
in case that's interesting. But like I said at the start, if you still
disagree, that's fine of course.
Cheers,
aj
[0] https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2019-March/016714.html
https://github.com/bitcoin/bitcoin/pull/15481
https://github.com/bitcoin/bitcoin/pull/15482
[1] https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2019-March/016765.html
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2019-March/016763.html
https://github.com/bitcoin/bitcoin/pull/15482#issuecomment-469822630
[2] https://utxos.org/workshops/
[3] TXHASH https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-January/019813.html
TX https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-May/020450.html
Elements-style opcodes https://twitter.com/rusty_twit/status/1518007923896578048
cf https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-February/019851.html
ANYPREVOUT? https://twitter.com/darosior/status/1474375301262151684
Simplicity? https://twitter.com/Mario_Gibney/status/1403890965903859718
Lisp? https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-March/020036.html
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [bitcoin-dev] bitcoin-inquistion: evaluating soft forks on signet
2022-09-17 6:14 ` Anthony Towns
@ 2022-09-17 8:39 ` Matt Corallo
2022-09-17 15:53 ` Michael Folkson
0 siblings, 1 reply; 15+ messages in thread
From: Matt Corallo @ 2022-09-17 8:39 UTC (permalink / raw)
To: Anthony Towns, Bitcoin Protocol Discussion
On 9/17/22 2:14 AM, Anthony Towns wrote:
> On Fri, Sep 16, 2022 at 12:46:53PM -0400, Matt Corallo via bitcoin-dev wrote:
>> On 9/16/22 3:15 AM, Anthony Towns via bitcoin-dev wrote:
>>> As we've seen from the attempt at a CHECKTEMPLATEVERIFY activation earlier
>>> in the year [0], the question of "how to successfully get soft fork
>>> ideas from concept to deployment" doesn't really have a good answer today.
>> I strongly disagree with this.
>
> Okay? "X is good" is obviously just a statement of opinion, so if you
> want to disagree, that's obviously allowed.
>
> I also kind of feel like that's the *least* interesting paragraph in the
> entire email to talk further about; if you think the current answer's
> already good, then the rest of the mail's just about (hopefully) making
> it better, which would be worthwhile anyway?
No, I think its at least a good chunk of the "statement of problem". Yes, more testing is good, and
this project is a way to get that. Cool. But implying that lack of test frameworks is in any
material way part of the lack of movement on forks in Bitcoin I think is very wrong, so its worth
pointing out, whether the particular project is useful or not is separate.
>> Going back many, many years we've had many
>> discussions about fork process, and the parts people (historically) agreed
>> with tend to be:
>> (1) come up with an idea
>> (2) socialize the idea in the technical community, see if anyone comes up
>> with any major issues or can suggest better ideas which solve the same
>> use-cases in cleaner ways
>> (3) propose the concrete idea with a more well-defined strawman, socialize
>> that, get some kind of rough consensus in the loosely-defined, subjective,
>> "technical community" (ie just ask people and adapt to feedback until you
>> have found some kind of average of the opinions of people you, the
>> fork-champion, think are reasonably well-informed!).
>> (4) okay, admittedly beyond this is a bit less defined, but we can deal with it when we get there.
>> Turns out, the issue today is a lack of champions following steps 1-3, we
>> can debate what the correct answer is to step (4) once we actually have
>> people who want to be champions who are willing to (humbly) push an idea
>> forward towards rough agreement of the world of technical bitcoiners
>> (without which I highly doubt you'd ever see broader-community consensus).
>
> Personally, I think this is easily refuted by contradiction.
>
> 1) If we did have a good answer for how to progress a soft-fork, then
> the great consensus cleanup [0] would have made more progress over the
> past 3.5 years
No? Who is the champion for it? I haven't been. No one else is obliged to take up the reins and run
with it, that's not how open-source works. And no one has emerged who has strong interest in doing
so, and that's totally fine. It means it hasn't made any progress, but that's an indication that no
one feels strongly enough about it that its risen to the top of their personal priority list so
clearly doesn't *need* to make progress.
> Maybe not all of the ideas in it were unambiguously good
> [1], but personally, I'm convinced at least some of them are, and I
> don't think I'm alone in thinking that. Even if the excuse is that its
> original champion wasn't humble enough, there's something wrong with
> the process if there doesn't exist some other potential champion with
> the right balance of humility, confidence, interest and time who could
> have taken it over in that timeframe.
No? Its not up to the community to find a champion for someone who wants a fork to happen. Either
someone thinks its a good enough idea that they step up, or no one does. If no one does, then so be
it. If the original proper (me, in this case) thought it was that important then its *their*
responsibility to be the champion, no one else's.
> 2) Many will argue that CTV has already done steps (1) through (3) above:
> certainly there's been an idea, it's been socialised through giving talks,
> having discussion forums, having research workshops [2], documenting use
> cases use cases; there's been a concrete implementation for years now,
> with a test network that supports the proposed feature, and new tools
> that demonstrate some of the proposed use cases, and while alternative
> approaches have been suggested [3], none of them have even really made
> it to step (2), let alone step (3).
I don't really see how you can make this argument seriously. Honestly, if a soft-fork BIP only has
one author on the list, then I'm not sure one can argue that step (3) has really been completed, and
maybe not even step (2).
> So that leaves a few possibilities
> to my mind:
> * CTV should be in step (4), and its lack of definition is a problem,
> and trying the "deal with it when we get there" approach is precisely
> what didn't work back in April.
>
> * The evaluation process is too inconclusive: it should either be
> saying "CTV is not good enough, fix these problems", or "CTV hasn't
> sufficiently demonstrated its value/cost, work on X next", but it
> isn't.
>
> * Parts (2) to (3) are too hard, and that's preventing alternatives
> from making progress, which in turn is preventing people from
> being able to decide whether CTV is the superior approach, or some
> alternative is.
I think this is most of it, but its not that they're too hard, its that people are *too busy*. There
seemed to be more positive feedback, for example, to Rusty's proposal, but being the champion for a
soft-fork is a full-time job for months on end, and last I checked Rusty has a lightning
implementation to maintain, which tends to be a more-than-full-time job already.
To my knowledge, no one but Jeremy has made any serious attempt at being the champion for a
soft-fork since Taproot, and before that Segwit (if someone reading this who contributes to Core
already wants to, and isn't sure how to, there's lots of people who would happily mentor you! I'm
sure you can figure out who to reach out to!).
Matt
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [bitcoin-dev] bitcoin-inquistion: evaluating soft forks on signet
2022-09-17 8:39 ` Matt Corallo
@ 2022-09-17 15:53 ` Michael Folkson
2022-09-18 12:27 ` alicexbt
0 siblings, 1 reply; 15+ messages in thread
From: Michael Folkson @ 2022-09-17 15:53 UTC (permalink / raw)
To: Matt Corallo, Bitcoin Protocol Discussion; +Cc: Anthony Towns
I agree with Matt. The less said about the "Aw shucks Jeremy didn't know that CTV didn't have community consensus at the time" [0] and "it was the lack of process that was the problem" the better. If people don't care about lack of community consensus there is no process in a permissionless, open source community that can stop them or direct them down a more patient, productive path (I tried). I think it is a shame because I think (maybe I'm wrong) at least in the technical community there is an understanding that long term Bitcoin is far from finished in exhausting its potential and we do need people who will work on changes that we'll need in the long term.
There are a few interesting things in here though. I'm not convinced by the name (bitcoin-inquisition, shedpaint, shedpaint, let's park that for the moment) but I do like the idea of signet having soft fork proposals enabled on it [1] whether that be CTV, APO etc and if that requires more of the signet code to be moved out of the Core repo so be it. I'm surprised more isn't being done on Liquid already with what possible future functionality is (and could be) enabled [2] there but maybe there is more happening than I'm aware of. Protocols or use cases built out and demonstrated on signet (and/or Liquid/sidechains) seem an obvious stepping stone to me for convincing the community that it is potentially worth taking the chain split risk for a particular upgrade. It is a long slog to get community consensus on an upgrade (Taproot certainly was a slog) but I think the vast majority of us think Taproot was worth that slog and Bitcoin would be poorer today without it.
The Great Consensus Cleanup is an interesting example in that I get Matt doesn't have time to champion it or focus on it with his LDK commitments but I have no idea where it would rank on his long term priority list if he wasn't working on LDK. Similarly I have no idea what people who understand this evolving system much better than I do are thinking with regards to say adding new opcodes, sighash flags versus say waiting on Simplicity and possibly adding new functionality within that potential upgrade. For people like me who are extremely unlikely to propose their own consensus change(s) getting some signal on what to spend time digging into would be useful rather than second guessing what people are thinking. There is a danger that you flirt with perceived public roadmaps when possible authority figures stick their necks out and effectively say "I'm not in charge but in an imaginary world where I was this is my current thinking of the ordering in which we could improve this system long term. But this could change depending on x, y and z and possible upgrades are only ready when they're ready and they have community consensus." There is no way people don't play these exercises in their minds. I do, I just have very few answers :) I personally think APO is in prime position to improve Lightning channel state management with eltoo and if it enables some covenant schemes too that seems like an added bonus. On APO versus waiting for APO like functionality in Simplicity I have no idea. Work on APO/eltoo and Simplicity both seem to be progressing in parallel so the APO versus Simplicity discussion perhaps rests on whether people think certain covenants should only really be enabled once we have the security guarantees of Simplicity [3] (if at all).
Antoine's covenant R&D effort [4] seems really promising and I hope the shenanigans from earlier in the year don't put people off from engaging with that. Hopefully we can see more exploration, development and research in covenants (e.g. this excellent research paper "Bitcoin Covenants: Three Ways to Control the Future" [5]) and we can foster a community which has very high standards, is open to new ideas and new research but can avoid these months long resisting chain split fights. I think the discussion would be much more interesting and much more productive if people didn't have to think "If I express a view now it will be used to attack me personally later" or worse "If I express a view now it will be used to justify an upcoming chain split".
[0]: https://gist.github.com/michaelfolkson/352a503f4f9fc5de89af528d86a1b718
[1]: https://bitcoin.stackexchange.com/questions/98642/can-we-experiment-on-signet-with-multiple-proposed-soft-forks-whilst-maintaining
[2]: https://bitcoin.stackexchange.com/questions/109764/what-opcodes-are-supported-on-liquid-but-not-yet-on-bitcoin
[3]: https://bitcoinops.org/en/topics/simplicity/
[4]: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-September/020912.html
[5]: https://arxiv.org/pdf/2006.16714.pdf
--
Michael Folkson
Email: michaelfolkson at protonmail.com
Keybase: michaelfolkson
PGP: 43ED C999 9F85 1D40 EAF4 9835 92D6 0159 214C FEE3
------- Original Message -------
On Saturday, September 17th, 2022 at 09:39, Matt Corallo via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> wrote:
>
> On 9/17/22 2:14 AM, Anthony Towns wrote:
>
> > On Fri, Sep 16, 2022 at 12:46:53PM -0400, Matt Corallo via bitcoin-dev wrote:
> >
> > > On 9/16/22 3:15 AM, Anthony Towns via bitcoin-dev wrote:
> > >
> > > > As we've seen from the attempt at a CHECKTEMPLATEVERIFY activation earlier
> > > > in the year [0], the question of "how to successfully get soft fork
> > > > ideas from concept to deployment" doesn't really have a good answer today.
> > > > I strongly disagree with this.
> >
> > Okay? "X is good" is obviously just a statement of opinion, so if you
> > want to disagree, that's obviously allowed.
> >
> > I also kind of feel like that's the least interesting paragraph in the
> > entire email to talk further about; if you think the current answer's
> > already good, then the rest of the mail's just about (hopefully) making
> > it better, which would be worthwhile anyway?
>
>
> No, I think its at least a good chunk of the "statement of problem". Yes, more testing is good, and
> this project is a way to get that. Cool. But implying that lack of test frameworks is in any
> material way part of the lack of movement on forks in Bitcoin I think is very wrong, so its worth
> pointing out, whether the particular project is useful or not is separate.
>
> > > Going back many, many years we've had many
> > > discussions about fork process, and the parts people (historically) agreed
> > > with tend to be:
> > > (1) come up with an idea
> > > (2) socialize the idea in the technical community, see if anyone comes up
> > > with any major issues or can suggest better ideas which solve the same
> > > use-cases in cleaner ways
> > > (3) propose the concrete idea with a more well-defined strawman, socialize
> > > that, get some kind of rough consensus in the loosely-defined, subjective,
> > > "technical community" (ie just ask people and adapt to feedback until you
> > > have found some kind of average of the opinions of people you, the
> > > fork-champion, think are reasonably well-informed!).
