[bitcoin-dev] Compatibility requirements for hard or soft forks

[Rusty Russell]

Gavin Andresen via bitcoin-dev <bitcoin-dev at lists.linuxfoundation.org> writes:
> Should it be a requirement that ANY one-megabyte transaction that is valid
> under the existing rules also be valid under new rules?
>
> Pro:  There could be expensive-to-validate transactions created and given a
> lockTime in the future stored somewhere safe. Their owners may have no
> other way of spending the funds (they might have thrown away the private
> keys), and changing validation rules to be more strict so that those
> transactions are invalid would be an unacceptable confiscation of funds.

Not just lockTime; potentially any tx locked away in a safe.

Consider low-S enforcement: high chance a non-expert user will be unable
to spend an old transaction.  They need to compromise their privacy
and/or spend time and money.  A milder "confiscation" but a more likely
one.

By that benchmark, we should aim for "reasonable certainty".  A
transaction which would never have been generated by any known software
is the minimum bar.  Adding "...which would have to be deliberately
stupid with many redundant OP_CHECKSIG etc" surpasses it.  The only extra
safeguard I can think of is clear, widespread notification of the
change.

Cheers,
Rusty.