[bitcoin-dev] Trustless Segwit activation bounty protocol (aka. bribing the miners)

Alex Mizrahi alex.mizrahi at gmail.com
Thu Apr 27 18:41:17 UTC 2017

> 2B. If Segwit has not activated at height H, Input 1 of the Bounty Payout
> is not valid since it spends a P2WPKH output, preventing the miner from
> including the Bounty Payout transaction in the block. (However, the output
> of the Segwit Assertion tx can be claimed since it is treated as
> anyone-can-spend, although this is not an issue since it is a very small
> amount).

It's a small amount by itself, but miners who are aware of Bounty Payout
Transaction will try to include both these transactions (and both are valid
both on SW and non-SW chains by definition of SW being a soft fork).

If you set timelock of BPT to (H+1) then you sort of discourage this
behavior because a miner of block H might be not the same as miner of block
(H+1), thus he cannot grab this bounty for sure.

Still, there is a chance that same miner will mine both blocks, so
game-theoretically it makes sense to insert SAT into your block since your
expected payoff is positive.

So I'm afraid miners will just grab these bounties regardless of segwit
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20170427/7874160d/attachment.html>

More information about the bitcoin-dev mailing list