> > > (4) okay, admittedly beyond this is a bit less defined, but we can deal with it when we get there.
> > > Turns out, the issue today is a lack of champions following steps 1-3, we
> > > can debate what the correct answer is to step (4) once we actually have
> > > people who want to be champions who are willing to (humbly) push an idea
> > > forward towards rough agreement of the world of technical bitcoiners
> > > (without which I highly doubt you'd ever see broader-community consensus).
> >
> > Personally, I think this is easily refuted by contradiction.
> >
> > 1) If we did have a good answer for how to progress a soft-fork, then
> > the great consensus cleanup [0] would have made more progress over the
> > past 3.5 years
>
>
> No? Who is the champion for it? I haven't been. No one else is obliged to take up the reins and run
> with it, that's not how open-source works. And no one has emerged who has strong interest in doing
> so, and that's totally fine. It means it hasn't made any progress, but that's an indication that no
> one feels strongly enough about it that its risen to the top of their personal priority list so
> clearly doesn't need to make progress.
>
> > Maybe not all of the ideas in it were unambiguously good
> > [1], but personally, I'm convinced at least some of them are, and I
> > don't think I'm alone in thinking that. Even if the excuse is that its
> > original champion wasn't humble enough, there's something wrong with
> > the process if there doesn't exist some other potential champion with
> > the right balance of humility, confidence, interest and time who could
> > have taken it over in that timeframe.
>
>
> No? Its not up to the community to find a champion for someone who wants a fork to happen. Either
> someone thinks its a good enough idea that they step up, or no one does. If no one does, then so be
> it. If the original proper (me, in this case) thought it was that important then its their
> responsibility to be the champion, no one else's.
>
> > 2) Many will argue that CTV has already done steps (1) through (3) above:
> > certainly there's been an idea, it's been socialised through giving talks,
> > having discussion forums, having research workshops [2], documenting use
> > cases use cases; there's been a concrete implementation for years now,
> > with a test network that supports the proposed feature, and new tools
> > that demonstrate some of the proposed use cases, and while alternative
> > approaches have been suggested [3], none of them have even really made
> > it to step (2), let alone step (3).
>
>
> I don't really see how you can make this argument seriously. Honestly, if a soft-fork BIP only has
> one author on the list, then I'm not sure one can argue that step (3) has really been completed, and
> maybe not even step (2).
>
> > So that leaves a few possibilities
> > to my mind:
>
> > * CTV should be in step (4), and its lack of definition is a problem,
> > and trying the "deal with it when we get there" approach is precisely
> > what didn't work back in April.
> >
> > * The evaluation process is too inconclusive: it should either be
> > saying "CTV is not good enough, fix these problems", or "CTV hasn't
> > sufficiently demonstrated its value/cost, work on X next", but it
> > isn't.
> >
> > * Parts (2) to (3) are too hard, and that's preventing alternatives
> > from making progress, which in turn is preventing people from
> > being able to decide whether CTV is the superior approach, or some
> > alternative is.
>
>
> I think this is most of it, but its not that they're too hard, its that people are too busy. There
> seemed to be more positive feedback, for example, to Rusty's proposal, but being the champion for a
> soft-fork is a full-time job for months on end, and last I checked Rusty has a lightning
> implementation to maintain, which tends to be a more-than-full-time job already.
>
> To my knowledge, no one but Jeremy has made any serious attempt at being the champion for a
> soft-fork since Taproot, and before that Segwit (if someone reading this who contributes to Core
> already wants to, and isn't sure how to, there's lots of people who would happily mentor you! I'm
> sure you can figure out who to reach out to!).
>
> Matt
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [bitcoin-dev] bitcoin-inquistion: evaluating soft forks on signet
2022-09-17 15:53 ` Michael Folkson
@ 2022-09-18 12:27 ` alicexbt
2022-09-18 18:44 ` Michael Folkson
0 siblings, 1 reply; 15+ messages in thread
From: alicexbt @ 2022-09-18 12:27 UTC (permalink / raw)
To: Michael Folkson; +Cc: Bitcoin Protocol Discussion, Anthony Towns
Hi Michael,
> I agree with Matt. The less said about the "Aw shucks Jeremy didn't know that CTV didn't have community consensus at the time" [0] and "it was the lack of process that was the problem" the better.
The linked gist cannot be taken seriously and I am not sure why you keep sharing it as some document to prove there was no technical consensus for BIP 119. Nadav has already mentioned this in the comments. If you care about community consensus, maybe feedback about the links in that gist should also be respected. There was chaos, misinformation and lot of drama on twitter. Some people that opposed CTV on twitter still have no clue what CTV actually does and a few were super enthusiastic because of the author for BIP 119.
> I'm not convinced by the name (bitcoin-inquisition, shedpaint, shedpaint, let's park that for the moment) but I do like the idea of signet having soft fork proposals enabled on it [1] whether that be CTV, APO etc and if that requires more of the signet code to be moved out of the Core repo so be it.
Good to see some positivity, finally. Because tx introspection aka covenants would help everyone involved in bitcoin. This idea of experimenting with soft forks on signet together with research and meetings suggested by Antoine should help in better evaluation phase with less drama, politics etc. and more technical discussions to reach a goal.
> I'm surprised more isn't being done on Liquid already with what possible future functionality is (and could be) enabled [2] there but maybe there is more happening than I'm aware of.
1)Nobody uses Liquid. Signet has more activity than Liquid.
2)Testing something on Liquid will be completely different as its a separate blockchain with some similarities.
I have summarized a few other positives of testing soft forks on signet based on AJ's email:
a)Better evaluation
b)PR implementing soft fork could be reviewed and merged outside core
c)Testing on signet with pre-existing signet infrastructure
d)Can deploy multiple consensus changes so easier to compare alternative approaches (eg CTV vs ANYPREVOUT vs OP_TXHASH vs OP_TX, etc)
e)Pre-baked ability to abandon the soft fork
f)No need to regularly rebase consensus changes against bitcoin core's master branch
/dev/fd0
Sent with Proton Mail secure email.
------- Original Message -------
On Saturday, September 17th, 2022 at 3:53 PM, Michael Folkson via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> wrote:
> I agree with Matt. The less said about the "Aw shucks Jeremy didn't know that CTV didn't have community consensus at the time" [0] and "it was the lack of process that was the problem" the better. If people don't care about lack of community consensus there is no process in a permissionless, open source community that can stop them or direct them down a more patient, productive path (I tried). I think it is a shame because I think (maybe I'm wrong) at least in the technical community there is an understanding that long term Bitcoin is far from finished in exhausting its potential and we do need people who will work on changes that we'll need in the long term.
>
> There are a few interesting things in here though. I'm not convinced by the name (bitcoin-inquisition, shedpaint, shedpaint, let's park that for the moment) but I do like the idea of signet having soft fork proposals enabled on it [1] whether that be CTV, APO etc and if that requires more of the signet code to be moved out of the Core repo so be it. I'm surprised more isn't being done on Liquid already with what possible future functionality is (and could be) enabled [2] there but maybe there is more happening than I'm aware of. Protocols or use cases built out and demonstrated on signet (and/or Liquid/sidechains) seem an obvious stepping stone to me for convincing the community that it is potentially worth taking the chain split risk for a particular upgrade. It is a long slog to get community consensus on an upgrade (Taproot certainly was a slog) but I think the vast majority of us think Taproot was worth that slog and Bitcoin would be poorer today without it.
>
> The Great Consensus Cleanup is an interesting example in that I get Matt doesn't have time to champion it or focus on it with his LDK commitments but I have no idea where it would rank on his long term priority list if he wasn't working on LDK. Similarly I have no idea what people who understand this evolving system much better than I do are thinking with regards to say adding new opcodes, sighash flags versus say waiting on Simplicity and possibly adding new functionality within that potential upgrade. For people like me who are extremely unlikely to propose their own consensus change(s) getting some signal on what to spend time digging into would be useful rather than second guessing what people are thinking. There is a danger that you flirt with perceived public roadmaps when possible authority figures stick their necks out and effectively say "I'm not in charge but in an imaginary world where I was this is my current thinking of the ordering in which we could improve this system
> long term. But this could change depending on x, y and z and possible upgrades are only ready when they're ready and they have community consensus." There is no way people don't play these exercises in their minds. I do, I just have very few answers :) I personally think APO is in prime position to improve Lightning channel state management with eltoo and if it enables some covenant schemes too that seems like an added bonus. On APO versus waiting for APO like functionality in Simplicity I have no idea. Work on APO/eltoo and Simplicity both seem to be progressing in parallel so the APO versus Simplicity discussion perhaps rests on whether people think certain covenants should only really be enabled once we have the security guarantees of Simplicity [3] (if at all).
>
> Antoine's covenant R&D effort [4] seems really promising and I hope the shenanigans from earlier in the year don't put people off from engaging with that. Hopefully we can see more exploration, development and research in covenants (e.g. this excellent research paper "Bitcoin Covenants: Three Ways to Control the Future" [5]) and we can foster a community which has very high standards, is open to new ideas and new research but can avoid these months long resisting chain split fights. I think the discussion would be much more interesting and much more productive if people didn't have to think "If I express a view now it will be used to attack me personally later" or worse "If I express a view now it will be used to justify an upcoming chain split".
>
> [0]: https://gist.github.com/michaelfolkson/352a503f4f9fc5de89af528d86a1b718
> [1]: https://bitcoin.stackexchange.com/questions/98642/can-we-experiment-on-signet-with-multiple-proposed-soft-forks-whilst-maintaining
> [2]: https://bitcoin.stackexchange.com/questions/109764/what-opcodes-are-supported-on-liquid-but-not-yet-on-bitcoin
> [3]: https://bitcoinops.org/en/topics/simplicity/
> [4]: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-September/020912.html
> [5]: https://arxiv.org/pdf/2006.16714.pdf
>
> --
> Michael Folkson
> Email: michaelfolkson at protonmail.com
> Keybase: michaelfolkson
> PGP: 43ED C999 9F85 1D40 EAF4 9835 92D6 0159 214C FEE3
>
>
> ------- Original Message -------
> On Saturday, September 17th, 2022 at 09:39, Matt Corallo via bitcoin-dev bitcoin-dev@lists.linuxfoundation.org wrote:
>
>
>
> > On 9/17/22 2:14 AM, Anthony Towns wrote:
> >
> > > On Fri, Sep 16, 2022 at 12:46:53PM -0400, Matt Corallo via bitcoin-dev wrote:
> > >
> > > > On 9/16/22 3:15 AM, Anthony Towns via bitcoin-dev wrote:
> > > >
> > > > > As we've seen from the attempt at a CHECKTEMPLATEVERIFY activation earlier
> > > > > in the year [0], the question of "how to successfully get soft fork
> > > > > ideas from concept to deployment" doesn't really have a good answer today.
> > > > > I strongly disagree with this.
> > >
> > > Okay? "X is good" is obviously just a statement of opinion, so if you
> > > want to disagree, that's obviously allowed.
> > >
> > > I also kind of feel like that's the least interesting paragraph in the
> > > entire email to talk further about; if you think the current answer's
> > > already good, then the rest of the mail's just about (hopefully) making
> > > it better, which would be worthwhile anyway?
> >
> > No, I think its at least a good chunk of the "statement of problem". Yes, more testing is good, and
> > this project is a way to get that. Cool. But implying that lack of test frameworks is in any
> > material way part of the lack of movement on forks in Bitcoin I think is very wrong, so its worth
> > pointing out, whether the particular project is useful or not is separate.
> >
> > > > Going back many, many years we've had many
> > > > discussions about fork process, and the parts people (historically) agreed
> > > > with tend to be:
> > > > (1) come up with an idea
> > > > (2) socialize the idea in the technical community, see if anyone comes up
> > > > with any major issues or can suggest better ideas which solve the same
> > > > use-cases in cleaner ways
> > > > (3) propose the concrete idea with a more well-defined strawman, socialize
> > > > that, get some kind of rough consensus in the loosely-defined, subjective,
> > > > "technical community" (ie just ask people and adapt to feedback until you
> > > > have found some kind of average of the opinions of people you, the
> > > > fork-champion, think are reasonably well-informed!).
