đ
Original date posted:2015-10-05
đ Original message:Putting aside stupid arguments about who is older or who starting using the
term SPV wallet first, let me try and make a better suggestion than what's
in the BIP. How about the following:
A new flag is introduced to Core, --scriptchecks=[all,standardonly,none].
The default is all. When set to "standardonly", non-standard scripts are
not checked but others are. This is similar to the behaviour during a soft
fork. In "none" you have something a bit like SPV mode, but still
calculating the UTXO set. This flag is simple and can be implemented in a
few lines of code. Then an unused opcode is used for CLTV, so making it a
hard fork.
This has the following advantages:
- Nodes that want the pseudo-SPV behaviour of a soft fork can opt in to
it if they want it. This prioritises availability (in a sense) over
correctness.
- But otherwise, nodes will prioritise correctness by default, which is
how it should be. This isn't PHP where nonsensical code the interpreter
doesn't understand just does ...... something. This is financial software
where money is at risk. I feel very strongly about this: undefined
behaviour is fine *if you opted into getting it. *Otherwise it should be
avoided whenever possible.
- SPV wallets do the right thing by default.
- IsStandard doesn't silently become a part of the consensus rules.
- All other software gets simpler. It's not just SPV wallets. Block
explorers, for example, can just add a single line to their opcode map.
With a soft fork they have to implement the entire soft fork logic just to
figure out when an opcode transitioned from OP_NOP to CLTV and make sure
they render old scripts differently to new scripts. And they face tricky
questions - do they render an opcode as a NOP if the miner who built it was
un-upgraded, or do they calculate the flag day and change all of them after
that? It's just an explosion of complexity.
Many people by now have accepted that hard forks are simpler, conceptually
cleaner, and prioritise correctness of results over availability of
results. I think these arguments are strong.
So let me try addressing the counter-arguments one more time:
- Hard forks require everyone to upgrade and soft forks don't. I still
feel this one has never actually been explained. There is no difference to
the level of support required to trigger the change. With the suggestion
above, if someone can't or won't upgrade their full node but can no longer
verify the change, they can simply restart with -scriptchecks=standardonly
and get the soft fork behaviour. Or they can upgrade and get their old
security level back.
- Hard forks are somehow bad or immoral or can lead to "schisms". This
is just saying, if we hold a vote, the people who lose the vote might try
starting a civil war and refuse to accept the change. That's not a reason
to not hold votes.
But at any rate, they can do that with soft forks too: just decide that
any output that contains OP_CLTV doesn't make it into the UTXO set.
Eventually coins that trace back to such an output will become unusable in
the section of the economy that decided to pick a fight.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20151005/563a298c/attachment-0001.html>;
Mike Hearn [ARCHIVE] /
npub17tâŚ4qgyd
2023-06-07 19:41:58
in reply to nevent1qâŚgv2j
Author Public Key
npub17ty4mumkv43w8wtt0xsz2jypck0gvw0j8xrcg6tpea25z2nh7meqf4qgydPublished at
2023-06-07 19:41:58Event JSON
{
"id": "47f43a6aab145d11e321f02d0ebf5b4b75547dd6e0727f49140f16fe4089f0c0",
"pubkey": "f2c95df3766562e3b96b79a0254881c59e8639f23987846961cf55412a77f6f2",
"created_at": 1686159718,
"kind": 1,
"tags": [
[
"e",
"7ff2050ebdfe33f92ad46edcffb5d61f26a94f61437237faeeaedfedde460e1c",
"",
"root"
],
[
"e",
"dab279d6b2fd18ddc075a7733e3baa7f1987e1fb0127e186c08fa13f7c134d6d",
"",
"reply"
],
[
"p",
"4a707c4056a3811acd80f1c1bf4c3bde0ee81915a44f6f409a7d61776f638491"
]
],
"content": "đ
Original date posted:2015-10-05\nđ Original message:Putting aside stupid arguments about who is older or who starting using the\nterm SPV wallet first, let me try and make a better suggestion than what's\nin the BIP. How about the following:\n\nA new flag is introduced to Core, --scriptchecks=[all,standardonly,none].\nThe default is all. When set to \"standardonly\", non-standard scripts are\nnot checked but others are. This is similar to the behaviour during a soft\nfork. In \"none\" you have something a bit like SPV mode, but still\ncalculating the UTXO set. This flag is simple and can be implemented in a\nfew lines of code. Then an unused opcode is used for CLTV, so making it a\nhard fork.\n\nThis has the following advantages:\n\n - Nodes that want the pseudo-SPV behaviour of a soft fork can opt in to\n it if they want it. This prioritises availability (in a sense) over\n correctness.\n\n - But otherwise, nodes will prioritise correctness by default, which is\n how it should be. This isn't PHP where nonsensical code the interpreter\n doesn't understand just does ...... something. This is financial software\n where money is at risk. I feel very strongly about this: undefined\n behaviour is fine *if you opted into getting it. *Otherwise it should be\n avoided whenever possible.\n\n - SPV wallets do the right thing by default.\n\n - IsStandard doesn't silently become a part of the consensus rules.\n\n - All other software gets simpler. It's not just SPV wallets. Block\n explorers, for example, can just add a single line to their opcode map.\n With a soft fork they have to implement the entire soft fork logic just to\n figure out when an opcode transitioned from OP_NOP to CLTV and make sure\n they render old scripts differently to new scripts. And they face tricky\n questions - do they render an opcode as a NOP if the miner who built it was\n un-upgraded, or do they calculate the flag day and change all of them after\n that? It's just an explosion of complexity.\n\nMany people by now have accepted that hard forks are simpler, conceptually\ncleaner, and prioritise correctness of results over availability of\nresults. I think these arguments are strong.\n\nSo let me try addressing the counter-arguments one more time:\n\n - Hard forks require everyone to upgrade and soft forks don't. I still\n feel this one has never actually been explained. There is no difference to\n the level of support required to trigger the change. With the suggestion\n above, if someone can't or won't upgrade their full node but can no longer\n verify the change, they can simply restart with -scriptchecks=standardonly\n and get the soft fork behaviour. Or they can upgrade and get their old\n security level back.\n\n - Hard forks are somehow bad or immoral or can lead to \"schisms\". This\n is just saying, if we hold a vote, the people who lose the vote might try\n starting a civil war and refuse to accept the change. That's not a reason\n to not hold votes.\n\n But at any rate, they can do that with soft forks too: just decide that\n any output that contains OP_CLTV doesn't make it into the UTXO set.\n Eventually coins that trace back to such an output will become unusable in\n the section of the economy that decided to pick a fight.\n-------------- next part --------------\nAn HTML attachment was scrubbed...\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20151005/563a298c/attachment-0001.html\u003e",
"sig": "bb9bac38db6191238f92cdadd24d369ba9acc760500adb561ecfd0c97156dbfc819124eb120ce73f22ee9a0ff658db76e32ff351a5f134ebc92649fc6eb7031c"
}