> > > > (4) okay, admittedly beyond this is a bit less defined, but we can deal with it when we get there.
> > > > Turns out, the issue today is a lack of champions following steps 1-3, we
> > > > can debate what the correct answer is to step (4) once we actually have
> > > > people who want to be champions who are willing to (humbly) push an idea
> > > > forward towards rough agreement of the world of technical bitcoiners
> > > > (without which I highly doubt you'd ever see broader-community consensus).
> > >
> > > Personally, I think this is easily refuted by contradiction.
> > >
> > > 1) If we did have a good answer for how to progress a soft-fork, then
> > > the great consensus cleanup [0] would have made more progress over the
> > > past 3.5 years
> >
> > No? Who is the champion for it? I haven't been. No one else is obliged to take up the reins and run
> > with it, that's not how open-source works. And no one has emerged who has strong interest in doing
> > so, and that's totally fine. It means it hasn't made any progress, but that's an indication that no
> > one feels strongly enough about it that its risen to the top of their personal priority list so
> > clearly doesn't need to make progress.
> >
> > > Maybe not all of the ideas in it were unambiguously good
> > > [1], but personally, I'm convinced at least some of them are, and I
> > > don't think I'm alone in thinking that. Even if the excuse is that its
> > > original champion wasn't humble enough, there's something wrong with
> > > the process if there doesn't exist some other potential champion with
> > > the right balance of humility, confidence, interest and time who could
> > > have taken it over in that timeframe.
> >
> > No? Its not up to the community to find a champion for someone who wants a fork to happen. Either
> > someone thinks its a good enough idea that they step up, or no one does. If no one does, then so be
> > it. If the original proper (me, in this case) thought it was that important then its their
> > responsibility to be the champion, no one else's.
> >
> > > 2) Many will argue that CTV has already done steps (1) through (3) above:
> > > certainly there's been an idea, it's been socialised through giving talks,
> > > having discussion forums, having research workshops [2], documenting use
> > > cases use cases; there's been a concrete implementation for years now,
> > > with a test network that supports the proposed feature, and new tools
> > > that demonstrate some of the proposed use cases, and while alternative
> > > approaches have been suggested [3], none of them have even really made
> > > it to step (2), let alone step (3).
> >
> > I don't really see how you can make this argument seriously. Honestly, if a soft-fork BIP only has
> > one author on the list, then I'm not sure one can argue that step (3) has really been completed, and
> > maybe not even step (2).
> >
> > > So that leaves a few possibilities
> > > to my mind:
> >
> > > * CTV should be in step (4), and its lack of definition is a problem,
> > > and trying the "deal with it when we get there" approach is precisely
> > > what didn't work back in April.
> > >
> > > * The evaluation process is too inconclusive: it should either be
> > > saying "CTV is not good enough, fix these problems", or "CTV hasn't
> > > sufficiently demonstrated its value/cost, work on X next", but it
> > > isn't.
> > >
> > > * Parts (2) to (3) are too hard, and that's preventing alternatives
> > > from making progress, which in turn is preventing people from
> > > being able to decide whether CTV is the superior approach, or some
> > > alternative is.
> >
> > I think this is most of it, but its not that they're too hard, its that people are too busy. There
> > seemed to be more positive feedback, for example, to Rusty's proposal, but being the champion for a
> > soft-fork is a full-time job for months on end, and last I checked Rusty has a lightning
> > implementation to maintain, which tends to be a more-than-full-time job already.
> >
> > To my knowledge, no one but Jeremy has made any serious attempt at being the champion for a
> > soft-fork since Taproot, and before that Segwit (if someone reading this who contributes to Core
> > already wants to, and isn't sure how to, there's lots of people who would happily mentor you! I'm
> > sure you can figure out who to reach out to!).
> >
> > Matt
> > _______________________________________________
> > bitcoin-dev mailing list
> > bitcoin-dev@lists.linuxfoundation.org
> > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [bitcoin-dev] bitcoin-inquistion: evaluating soft forks on signet
2022-09-18 12:27 ` alicexbt
@ 2022-09-18 18:44 ` Michael Folkson
0 siblings, 0 replies; 15+ messages in thread
From: Michael Folkson @ 2022-09-18 18:44 UTC (permalink / raw)
To: alicexbt; +Cc: Bitcoin Protocol Discussion, Anthony Towns
Hi alicexbt
> Good to see some positivity, finally.
I had enthusiasm for this concept of enabling proposed soft fork functionality on signet 2 years ago [0]. Nothing has changed, still enthusiastic :) Not enthusiastic about the months wasted on unnecessary contentious soft fork drama since but can't change the past.
> 1)Nobody uses Liquid. Signet has more activity than Liquid.
2)Testing something on Liquid will be completely different as its
a separate blockchain with some similarities.
Perhaps you should take your own advice with regards to positivity (or at least have more of an open mind) with regards Liquid and sidechains. Signet Bitcoin are totally free [1] and experimentation doesn't ever result in loss of real monetary value so you would expect more experimentation on signet versus Liquid long term. However, building protocols and prototypes with real monetary value is a step up from doing so with worthless signet coins. So I don't really see them as direct competitors. Some things take a lot longer to come to fruition than others but the original vision [2] of sidechains still makes perfect sense to me. Competing sets of consensus rules aren't possible on a single mainnet blockchain. Hence you either go the sidechain(-like) route or you go the altcoin route if you want to take the step up from signet/testnet and start using real monetary value. I much prefer the sidechain model to the altcoin route myself. Especially when in say vaults you do want the equivalent of Bitcoin to be locked up rather than a more volatile altcoin.
Thanks
Michael
[0]: https://bitcoin.stackexchange.com/questions/98642/can-we-experiment-on-signet-with-multiple-proposed-soft-forks-whilst-maintaining
[1]: https://signetfaucet.com/
[2]: https://blockstream.com/sidechains.pdf
--
Michael Folkson
Email: michaelfolkson at protonmail.com
Keybase: michaelfolkson
PGP: 43ED C999 9F85 1D40 EAF4 9835 92D6 0159 214C FEE3
------- Original Message -------
On Sunday, September 18th, 2022 at 13:27, alicexbt <alicexbt@protonmail.com> wrote:
> Hi Michael,
>
> > I agree with Matt. The less said about the "Aw shucks Jeremy didn't know that CTV didn't have community consensus at the time" 0 and "it was the lack of process that was the problem" the better.
>
>
> The linked gist cannot be taken seriously and I am not sure why you keep sharing it as some document to prove there was no technical consensus for BIP 119. Nadav has already mentioned this in the comments. If you care about community consensus, maybe feedback about the links in that gist should also be respected. There was chaos, misinformation and lot of drama on twitter. Some people that opposed CTV on twitter still have no clue what CTV actually does and a few were super enthusiastic because of the author for BIP 119.
>
> > I'm not convinced by the name (bitcoin-inquisition, shedpaint, shedpaint, let's park that for the moment) but I do like the idea of signet having soft fork proposals enabled on it 1 whether that be CTV, APO etc and if that requires more of the signet code to be moved out of the Core repo so be it.
>
>
> Good to see some positivity, finally. Because tx introspection aka covenants would help everyone involved in bitcoin. This idea of experimenting with soft forks on signet together with research and meetings suggested by Antoine should help in better evaluation phase with less drama, politics etc. and more technical discussions to reach a goal.
>
> > I'm surprised more isn't being done on Liquid already with what possible future functionality is (and could be) enabled 2 there but maybe there is more happening than I'm aware of.
>
>
> 1)Nobody uses Liquid. Signet has more activity than Liquid.
> 2)Testing something on Liquid will be completely different as its a separate blockchain with some similarities.
>
> I have summarized a few other positives of testing soft forks on signet based on AJ's email:
>
> a)Better evaluation
> b)PR implementing soft fork could be reviewed and merged outside core
> c)Testing on signet with pre-existing signet infrastructure
> d)Can deploy multiple consensus changes so easier to compare alternative approaches (eg CTV vs ANYPREVOUT vs OP_TXHASH vs OP_TX, etc)
> e)Pre-baked ability to abandon the soft fork
> f)No need to regularly rebase consensus changes against bitcoin core's master branch
>
> /dev/fd0
>
> Sent with Proton Mail secure email.
>
> ------- Original Message -------
> On Saturday, September 17th, 2022 at 3:53 PM, Michael Folkson via bitcoin-dev bitcoin-dev@lists.linuxfoundation.org wrote:
>
>
>
> > I agree with Matt. The less said about the "Aw shucks Jeremy didn't know that CTV didn't have community consensus at the time" 0 and "it was the lack of process that was the problem" the better. If people don't care about lack of community consensus there is no process in a permissionless, open source community that can stop them or direct them down a more patient, productive path (I tried). I think it is a shame because I think (maybe I'm wrong) at least in the technical community there is an understanding that long term Bitcoin is far from finished in exhausting its potential and we do need people who will work on changes that we'll need in the long term.
> >
> > There are a few interesting things in here though. I'm not convinced by the name (bitcoin-inquisition, shedpaint, shedpaint, let's park that for the moment) but I do like the idea of signet having soft fork proposals enabled on it 1 whether that be CTV, APO etc and if that requires more of the signet code to be moved out of the Core repo so be it. I'm surprised more isn't being done on Liquid already with what possible future functionality is (and could be) enabled 2 there but maybe there is more happening than I'm aware of. Protocols or use cases built out and demonstrated on signet (and/or Liquid/sidechains) seem an obvious stepping stone to me for convincing the community that it is potentially worth taking the chain split risk for a particular upgrade. It is a long slog to get community consensus on an upgrade (Taproot certainly was a slog) but I think the vast majority of us think Taproot was worth that slog and Bitcoin would be poorer today without it.
> >
> > The Great Consensus Cleanup is an interesting example in that I get Matt doesn't have time to champion it or focus on it with his LDK commitments but I have no idea where it would rank on his long term priority list if he wasn't working on LDK. Similarly I have no idea what people who understand this evolving system much better than I do are thinking with regards to say adding new opcodes, sighash flags versus say waiting on Simplicity and possibly adding new functionality within that potential upgrade. For people like me who are extremely unlikely to propose their own consensus change(s) getting some signal on what to spend time digging into would be useful rather than second guessing what people are thinking. There is a danger that you flirt with perceived public roadmaps when possible authority figures stick their necks out and effectively say "I'm not in charge but in an imaginary world where I was this is my current thinking of the ordering in which we could improve this system
> > long term. But this could change depending on x, y and z and possible upgrades are only ready when they're ready and they have community consensus." There is no way people don't play these exercises in their minds. I do, I just have very few answers :) I personally think APO is in prime position to improve Lightning channel state management with eltoo and if it enables some covenant schemes too that seems like an added bonus. On APO versus waiting for APO like functionality in Simplicity I have no idea. Work on APO/eltoo and Simplicity both seem to be progressing in parallel so the APO versus Simplicity discussion perhaps rests on whether people think certain covenants should only really be enabled once we have the security guarantees of Simplicity 3 (if at all).
> >
> > Antoine's covenant R&D effort 4 seems really promising and I hope the shenanigans from earlier in the year don't put people off from engaging with that. Hopefully we can see more exploration, development and research in covenants (e.g. this excellent research paper "Bitcoin Covenants: Three Ways to Control the Future" 5) and we can foster a community which has very high standards, is open to new ideas and new research but can avoid these months long resisting chain split fights. I think the discussion would be much more interesting and much more productive if people didn't have to think "If I express a view now it will be used to attack me personally later" or worse "If I express a view now it will be used to justify an upcoming chain split".
> >
> > --
> > Michael Folkson
> > Email: michaelfolkson at protonmail.com
> > Keybase: michaelfolkson
> > PGP: 43ED C999 9F85 1D40 EAF4 9835 92D6 0159 214C FEE3
> >
> > ------- Original Message -------
> > On Saturday, September 17th, 2022 at 09:39, Matt Corallo via bitcoin-dev bitcoin-dev@lists.linuxfoundation.org wrote:
> >
> > > On 9/17/22 2:14 AM, Anthony Towns wrote:
> > >
> > > > On Fri, Sep 16, 2022 at 12:46:53PM -0400, Matt Corallo via bitcoin-dev wrote:
> > > >
> > > > > On 9/16/22 3:15 AM, Anthony Towns via bitcoin-dev wrote:
> > > > >
> > > > > > As we've seen from the attempt at a CHECKTEMPLATEVERIFY activation earlier
> > > > > > in the year 0, the question of "how to successfully get soft fork
> > > > > > ideas from concept to deployment" doesn't really have a good answer today.
> > > > > > I strongly disagree with this.
> > > >
> > > > Okay? "X is good" is obviously just a statement of opinion, so if you
> > > > want to disagree, that's obviously allowed.
> > > >
> > > > I also kind of feel like that's the least interesting paragraph in the
> > > > entire email to talk further about; if you think the current answer's
> > > > already good, then the rest of the mail's just about (hopefully) making
> > > > it better, which would be worthwhile anyway?
> > >
> > > No, I think its at least a good chunk of the "statement of problem". Yes, more testing is good, and
> > > this project is a way to get that. Cool. But implying that lack of test frameworks is in any
> > > material way part of the lack of movement on forks in Bitcoin I think is very wrong, so its worth
> > > pointing out, whether the particular project is useful or not is separate.
> > >
> > > > > Going back many, many years we've had many
> > > > > discussions about fork process, and the parts people (historically) agreed
> > > > > with tend to be:
> > > > > (1) come up with an idea
> > > > > (2) socialize the idea in the technical community, see if anyone comes up
> > > > > with any major issues or can suggest better ideas which solve the same
> > > > > use-cases in cleaner ways
> > > > > (3) propose the concrete idea with a more well-defined strawman, socialize
> > > > > that, get some kind of rough consensus in the loosely-defined, subjective,
> > > > > "technical community" (ie just ask people and adapt to feedback until you
> > > > > have found some kind of average of the opinions of people you, the
> > > > > fork-champion, think are reasonably well-informed!).
> > > > > (4) okay, admittedly beyond this is a bit less defined, but we can deal with it when we get there.
> > > > > Turns out, the issue today is a lack of champions following steps 1-3, we
> > > > > can debate what the correct answer is to step (4) once we actually have
> > > > > people who want to be champions who are willing to (humbly) push an idea
> > > > > forward towards rough agreement of the world of technical bitcoiners
> > > > > (without which I highly doubt you'd ever see broader-community consensus).
> > > >
> > > > Personally, I think this is easily refuted by contradiction.
> > > >
> > > > 1) If we did have a good answer for how to progress a soft-fork, then
> > > > the great consensus cleanup 0 would have made more progress over the
> > > > past 3.5 years
> > >
> > > No? Who is the champion for it? I haven't been. No one else is obliged to take up the reins and run
> > > with it, that's not how open-source works. And no one has emerged who has strong interest in doing
> > > so, and that's totally fine. It means it hasn't made any progress, but that's an indication that no
> > > one feels strongly enough about it that its risen to the top of their personal priority list so
> > > clearly doesn't need to make progress.
> > >
> > > > Maybe not all of the ideas in it were unambiguously good
> > > > 1, but personally, I'm convinced at least some of them are, and I
> > > > don't think I'm alone in thinking that. Even if the excuse is that its
> > > > original champion wasn't humble enough, there's something wrong with
> > > > the process if there doesn't exist some other potential champion with
> > > > the right balance of humility, confidence, interest and time who could
> > > > have taken it over in that timeframe.
> > >
> > > No? Its not up to the community to find a champion for someone who wants a fork to happen. Either
> > > someone thinks its a good enough idea that they step up, or no one does. If no one does, then so be
> > > it. If the original proper (me, in this case) thought it was that important then its their
> > > responsibility to be the champion, no one else's.
> > >
> > > > 2) Many will argue that CTV has already done steps (1) through (3) above:
> > > > certainly there's been an idea, it's been socialised through giving talks,
> > > > having discussion forums, having research workshops 2, documenting use
> > > > cases use cases; there's been a concrete implementation for years now,
> > > > with a test network that supports the proposed feature, and new tools
> > > > that demonstrate some of the proposed use cases, and while alternative
> > > > approaches have been suggested 3, none of them have even really made
> > > > it to step (2), let alone step (3).
> > >
> > > I don't really see how you can make this argument seriously. Honestly, if a soft-fork BIP only has
> > > one author on the list, then I'm not sure one can argue that step (3) has really been completed, and
> > > maybe not even step (2).
> > >
> > > > So that leaves a few possibilities
> > > > to my mind:
> > >
> > > > * CTV should be in step (4), and its lack of definition is a problem,
> > > > and trying the "deal with it when we get there" approach is precisely
> > > > what didn't work back in April.
> > > >
> > > > * The evaluation process is too inconclusive: it should either be
> > > > saying "CTV is not good enough, fix these problems", or "CTV hasn't
> > > > sufficiently demonstrated its value/cost, work on X next", but it
> > > > isn't.
> > > >
> > > > * Parts (2) to (3) are too hard, and that's preventing alternatives
> > > > from making progress, which in turn is preventing people from
> > > > being able to decide whether CTV is the superior approach, or some
> > > > alternative is.
> > >
> > > I think this is most of it, but its not that they're too hard, its that people are too busy. There
> > > seemed to be more positive feedback, for example, to Rusty's proposal, but being the champion for a
> > > soft-fork is a full-time job for months on end, and last I checked Rusty has a lightning
> > > implementation to maintain, which tends to be a more-than-full-time job already.
> > >
> > > To my knowledge, no one but Jeremy has made any serious attempt at being the champion for a
> > > soft-fork since Taproot, and before that Segwit (if someone reading this who contributes to Core
> > > already wants to, and isn't sure how to, there's lots of people who would happily mentor you! I'm
> > > sure you can figure out who to reach out to!).
> > >
> > > Matt
> > > _______________________________________________
> > > bitcoin-dev mailing list
> > > bitcoin-dev@lists.linuxfoundation.org
> > > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
> >
> > _______________________________________________
> > bitcoin-dev mailing list
> > bitcoin-dev@lists.linuxfoundation.org
> > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [bitcoin-dev] bitcoin-inquistion: evaluating soft forks on signet
2022-09-16 7:15 [bitcoin-dev] bitcoin-inquistion: evaluating soft forks on signet Anthony Towns
2022-09-16 16:46 ` Matt Corallo
@ 2022-09-18 18:47 ` Antoine Riard
2022-09-19 10:05 ` Anthony Towns
2022-10-02 6:12 ` Anthony Towns
2 siblings, 1 reply; 15+ messages in thread
From: Antoine Riard @ 2022-09-18 18:47 UTC (permalink / raw)
To: Anthony Towns, Bitcoin Protocol Discussion
[-- Attachment #1: Type: text/plain, Size: 14906 bytes --]
Hi AJ,
Thanks to setup a new laboratory for consensus upgrades experiment! Idea
was exposed during the last LN Summit, glad to see there is a useful fork
now.
While I think one of the problem particular in the current stagnation about
consensus upgrades has been well scoped by your proposal, namely on
formalizing the thorough analysis process to which an upgrade proposal
should be subject too, there are more issues or bounds to wonder on, at
least from my perspective.
Laying out fine-grained stages of the development process (research,
development, evaluation, deployment) sounds compelling to bring clarity to
everyone. However, I doubt it captures well the more realistic, chaotic
process from which new Bitcoin ideas and techniques are emerging. In
practice, consensus upgrades, akin to the sustenance of new scientific
theories or engineering principles in the wider creative areas of life, are
following an uncertain path of hazardous steps: seminal half-baked
intuitions, whiteboard modeling, code or quantitative experiments, loose
set of ideas pollination, peers feedbacks integration, etc before to mature
in some solidified proposals.
Said succinctly, in the genesis of creative ideas, evaluation doesn't
happen at a single clear point but all along the idea lifetime, where this
evaluation is as much done by the original author than its peers and a
wider audience. Sometimes really formally, e.g in academics with PhD thesis
defense. For Bitcoin, rather than to "declare" on the when and where
upgrades evaluation should happen once for all, I think a more open
evaluation process we can carry on is gathering and maintaining the factual
material and reasoning frameworks around solidified proposals, on which
each community stakeholder individually can assign a grounded judgement.
Those judgments are likely sources of new refinement of the upgrades
themselves.
Under that perspective, I believe a functional upgrades experimentation
platform as proposed by bitcoin-inquisition is very valuable, as it should
allow upgrades "champions" (CTV, ANYPREVOUT, TLUV, "fraud proofs" ops
primitives, etc) to loop faster in the R&D cycles, raise earlier awareness
on their work existence and as it's all open to assemble team around their
proposals. (Effectively, covenants upgrades and their associated use-cases
offered so much complexity that it's becoming less and less a one-man
job...).
I would still expose a concern to not downgrade in the pure empiricism in
matter of consensus upgrades. I.e, slowly emerging the norm of a working
prototype running on bitcoin-inquisition` as a determining factor of the
soundness of a proposal. E.g with "upgrading lightning to support eltoo", a
running e2e won't save us to think the thousands variants of pinnings, the
game-theory soundness of a eltoo as mechanism in face of congestions, the
evolvability of APO with more known upgrades proposals or the
implementation complexity of a fully fleshed-out state machine and more
questions.
That said, a e2e implementation, partial or complete, would at least make
the serious analysis process easier. Moreover, the benefit of having e2e
implems runnable by everyone on bitcoin-inquisition would likely lower the
bar to have independent consensus upgrade analysis, likely a source of new
relevant feedback.
I can only share the sentiment expressed that this alternative open
approach of consensus changes avoids the gradual establishment of a trusted
group, even informal. In the past, to the best of my knowledge, most of the
substance of the Taproot softfork daily development happened on
semi-offline communication channels and the strong design rational
decisions at CoreDev editions. While not discrediting the high-quality
feedback than one can gather during those types of in-person engineering
meetings, for neutrality and openness of the Bitcoin upgrades process it
could be great to only consider them as source of feedbacks and move
progressively the crux of the upgrades R&D process online, open to anyone
interested. Moreover, it would bind more adequately the reality of a
growing development ecosystem, where we have to deal with an increasing
diversity of technical, social and geographical community stakeholders. I
acknowledge there is a hard challenge to maintain high-signal, low-noise
online communication channels and spaces about context-rich issues like
upgrades, however that might be the type of challenge we have to solve if
we care about everyone using Bitcoin to truly be peers. At least my 2 sats.
About the risk of latent centralization of global default signets
miners/bitcoin-inquisition maintainers, I don't think I'm worried about it.
With time, I would guess we might have multiple experimental signets with
different series of patches, as some patches might invalidate the
observations of another upgrade. E,g if one implements the "weird" ideas
about changes in the block reward issuance schedule discussed during the
summer, another one might not want "noise" interferences with new
fee-bumping primitives as the miner incentives are modified. About the
bitcoin-inquisition fork maintainers themselves becoming gatekeepers of
consensus upgrades changes, best we can do is maintain high-quality
documentation and knowledge base to lower the forking cost of the platform
for any community stakeholder.
Anyway, I hold the belief that the more initiatives we see to modernize the
"consensus-upgrades" production factory in order to scale with the current
dimensions of the Bitcoin ecosystem, better we're. I hope the upcoming
Contracting Primitives WG will be able to document and discuss some of the
relevant experiments run on bitcoin-inquisition. Time and work will tell
how they fit all together, where they complement each other and synergies
that are nurtured.
Speaking for myself, looking forward to experimenting with CoinPool code
components on bitcoin-inquistion in the future!
Best,
Antoine
Le ven. 16 sept. 2022 à 03:16, Anthony Towns via bitcoin-dev <
bitcoin-dev@lists.linuxfoundation.org> a écrit :
> Subhead: "Nobody expects a Bitcoin Inquistion? C'mon man, *everyone*
> expects a Bitcoin Inquisition."
>
> As we've seen from the attempt at a CHECKTEMPLATEVERIFY activation earlier
> in the year [0], the question of "how to successfully get soft fork
> ideas from concept to deployment" doesn't really have a good answer today.
>
> Obviously, a centralised solution to this problem exists: we could
> establish a trusted group, perhaps one containing devs, industry
> representatives, investors, etc, have them review proposals and their
> implementations, and follow their lead when they decide that a proposal
> has met their standards and should be widely deployed. Some might even
> say "sipa is precisely that group". The problem with having a group of
> that nature isn't one of effectiveness, but rather that they are then
> vulnerable to pressure and corruption, which isn't desirable if we want
> everyone using Bitcoin to truly be peers, and often isn't desirable for
> the prospective members of the group either. So that's not something we
> should want people to volunteer for, nor is it a duty we should thrust
> on people. Or at least, that's my opinion, anyway.
>
> I think any alternative approach to doing consensus changes (while
> avoiding a chain split) has to look something like this:
>
> * propose an idea (research phase)
> * implement the idea (development phase)
> * demonstrate the idea is worthwhile (evaluation phase)
> * once everyone is convinced, activate (deployment phase)
>
> Without an evaluation phase that is thorough enough to convince (almost)
> everyone, I think deployment becomes controversial and perhaps effectively
> impossible (at least without some trusted leadership group). But with an
> evaluation phase that demonstrates to everyone who's interested that the
> proposal has actual value, minimal cost and no risk, I think activation
> could be fairly easy and straightforward.
>
> I contend that the most significant problem we have is in the "evaluation
> phase". How do you convince enough people that a change is sufficiently
> beneficial to justify the risk of messing with their money? If you're
> only trying to convince a few experts, then perhaps you can do that with
> papers and talks; but limiting the evaluation to only a few experts is
> effectively just falling back to the centralised approach.
>
> So I think that means that part of the "evaluation phase" should involve
> implementing real systems on top of the proposed change, so that you
> can demonstrate real value from the change. It's easy to say that
> "CTV can enable vaults" or "CTV can make opening a lightning channel
> non-interactive" -- but it's harder to go from saying something
> is possible to actually making it happen, so, at least to me, it
> seems reasonable to be skeptical of people claiming benefits without
> demonstrating they're achievable in practice.
>
> I contend the easiest way we could make it easy to demonstrate a soft
> fork working as designed is to deploy it on the default global signet,
> essentially as soon as it has a fully specified proposal and a reasonably
> high-quality implementation.
>
> The problem with that idea is that creates a conundrum: you can't activate
> a soft fork on the default signet without first merging the code into
> bitcoin core, you can't merge the code into bitcoin core until it's been
> fully evaluated, and the way you evaluate it is by activating it on the
> default signet?
>
> I think the weakest link in that loop is the first one: what if we did
> activate soft forks on the default signet prior to the code being merged
> into core? To that end, I'm proposing a fork of core that I'm calling
> "bitcoin-inquisition", with the idea that it branches from stable
> releases of core and adds support for proposed changes to consensus
> (CTV, ANYPREVOUT, TLUV, OP_CAT, etc...) and potentially also relay
> policy (relay changes are often implied by consensus changes, but also
> potentially things like package relay).
>
> https://github.com/bitcoin-inquisition/bitcoin/wiki
> https://github.com/bitcoin-inquisition/bitcoin/pulls
>
> The idea being that if you're trying to work on "upgrading lightning
> to support eltoo", you can iterate through changes needed to consensus
> (via bitcoin-inquisition) and client apps (cln, lnd, eclair etc), while
> testing them in public (on signet) and having any/all the pre-existing
> signet infrastructure available (faucets, explorers etc) without having
> to redeploy it yourself. Having multiple consensus changes deployed in
> one place also seems like it might make it easier to compare alternative
> approaches (eg CTV vs ANYPREVOUT vs OP_TXHASH vs OP_TX, etc).
>
> So that's the concept. For practical purposes, I haven't yet merged
> either CTV or APO support into the bitcoin-inquisition 23.0 branch yet,
> and before actually mining blocks I want to make the signet miner able
> to automatically detect/recover if the bitcoin-inquisition node either
> crashes or starts producing incompatible blocks.
>
> Anyway, I wanted to post the idea publicly, both to give folks an
> opportunity to poke holes in the idea, or to suggest any further
> improvements or otherwise do any review before the CTV and APO patches
> get merged.
>
> Some other details that may be of interest.
>
> The biggest challenge with soft forks and the idea of "iterating
> through changes" is that making improvements can create a hard fork,
> which then forces everyone running old software to update, which can be
> pretty inconvenient, especially if you don't actually care about that
> change. Since signet (and regtest) mining is effectively permissioned,
> we can avoid that problem by having all these proposed soft forks
> come with a pre-baked ability to abandon the soft fork (much as David
> Harding described in [1]). Once a soft fork is abandoned, it can either
> be ignored forever (and later versions of the software can not include
> the code to enforce it at all), or it can be replaced by a new version
> of the soft fork.
>
> Another benefit that comes from signet chains being permissioned is
> that miners can be expected to coordinate upgrading out of band, so
> there is no need for a 90% signalling threshold. Instead, activation
> (and abandonment) of a soft fork can be triggered by a single block
> signalling. That further means there is no need for any individual
> block to signal for multiple forks, and instead of having 29 different
> signals, we can instead easily have up to 2**29. I've chosen to make
> the standard signal have 16 bits for specifying a bip number (0-65535)
> and 8 bits for specifying a version of that bip, which seems like it
> should be more than enough at least for a while. More details at [2].
>
> I'm basing bitcoin-inquisition solely off stable releases. This is partly
> because it can be annoying to constantly rebase consensus changes aginst
> bitcoin core's master branch, but also I think it might help consensus
> changes be easily backported once they pass the "evaluation phase"
> and move into the "deployment phase".
>
> I'm not sure what level of code quality PRs should have before being
> merged into bitcoin-inquisition. I think CTV is plenty good enough,
> but I'm not sure about APO, particularly its test coverage. If you want
> to influence what becomes the tradition here, contributing a review,
> or posting patches against the upsteam branch might be a good start?
>
> Does this make the global default signet miners, or perhaps the
> bitcoin-inquisition maintainers the "trusted group" that we want to
> avoid? Hopefully not -- anyone can run their own fork or do their own
> fork of bitcoin core, so if the miners/maintainers start trying to
> arbitrarily block proposals they can be worked around without too much
> hassle. And since they're clearly separate from any of the actions that
> need to be taken for actual deployment once activation is complete,
> they shouldn't have any ability to unduly promote fork proposals that
> people aren't fully satisfied are ready for deployment.
>
> Cheers,
> aj
>
> [0]
> https://bitcoinops.org/en/newsletters/2022/04/27/#discussion-about-activating-ctv
>
> [1]
> https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-April/020242.html
>
> [2]
> https://github.com/bitcoin-inquisition/bitcoin/wiki/Heretical-Deployments
>
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
[-- Attachment #2: Type: text/html, Size: 16619 bytes --]
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [bitcoin-dev] bitcoin-inquistion: evaluating soft forks on signet
2022-09-18 18:47 ` Antoine Riard
@ 2022-09-19 10:05 ` Anthony Towns
2022-09-28 11:48 ` Michael Folkson
0 siblings, 1 reply; 15+ messages in thread
From: Anthony Towns @ 2022-09-19 10:05 UTC (permalink / raw)
To: Antoine Riard, Bitcoin Protocol Discussion
On Sun, Sep 18, 2022 at 02:47:38PM -0400, Antoine Riard via bitcoin-dev wrote:
> Said succinctly, in the genesis of creative ideas, evaluation doesn't
> happen at a single clear point but all along the idea lifetime, where this
> evaluation is as much done by the original author than its peers and a
> wider audience.
Sure. I definitely didn't mean to imply a waterfall development model,
or that the phases wouldn't overlap etc.
> I would still expose a concern to not downgrade in the pure empiricism in
> matter of consensus upgrades. I.e, slowly emerging the norm of a working
> prototype running on bitcoin-inquisition` as a determining factor of the
> soundness of a proposal. E.g with "upgrading lightning to support eltoo", a
> running e2e won't save us to think the thousands variants of pinnings, the
> game-theory soundness of a eltoo as mechanism in face of congestions, the
> evolvability of APO with more known upgrades proposals or the
> implementation complexity of a fully fleshed-out state machine and more
> questions.
I agree here; but I think not doing prototypes also hinders thinking
about all the thousands of details in a fork. It's easy to handwave
details away when describing things on a whiteboard; and only realise
they're trickier than you thought when you go to implement things.
> E,g if one implements the "weird" ideas
> about changes in the block reward issuance schedule discussed during the
> summer, another one might not want "noise" interferences with new
> fee-bumping primitives as the miner incentives are modified.
(I don't think "miner incentives" are really something that can be
investigated on signet. You can assume how miners will respond to
incentives and program the mining software to act that way; but there's
no competitive pressure in signet mining so I don't think that really
demonstrates anything very much. Likewise, there's much less demand for
blockspace on signet than on mainnet, so it's probably hard to experiment
with "fee incentives" too)
> I hope the upcoming
> Contracting Primitives WG will be able to document and discuss some of the
> relevant experiments run on bitcoin-inquisition.
Likewise.
(Lots trimmed due to either agreeing with it or having nothing to add)
Cheers,
aj
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [bitcoin-dev] bitcoin-inquistion: evaluating soft forks on signet
2022-09-19 10:05 ` Anthony Towns
@ 2022-09-28 11:48 ` Michael Folkson
2022-09-28 20:01 ` alicexbt
2022-10-02 4:06 ` Anthony Towns
0 siblings, 2 replies; 15+ messages in thread
From: Michael Folkson @ 2022-09-28 11:48 UTC (permalink / raw)
To: Anthony Towns, Bitcoin Protocol Discussion
I've given this some extra thought and discussed with others who may later chime in on this thread. I'm now convinced this should be done on a custom public signet rather than on the default signet. SegWit was added to a new testnet (Segnet) for testing rather than the pre-existing testnet and I think future soft fork proposals should follow a similar approach.
Even if there is community consensus on what soft fork proposals should be added to the default signet today (which may or may not be case) I find it highly unlikely this will always be the case. We then get into the situation where the block signers (currently AJ and Kalle) are the gatekeepers on what soft fork proposals are added. The default signet is directly supported with the -signet flag in Bitcoin Core. Even if we are moving the proposed soft fork code to an external repo (to avoid it being merged into Core prematurely) it is still determining what soft forks are accessible from the signet flag in Bitcoin Core. I don't think it is fair on the signet block signers to put them in that position and I don't think it is wise to put other Bitcoin Core contributors/maintainers in the position of having to defend why some proposed soft forks are accessible on the default signet while others aren't.
The default signet was a long term project to address the unreliability and weaknesses of testnet. Many default signet users won't be interested in testing soft fork proposals and it is not reasonable for them to be subject to a stalling or forked blockchain because changes to a soft fork proposal or a buggy soft fork proposal pushed to the default signet makes previous valid/invalid transactions invalid/valid. If they want to test proposed soft forks on a custom signet they are opting in to possible disruption rather than it being forced upon them.
By focusing on custom signets rather than the default signet it also allows for more experimentation. Don't like the choices of which soft fork proposals have been added to bitcoin-inquisition? Set up your own custom signet with a different set of soft fork proposals and get users for your custom signet on a level playing field to bitcoin-inquisition. A soft fork proposal is found to be strictly inferior to another soft fork proposal? Just spin down the custom signet with that inferior soft fork proposal on it without impacting default signet users.
So TL;DR still enthusiastic about this concept. Just with a strong preference that it is done on a custom signet rather than on the default signet.
Thanks
Michael
--
Michael Folkson
Email: michaelfolkson at protonmail.com
Keybase: michaelfolkson
PGP: 43ED C999 9F85 1D40 EAF4 9835 92D6 0159 214C FEE3
------- Original Message -------
On Monday, September 19th, 2022 at 11:05, Anthony Towns via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> wrote:
> On Sun, Sep 18, 2022 at 02:47:38PM -0400, Antoine Riard via bitcoin-dev wrote:
>
> > Said succinctly, in the genesis of creative ideas, evaluation doesn't
> > happen at a single clear point but all along the idea lifetime, where this
> > evaluation is as much done by the original author than its peers and a
> > wider audience.
>
>
> Sure. I definitely didn't mean to imply a waterfall development model,
> or that the phases wouldn't overlap etc.
>
> > I would still expose a concern to not downgrade in the pure empiricism in
> > matter of consensus upgrades. I.e, slowly emerging the norm of a working
> > prototype running on bitcoin-inquisition` as a determining factor of the
> > soundness of a proposal. E.g with "upgrading lightning to support eltoo", a
> > running e2e won't save us to think the thousands variants of pinnings, the
> > game-theory soundness of a eltoo as mechanism in face of congestions, the
> > evolvability of APO with more known upgrades proposals or the
> > implementation complexity of a fully fleshed-out state machine and more
> > questions.
>
>
> I agree here; but I think not doing prototypes also hinders thinking
> about all the thousands of details in a fork. It's easy to handwave
> details away when describing things on a whiteboard; and only realise
> they're trickier than you thought when you go to implement things.
>
> > E,g if one implements the "weird" ideas
> > about changes in the block reward issuance schedule discussed during the
> > summer, another one might not want "noise" interferences with new
> > fee-bumping primitives as the miner incentives are modified.
>
>
> (I don't think "miner incentives" are really something that can be
> investigated on signet. You can assume how miners will respond to
> incentives and program the mining software to act that way; but there's
> no competitive pressure in signet mining so I don't think that really
> demonstrates anything very much. Likewise, there's much less demand for
> blockspace on signet than on mainnet, so it's probably hard to experiment
> with "fee incentives" too)
>
> > I hope the upcoming
> > Contracting Primitives WG will be able to document and discuss some of the
> > relevant experiments run on bitcoin-inquisition.
>
>
> Likewise.
>
> (Lots trimmed due to either agreeing with it or having nothing to add)
>
> Cheers,
> aj
>
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [bitcoin-dev] bitcoin-inquistion: evaluating soft forks on signet
2022-09-28 11:48 ` Michael Folkson
@ 2022-09-28 20:01 ` alicexbt
2022-10-02 4:06 ` Anthony Towns
1 sibling, 0 replies; 15+ messages in thread
From: alicexbt @ 2022-09-28 20:01 UTC (permalink / raw)
To: Michael Folkson; +Cc: Bitcoin Protocol Discussion, Anthony Towns
Hi Michael,
> We then get into the situation where the block signers (currently AJ and Kalle) are the gatekeepers on what soft fork proposals are added.
Things that could solve the gatekeeping issue:
1) Adding more maintainers that are experienced enough to review consensus code.
2) Every soft fork that is implemented on signet should be discussed on mailing list before merging the pull request.
3) Pull request that implements a soft fork should have at least 2 ACKs from the maintainers, 3 ACKs from developers who have either authored or reviewed enough consensus related pull requests in bitcoin core and 1 ACK from maintainers of other implementations (knots, btcd, libbitcoin, bcoin etc.)
4) Every technical NACK from any developer or user in the pull request should be resolved/answered before merging the pull request.
This was not the case in [implementing BIP][1] 119 however it could be used in future or something similar that everyone agrees upon including AJ and Kalle. Pull request implementing BIP 119 in bitcoin core is already reviewed by lot of developers and I think AJ found a [bug][2] recently.
Gatekeeping at several levels already exists in bitcoin development and difficult to solve. If some developers believe a soft fork should have been implemented on global signet but it was not, there is always the possibility of running custom signet with certain trade-offs.
> The default signet is directly supported with the -signet flag in Bitcoin Core. Even if we are moving the proposed soft fork code to an external repo (to avoid it being merged into Core prematurely) it is still determining what soft forks are accessible from the signet flag in Bitcoin Core. I don't think it is fair on the signet block signers to put them in that position and I don't think it is wise to put other Bitcoin Core contributors/maintainers in the position of having to defend why some proposed soft forks are accessible on the default signet while others aren't.
Mainnet and Testnet have already been [removed][3] from the 'bitcoin-inquisition/bitcoin' repository, and signet in bitcoin core is largely used by developers or power users, thus it should not be a problem. Signet could also be removed from bitcoin core binaries that are released regularly while being available if built from source.
Since signet coins have no value, utilizing this chain to experiment with soft forks will only help the bitcoin development process. If we can't even agree to implement something on a network used for testing then it will be nearly impossible to do any soft forks on mainnet. This experiment has several advantages. We can implement many consensus changes and compare alternatives in a better way. Pre-baked ability to abandon the soft fork isn't implemented yet AFAIK, however that could further improve things.
[1]: https://github.com/bitcoin-inquisition/bitcoin/pull/3
[2]: https://github.com/bitcoin/bitcoin/pull/21702#discussion_r979273387
[3]: https://github.com/bitcoin-inquisition/bitcoin/pull/1
/dev/fd0
Sent with Proton Mail secure email.
------- Original Message -------
On Wednesday, September 28th, 2022 at 5:18 PM, Michael Folkson via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> wrote:
> I've given this some extra thought and discussed with others who may later chime in on this thread. I'm now convinced this should be done on a custom public signet rather than on the default signet. SegWit was added to a new testnet (Segnet) for testing rather than the pre-existing testnet and I think future soft fork proposals should follow a similar approach.
>
> Even if there is community consensus on what soft fork proposals should be added to the default signet today (which may or may not be case) I find it highly unlikely this will always be the case. We then get into the situation where the block signers (currently AJ and Kalle) are the gatekeepers on what soft fork proposals are added. The default signet is directly supported with the -signet flag in Bitcoin Core. Even if we are moving the proposed soft fork code to an external repo (to avoid it being merged into Core prematurely) it is still determining what soft forks are accessible from the signet flag in Bitcoin Core. I don't think it is fair on the signet block signers to put them in that position and I don't think it is wise to put other Bitcoin Core contributors/maintainers in the position of having to defend why some proposed soft forks are accessible on the default signet while others aren't.
>
> The default signet was a long term project to address the unreliability and weaknesses of testnet. Many default signet users won't be interested in testing soft fork proposals and it is not reasonable for them to be subject to a stalling or forked blockchain because changes to a soft fork proposal or a buggy soft fork proposal pushed to the default signet makes previous valid/invalid transactions invalid/valid. If they want to test proposed soft forks on a custom signet they are opting in to possible disruption rather than it being forced upon them.
>
> By focusing on custom signets rather than the default signet it also allows for more experimentation. Don't like the choices of which soft fork proposals have been added to bitcoin-inquisition? Set up your own custom signet with a different set of soft fork proposals and get users for your custom signet on a level playing field to bitcoin-inquisition. A soft fork proposal is found to be strictly inferior to another soft fork proposal? Just spin down the custom signet with that inferior soft fork proposal on it without impacting default signet users.
>
> So TL;DR still enthusiastic about this concept. Just with a strong preference that it is done on a custom signet rather than on the default signet.
>
> Thanks
> Michael
>
> --
> Michael Folkson
> Email: michaelfolkson at protonmail.com
> Keybase: michaelfolkson
> PGP: 43ED C999 9F85 1D40 EAF4 9835 92D6 0159 214C FEE3
>
>
> ------- Original Message -------
> On Monday, September 19th, 2022 at 11:05, Anthony Towns via bitcoin-dev bitcoin-dev@lists.linuxfoundation.org wrote:
>
>
>
> > On Sun, Sep 18, 2022 at 02:47:38PM -0400, Antoine Riard via bitcoin-dev wrote:
> >
> > > Said succinctly, in the genesis of creative ideas, evaluation doesn't
> > > happen at a single clear point but all along the idea lifetime, where this
> > > evaluation is as much done by the original author than its peers and a
> > > wider audience.
> >
> > Sure. I definitely didn't mean to imply a waterfall development model,
> > or that the phases wouldn't overlap etc.
> >
> > > I would still expose a concern to not downgrade in the pure empiricism in
> > > matter of consensus upgrades. I.e, slowly emerging the norm of a working
> > > prototype running on bitcoin-inquisition` as a determining factor of the
> > > soundness of a proposal. E.g with "upgrading lightning to support eltoo", a
> > > running e2e won't save us to think the thousands variants of pinnings, the
> > > game-theory soundness of a eltoo as mechanism in face of congestions, the
> > > evolvability of APO with more known upgrades proposals or the
> > > implementation complexity of a fully fleshed-out state machine and more
> > > questions.
> >
> > I agree here; but I think not doing prototypes also hinders thinking
> > about all the thousands of details in a fork. It's easy to handwave
> > details away when describing things on a whiteboard; and only realise
> > they're trickier than you thought when you go to implement things.
> >
> > > E,g if one implements the "weird" ideas
> > > about changes in the block reward issuance schedule discussed during the
> > > summer, another one might not want "noise" interferences with new
> > > fee-bumping primitives as the miner incentives are modified.
> >
> > (I don't think "miner incentives" are really something that can be
> > investigated on signet. You can assume how miners will respond to
> > incentives and program the mining software to act that way; but there's
> > no competitive pressure in signet mining so I don't think that really
> > demonstrates anything very much. Likewise, there's much less demand for
> > blockspace on signet than on mainnet, so it's probably hard to experiment
> > with "fee incentives" too)
> >
> > > I hope the upcoming
> > > Contracting Primitives WG will be able to document and discuss some of the
> > > relevant experiments run on bitcoin-inquisition.
> >
> > Likewise.
> >
> > (Lots trimmed due to either agreeing with it or having nothing to add)
> >
> > Cheers,
> > aj
> >
> > _______________________________________________
> > bitcoin-dev mailing list
> > bitcoin-dev@lists.linuxfoundation.org
> > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [bitcoin-dev] bitcoin-inquistion: evaluating soft forks on signet
2022-09-28 11:48 ` Michael Folkson
2022-09-28 20:01 ` alicexbt
@ 2022-10-02 4:06 ` Anthony Towns
1 sibling, 0 replies; 15+ messages in thread
From: Anthony Towns @ 2022-10-02 4:06 UTC (permalink / raw)
To: Michael Folkson, Bitcoin Protocol Discussion
On Wed, Sep 28, 2022 at 11:48:32AM +0000, Michael Folkson via bitcoin-dev wrote:
> SegWit was added
> to a new testnet (Segnet) for testing rather than the pre-existing testnet
> and I think future soft fork proposals should follow a similar approach.
I think past history falls into a few groups:
* p2sh was briefly tested on testnet (and an alternative was tested on
mainnet)
https://bitcointalk.org/index.php?topic=58579.msg786939#msg786939
* cltv and csv were mostly tested on elements alpha (liquid precursor
testnet); though they were activated on testnet 6 and 11 weeks prior
to mainnet
http://diyhpl.us/wiki/transcripts/gmaxwell-sidechains-elements/
* segwit was also tested via elements alpha, though in a different
form to what was deployed for bitcoin (ie, the elements approach
would have been a hard fork). because of the p2p changes (you need
additional data to validate blocks post segwit), segwit had dedicated
test networks, up to segnet4, from 1st Jan 2016 to 30th Mar 2016.
segwit was activated on testnet on 13th May 2016, merged into core on
25th June 2016, and included in the 0.13.1 released on 27th October
2016. I couldn't find very good public references about segnet, and
don't think it saw much use outside of people implementing segwit
consensus features themselves.
* taproot was merged 15th October 2020 (#18267), and activated on
signet as of genesis around 21st October 2020 (#20157). It was locked
in on mainnet on 12th June 2021, activated on testnet on 8th July
2021, and activated on mainnet on 14th November 2021.
* CTV had ctv-signet created around 17th December 2020, but it wasn't
really announced or encouraged until 17th Feb 2022. The core PR
(#21702) was opened 16th April 2021.
https://www.erisian.com.au/bitcoin-core-dev/log-2020-12-17.html#l-845
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2022-February/019925.html
* I think Drivechains has a DriveNet testnet (since 2018 or earlier?),
though I don't see an explorer, and it looks like the bitcoin code
it's based on predates taproot.
* Other than CTV, Drivechains and ideas being explored on Liquid,
most other ideas for bitcoin consensus changes haven't really
progressed past a gist, mailing list post, bip or draft patch
to somewhere that you can actually experiment (great consensus
cleanup, anyprevout, OP_TX/TXHASH, TLUV, SIGHASH_GROUP, PUSH_ANNEX,
checkblockatheight, g'root/graftroot, etc...)
I thing segnet was mostly used for development of segwit itself, rather
than testing or application development -- it was reset about once a
month as changes to the segwit design occurred, and after the design
was finalised, was active on testnet, either using -addnode to connect
directly to know segwit-enabled peers, or, eventually, with seed nodes
updated and filtering via the WITNESS feature. The 23rd June 2016
meeting logs have some relevant discussion:
https://www.erisian.com.au/bitcoin-core-dev/log-2016-06-23.html#l-178
> Even if there is community consensus on what soft fork proposals should be added to the default signet today (which may or may not be case) I find it highly unlikely this will always be the case.
The point of doing it via signet and outside of core is there doesn't
need to be any community consensus on soft forks. Unlike mainnet, signet
sBTC isn't money, and it isn't permissionless; and unlike merging it
into core, there isn't a risk of a mege having unintended side effects
impacting mainnet operation.
> We then get into the situation where the block signers (currently AJ and Kalle) are the gatekeepers on what soft fork proposals are added.
Because signet mining is a closed set (determined by the first block
after genesis when the signetchallenge is locked in), signet soft forks
always have gatekeepers. If signet miners don't opt-in to new soft forks
(by upgrading their node to allow mempool acceptance according to new
soft fork rules, and thus allow inclusion in block templates; or, if
they're running with -acceptnonstdtxn, to reject txs that don't comply
with the rules, so that funds using the new rules aren't actually anyone
can spend) then you can't test the new soft fork rules on signet.
> I don't think it is fair on the signet block signers to put them in that position and I don't think it is wise to put other Bitcoin Core contributors/maintainers in the position of having to defend why some proposed soft forks are accessible on the default signet while others aren't.
So, I think it's more accurate to say signet miners are fundamentally
*already* in that position. They can delegate that power of course,
saying "we'll just implement the default rules for the software we run",
but that just moves the responsibility around.
> The default signet was a long term project to address the unreliability and weaknesses of testnet.
That's certainly one goal. For me, that's one facet of the broader goal,
which is to make it easier to develop and test new and improved bitcoin
applications. So applications like vaults and eltoo that rely on the
creation of new consensus (or relay) features are important to me too.
Having taproot enabled on signet relatively early seemed like a win to me,
and, personally, I think it's something we should work out how to repeat.
> Many default signet users won't be interested in testing soft fork proposals and it is not reasonable for them to be subject to a stalling or forked blockchain
Sure, that's absolutely a concern. I even raised it in the original
post:
>>> before actually mining blocks I want to make the signet miner able
>>> to automatically detect/recover if the bitcoin-inquisition node either
>>> crashes or starts producing incompatible blocks.
I think I've got a specific approach there that I'm happy with now; it's
PRed as https://github.com/bitcoin-inquisition/bitcoin/pull/7
The idea is that if you want to mine "inquisition" blocks to test out a
soft fork, you run both a core and an inquistion bitcoind, but only use
the inquisition bitcoind for generating blocks -- you *always* submit
blocks to the core bitcoind (and if core rejects and inquisition block,
you generate a new template using core and mine and submit that). That
way blocks are never submitted to the network unless they satisfy core's
consensus rules, and from core's perspective the chain always progresses.
> because changes to a soft fork proposal or a buggy soft fork proposal pushed to the default signet makes previous valid/invalid transactions invalid/valid.
The above addresses the invalid to valid case for consensus rules (ie,
the part that would make a change not be a "soft fork").
The normal cases for a soft fork are:
* making a consensus valid transaction, invalid
* making a relay invalid transaction, valid
That leaves the final category for buggy behaviour as making a relay
valid transaction invalid for relay. It's not clear to me that dealing
with that automatically is a good idea -- that's a pretty severe class
of bug that could result in people being unable to spend their funds;
so maybe the best thing is for txs like that to be ignored by the
miners until the build up in the mempool and people start complaining
and insisting the bug get fixed?
That's also a reason to have it happen on the global signet: you don't
want people developing new soft fork rules to introduce such a bug and
not notice it because the people making such transactions don't care about
the soft fork, and then have it suddenly appear once it's already locked
in on mainnet. Better to have the bug impact signet transactions first,
before there's any risk of bugs affecting real money.
> If they want to test proposed soft forks on a custom signet they are opting in to possible disruption rather than it being forced upon them.
If you don't want to risk any disruption, then regtest or a private
signet is a better option. A global p2p network *always* has risk of
disruption at some level or another.
But again, opting-in to potential disruption from future soft forks that
are anywhere near the deployment phase is a *good* idea: far better for
the potential disruption to become real and observable when it only
affects fake money, and to fix it then, rather than having the risk
of losing real money due to bugs in features you didn't think you
cared about.
Cheers,
aj
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [bitcoin-dev] bitcoin-inquistion: evaluating soft forks on signet
2022-09-16 7:15 [bitcoin-dev] bitcoin-inquistion: evaluating soft forks on signet Anthony Towns
2022-09-16 16:46 ` Matt Corallo
2022-09-18 18:47 ` Antoine Riard
@ 2022-10-02 6:12 ` Anthony Towns
2022-10-02 15:25 ` Michael Folkson
2 siblings, 1 reply; 15+ messages in thread
From: Anthony Towns @ 2022-10-02 6:12 UTC (permalink / raw)
To: Bitcoin Protocol Discussion
On Fri, Sep 16, 2022 at 05:15:45PM +1000, Anthony Towns via bitcoin-dev wrote:
> So that's the concept. For practical purposes, I haven't yet merged
> either CTV or APO support into the bitcoin-inquisition 23.0 branch yet
I've now merged CTV and updated my signet miner to enforce both CTV and
APO (though you'd need to be either lucky or put some effort into it to
figure out how to get a CTV/APO transaction relayed to my miner).
Updating APO to be compatible with CTV actually seems to have found a
previously unknown bug in the CTV PR against core [0], so that seems
productive at the very least.
[0] https://github.com/bitcoin-inquisition/bitcoin/pull/8
https://github.com/bitcoin/bitcoin/pull/21702#pullrequestreview-1118047730
I've also mined a couple of test APO transactions [1]; both reusing an
APOAS signature [2], including demonstrating the case where a third party
can replay APO signatures to send funds from duplicate UTXOs to fees,
by spending those UTXOs in a single tx [3] [4].
[1] https://mempool.space/signet/address/tb1pesae595q3cpzp8j3gy07gussw9t9hh580xj027sfz6g8e530u3nqscn0yn
[2] "ec764a8ed632916868ca6dbfdc5bed95f74b83be62d01397aba7ec916982c6721c923fa22d29b5e0c4fddde0148233f0cf401758df23d8cc89c88f04beffc3c3c1" -- sighash of 0xc1 = ANYPREVOUTANYSCRIPT|ALL
https://mempool.space/signet/tx/ee6f6eda93a3d80f4f65f2e1000334132c9a014b3ed3dec888fdcc1f3441f52c
https://mempool.space/signet/tx/2cbcc4857e6ee8510d9479c01fbf133a9a2cde3f5c61ccf9439c69b7b83334ba
[3] https://github.com/bitcoin/bips/blob/master/bip-0118.mediawiki#Signature_replay
[4] https://mempool.space/signet/tx/53a9747546e378956072795351e8436cf704da72d235c8ac7560787b554a4d3f
Cheers,
aj
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [bitcoin-dev] bitcoin-inquistion: evaluating soft forks on signet
2022-10-02 6:12 ` Anthony Towns
@ 2022-10-02 15:25 ` Michael Folkson
2022-10-03 22:54 ` Anthony Towns
0 siblings, 1 reply; 15+ messages in thread
From: Michael Folkson @ 2022-10-02 15:25 UTC (permalink / raw)
To: Anthony Towns, Bitcoin Protocol Discussion
Thanks for this AJ, especially the history on prior soft forks, the vast majority of which I was unclear on.
> The point of doing it via signet and outside of core is there doesn't
need to be any community consensus on soft forks. Unlike mainnet, signet
sBTC isn't money, and it isn't permissionless; and unlike merging it
into core, there isn't a risk of a mege having unintended side effects
impacting mainnet operation.
Agreed. I'm obviously much happier with proposed consensus changes being activated prematurely on a signet (default or custom) than on mainnet.
> Because signet mining is a closed set (determined by the first block
after genesis when the signetchallenge is locked in), signet soft forks
always have gatekeepers.
I'm also perfectly happy with the status quo of the default signet having block signers and gatekeepers for soft forks activated on the default signet. I'm more concerned with those gatekeepers being under pressure to merge unfinished, buggy soft fork proposals on the default signet which need to be reversed or changed disrupting all default signet users. The bar for mainnet activations is obviously much higher than for the default signet but the default signet does still need a bar.
> If you don't want to risk any disruption, then regtest or a private
signet is a better option. A global p2p network *always* has risk of
disruption at some level or another.
Right but disruption isn't boolean, it is a spectrum. It isn't disruption or zero disruption. The more soft fork proposals that are enabled on the default signet (and the more changes to those soft fork proposals pushed to the default signet) the higher the risk of a stalling blockchain (your signet node rejects a block the rest of the signet network accepts). The small number of block signers (currently 2) should prevent you being forked off entirely onto a different default signet chain with new mined blocks being added to your blockchain tip but your blockchain could stall.
What should happen in this scenario? Say I'm a default signet full node runner and I don't want to run any code outside of say the Bitcoin Core repo. I don't care about the proposed soft forks being tested on the default signet, I just care about testing my application with the existing consensus rules on mainnet. However, my default signet blockchain has stalled because of some consensus rule adjustment (an effective hard fork) made by the signet miners and the block signers. I have to run a patch from bitcoin-inquisition to get my node adding blocks again? I'm essentially being forced to run code from bitcoin-inquisition or wait many months for a default signet checkpoint in a Core release.
I looked into linux-next[0] which you mentioned as an interesting parallel in the Linux ecosystem on last week's Bitcoin Optech Twitter Spaces [1]. In that link linux-next is described as:
"The linux-next tree is the holding area for patches aimed at the next kernel merge window."
I guess I'd also want expectations to be tempered a little for consensus changes on bitcoin-inquisition versus say this description of linux-next. I don't know where the bar will be set for default signet soft fork activations by the block signers and the miners but wherever it is set it will be lower than mainnet. And to be considered for activation on mainnet these proposals do require community consensus if we want to minimize the risk of mainnet chain splits. There are no block signers or regularly updated checkpoints on mainnet. It is certainly possible that soft fork proposals that get activated on the default signet never get activated on mainnet and that being activated on the default signet offers no guarantees or even intentions/aims for the next Bitcoin Core (or any alternative implementation) release. I'd like to avoid the "my soft fork proposal has been activated on the default signet so you should expect it to be activated on mainnet within x months or y years" type thing.
Thanks
Michael
[0]: https://www.kernel.org/doc/man-pages/linux-next.html
[1]: https://twitter.com/bitcoinoptech/status/1574697495325974528?s=20&t=XWkpA459C9qxOOrBuP2fYA
--
Michael Folkson
Email: michaelfolkson at protonmail.com
Keybase: michaelfolkson
PGP: 43ED C999 9F85 1D40 EAF4 9835 92D6 0159 214C FEE3
------- Original Message -------
On Sunday, October 2nd, 2022 at 07:12, Anthony Towns via bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org> wrote:
> On Fri, Sep 16, 2022 at 05:15:45PM +1000, Anthony Towns via bitcoin-dev wrote:
>
> > So that's the concept. For practical purposes, I haven't yet merged
> > either CTV or APO support into the bitcoin-inquisition 23.0 branch yet
>
>
> I've now merged CTV and updated my signet miner to enforce both CTV and
> APO (though you'd need to be either lucky or put some effort into it to
> figure out how to get a CTV/APO transaction relayed to my miner).
>
> Updating APO to be compatible with CTV actually seems to have found a
> previously unknown bug in the CTV PR against core [0], so that seems
> productive at the very least.
>
> [0] https://github.com/bitcoin-inquisition/bitcoin/pull/8
> https://github.com/bitcoin/bitcoin/pull/21702#pullrequestreview-1118047730
>
> I've also mined a couple of test APO transactions [1]; both reusing an
> APOAS signature [2], including demonstrating the case where a third party
> can replay APO signatures to send funds from duplicate UTXOs to fees,
> by spending those UTXOs in a single tx [3] [4].
>
> [1] https://mempool.space/signet/address/tb1pesae595q3cpzp8j3gy07gussw9t9hh580xj027sfz6g8e530u3nqscn0yn
>
> [2] "ec764a8ed632916868ca6dbfdc5bed95f74b83be62d01397aba7ec916982c6721c923fa22d29b5e0c4fddde0148233f0cf401758df23d8cc89c88f04beffc3c3c1" -- sighash of 0xc1 = ANYPREVOUTANYSCRIPT|ALL
>
> https://mempool.space/signet/tx/ee6f6eda93a3d80f4f65f2e1000334132c9a014b3ed3dec888fdcc1f3441f52c
> https://mempool.space/signet/tx/2cbcc4857e6ee8510d9479c01fbf133a9a2cde3f5c61ccf9439c69b7b83334ba
>
> [3] https://github.com/bitcoin/bips/blob/master/bip-0118.mediawiki#Signature_replay
>
> [4] https://mempool.space/signet/tx/53a9747546e378956072795351e8436cf704da72d235c8ac7560787b554a4d3f
>
> Cheers,
> aj
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
^ permalink raw reply [flat|nested] 15+ messages in thread
* Re: [bitcoin-dev] bitcoin-inquistion: evaluating soft forks on signet
2022-10-02 15:25 ` Michael Folkson
@ 2022-10-03 22:54 ` Anthony Towns
0 siblings, 0 replies; 15+ messages in thread
From: Anthony Towns @ 2022-10-03 22:54 UTC (permalink / raw)
To: Michael Folkson, Bitcoin Protocol Discussion
On Sun, Oct 02, 2022 at 03:25:19PM +0000, Michael Folkson via bitcoin-dev wrote:
> I'm also perfectly happy with the status quo of the default signet
> having block signers and gatekeepers for soft forks activated on the
> default signet. I'm more concerned with those gatekeepers being under
> pressure to merge unfinished, buggy soft fork proposals on the default
> signet which need to be reversed or changed disrupting all default
> signet users.
First, I think it's far better for signet miners to be under that pressure
than either mainnet miners or maintainers/devs of bitcoin core. Or for
that matter, users of bitcoin who are just trying to use bitcoin and
not lose their money to bank confiscation or central bank hyperinflation.
That's where we stand today, whether you look solely at historical
precedent (cltv, csv, segwit were only testable on blockstream's elements
alpha prior to being merged into core, and combined with confidential
assets, that's not really a 1:1 test environment; taproot wasn't really
testable anywhere prior to being merged into core), or you consider the
focus of people actively trying to get forks deployed currently (ctv
has been pushing for a merge [0], and considered trying to get users
and miners to adopt it [1]; likewise the great consensus cleanup first
proposed a PR for core [2] before posting a bip draft [3] and progress
stopped when the PR didn't move forwards; likewise drivechains/bip300's
current deployment approach is "do a uasf on mainnet"); or see sentiment
such as [4].
[0] https://www.erisian.com.au/bitcoin-core-dev/log-2022-01-13.html#l-490
https://rubin.io/bitcoin/2021/12/24/advent-27/
[1] https://rubin.io/bitcoin/2022/04/17/next-steps-bip119/
[2] https://github.com/bitcoin/bitcoin/pull/15482
[3] https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2019-March/016714.html
[4] https://twitter.com/CobraBitcoin/status/1570380739010793479
It's *great* that core maintainers, reviewers, devs, URSF advocates, etc
are able to resist pressure to merge bad things; what's not great is
directing the time and attention of researchers and devs and businesses
who are trying to come up with good things for bitcoin at something that
doesn't encourage useful forward progress.
But second, APO and CTV aren't being kept out of core because they're
"unfinished and buggy" per se (which isn't to say they aren't buggy or
shouldn't be kept out for that reason); at least in my view, they're
being kept out because of a combination of (a) it's not clear that
they're desirable to deploy on mainnet (whether at all, or in comparison
to other ways of obtaining similar functionality); and (b) prioritising
reducing risk on mainnet, vs improving the ability to test new ideas
outside of mainnet.
Bugs are much easier to deal with in comparison: you put a bunch of
testing/dev effort in to figure out what bugs there might be, then you
analyse them, then you fix them. If it were just a matter of finding
and fixing bugs, that's still hard, sure, but it's something we know
how to do.
It's the broader questions that are trickier: eg, do we want CTV first, or
CTV+APO at the same time, or just APO first? do we want some subtle tweaks
to CTV or APO rules to make them better? do we want OP_TXHASH or OP_TX
or some other variant instead? do we want to skip the intermediate steps
and go straight to simplicity/lisp? do we want to never have anything
that may risk covenant-like behaviour ever? Without even an idea how to
get answers to those, it's not clear that it even makes sense to spend
the time working on finding/fixing obscure implementation bugs in the
proposals.
(Ultimately, in my opinion, it's the same thing with drivechains and the
great consensus cleanup: are these ideas sensible to deploy on mainnet? If
the answer to that were a clear yes for either of them, then it would
make sense to work on merging them in core and activating on mainnet;
but at least to me, it's not clear whether the answer should be yes,
yes after some specific set of changes, or no. Nor is it clear what work
would help produce a clear answer)
I think breaking the loop there is helpful: get these ideas out on
signet, where finding and fixing bugs does matter and is worth doing, but
where you *don't* have to deal with deep existential questions because
you're not messing with a multi billion dollar system and committing to
supporting the feature for the entire future of humanity.
Then, if there are alternative approaches that people think might be
better, get them out on signet too so that you can do apples-to-apples
comparisons: see how much code they are to actually implement, how
convenient they are to build on, whether there are any unexpected
differences between theory and practice, etc. Then you can build up real
answers to "is this a sensible thing to deploy on mainnet?"
For that, to get things onto signet you really only need to establish:
* it's interesting enough to be worth spending time on
* it's gone through a decent level of review and there are no known
bugs
* it doesn't conflict too heavily with the other interesting changes
we'd like to look at
and as a result you get to see the change in a production-like
environment, and can use that to help get better answers to the deeper,
harder questions.
There's definitely some threshold where a proposed soft fork would be
too much effort to add to inquisition -- perhaps that comes with adding
something like Simplicity ("227 changed files with 72,617 additions"
[5]), or perhaps it would be doing something like confidential assets
which is both intrusive and perhaps undesirable for mainnet deployment,
or perhaps it's just numbers: I had to adjust the APO patches to rebase
them on top of CTV; doing that N-1 times (in perhaps N**2 locations?) for
N soft forks will no doubt get tedious as N increases -- so maybe only
merging the "top 10" proposals in any six month period would make sense? I
don't really see the problem with crossing that bridge when we come to
it though.
[5] https://github.com/ElementsProject/elements/compare/simplicity
I guess I don't really mind if it's just me and Kalle deciding what the
"top 10" proposals are, or deciding at what point additional PRs get
too hard to merge. But in my ideal world, we'd have multiple devs and
researchers reviewing PRs in the inquisition repo, and as the ones doing
the work, it would make sense for them also to be the ones deciding what
projects are the most interesting and worth spending that effort on, and
thus which proposals are included and which ones aren't. At least that
way wannabe gatekeepers have to at least contribute useful review effort.
> Right but disruption isn't boolean, it is a spectrum. It isn't
> disruption or zero disruption. The more soft fork proposals that are
> enabled on the default signet (and the more changes to those soft fork
> proposals pushed to the default signet) the higher the risk of a stalling
> blockchain
Like I said, I believe PR#7 makes that particular risk negligible (ie,
for people following signet with bitcoin core, the risk of a stalling
chain is no greater than it would be if all the signet miners were also
only running bitcoin core).
But you're right, it is a spectrum: eg, there's also the risk that
a bug in one soft fork interferes with testing another soft fork
(perhaps core nodes see signet continuing to add blocks, but inquisition
nodes do not, because the inquisition node's getblocktemplate resulted
in a block that core accepts but inquisition rejects). There's three
potential ways of mitigating that risk:
* finding bugs like that during review, before merging the code, let
alone running it
* quickly noticing such bugs, and reorging blocks that trigger them out
* using the -renounce feature of bitcoin-inquisition to temporarily
disable enforcing a buggy soft fork, until a fix can be merged and
deployed
But that risk only affects people following signet using an inquisition
node, and occurs whether or not it's a shared chain with bitcoin core
nodes. I'd hope that we can have good enough review that consensus bugs
are pretty rare in practice; but in the event that we do have them,
probably better that inquisition nodes do fail in obvious ways, so that
the bugs get noticed quickly and fixed.
> "The linux-next tree is the holding area for patches aimed at the next kernel merge window."
> I guess I'd also want expectations to be tempered a little for consensus changes on bitcoin-inquisition versus say this description of linux-next.
I think you're misinterpreting that description. "aimed at" doesn't
mean "will be accepted during", and more importantly, linux-next
is just an inspiration, not a template to follow literally. Anyway,
https://lwn.net/Articles/287155/ might be a better jumping off point if
you're interested in that rabbit hole.
> I'd like to avoid the "my soft fork proposal has been activated on
> the default signet so you should expect it to be activated on mainnet
> within x months or y years" type thing.
Like I said: this is a way to improve the "evaluation phase". Think of
it like the proposal being a kid sitting an exam; that they sit the exam
doesn't mean they're going to get an A+, even if you already have to do
a lot of work to sit the exam in the first place.
I think the ideal result from a soft fork proposal evaluation would be:
- this is the explicit proposal [bipN], here are the corresponding
changes to the code [PR#N]
- the performance impact on validators/miners of this change is [p]
so in the context of the applications mentioned above, that's [x.p,
y.p, z.p]. you can observe worst case performance under normal
conditions (where relay rules apply) by looking at signet blocks
[a, b, c]; worst case performance if a miner is attacking (using
non-standard transactions) may look like [d].
- people have come up with other alternative ideas [x, y]. this
proposal is superior to [x] because of [objective reason],
and superior to [y] because [when we tried it, y turned out to
be too annoying to implement/use].
- here are real, functioning examples of useful, new/improved
applications that you can build with this feature. if it were activated
on mainnet, they could be deployed on day 1, and see real use: [x,
y, z]
We've been pretty good at the first two already; it's the second two
that I think are holding back current proposals, and that this would help
improve. At least for me, an "A+" answer to all of the above would cause
me to advocate for a proposal to be deployed on mainnet. My concept of
an A+ answer here is "this is such a good idea that it's now obvious to
essentially everyone, and there's no meaningful debate left to have".
A "B" answer, where, say, applications using the feature exist, but
don't seem very interesting or valuable is also possible; I'd think
that's a "needs improvement" result, where maybe you go back and try
to come up with a better proposal that enables more useful results,
rather than trying to get it deployed on mainnet. A "B" answer still
leaves open the question of "is there really a point? changes are risky,
and signet's not going to test every possible scenario..."
Having the outcome of an evaluation be an "F" for fail is also useful
-- maybe it turns out that despite a bunch of people thinking CTV
or drivechains are cool, that they do make it too easy to destroy
everything. In that case, having an objective demonstration of the
failure mode is a great outcome of an evaluation process: it allows us
to say "sorry, it's a waste of time working on this; you'll need to come
up with an entirely new approach that avoids this flaw" and have R&D
effort spent on useful things instead. Far better that than not giving
an answer and letting people assume "oh, we just need to hire someone
full time to advocate and shepherd the proposal" and spend more
R&D effort on a dead end.
(In the event that a proposed soft fork that gets added to inquisition
enables interesting/non-obvious miner-only attacks -- drivechains
maybe? -- I think I'd be open to the idea of manually mining some
non-standard signet blocks in order to crystallize what that sort of
attack might look like)
I'd say the "length of time" thing should look more like:
- here's our awesome idea, isn't it exciting?
- wow, people really are excited, let's implement it and deploy it
on signet!
- great, it's been on signet for a while: here's the applications
people have built using our idea: you should have a look!
- it seems like we've resolved all the issues, and people are pretty
excited about using the new apps with real money, let's deploy it
on mainnet
that is "it's been on signet a long time" is more about "here are the
apps that people have developed in that time" and "here's the adversarial
analysis people have done over that period to see if the idea is safe
or not". Whether something gets deployed on mainnet is more a question
of "are these apps actually valuable", "have the risks been thoroughly
explored and minimised", and "have alternatives been explored". If the
answer to some/all of those is still "no", then having had a long time
for that work to happen is probably more a negative than a positive...
Cheers,
aj
^ permalink raw reply [flat|nested] 15+ messages in thread
end of thread, other threads:[~2022-10-03 22:54 UTC | newest]
Thread overview: 15+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2022-09-16 7:15 [bitcoin-dev] bitcoin-inquistion: evaluating soft forks on signet Anthony Towns
2022-09-16 16:46 ` Matt Corallo
2022-09-17 6:14 ` Anthony Towns
2022-09-17 8:39 ` Matt Corallo
2022-09-17 15:53 ` Michael Folkson
2022-09-18 12:27 ` alicexbt
2022-09-18 18:44 ` Michael Folkson
2022-09-18 18:47 ` Antoine Riard
2022-09-19 10:05 ` Anthony Towns
2022-09-28 11:48 ` Michael Folkson
2022-09-28 20:01 ` alicexbt
2022-10-02 4:06 ` Anthony Towns
2022-10-02 6:12 ` Anthony Towns
2022-10-02 15:25 ` Michael Folkson
2022-10-03 22:54 ` Anthony Towns
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox