[bitcoin-dev] Modern Soft Fork Activation
Matt Corallo
lf-lists at mattcorallo.com
Tue Jan 14 19:22:47 UTC 2020
Good thing no one is proposing a naive BIP 9 approach :). I'll note that
BIP 9 has been fairly robust (spy-mining issues notwithstanding, which
we believe are at least largely solved in the wild) in terms of safety,
though I noted extensively in the first mail that it failed in terms of
misunderstanding the activation parameters. I think the above proposal
largely solves that, and I don't see much in the way of arguing that
point from you, here.
As an aside, BIP 9 is also the Devil We Know, which carries a lot of
value, since we've found (and addressed) direct issues with it, whereas
all other activation methods we have ~0 experience with in the modern
Bitcoin network.
On 1/10/20 11:37 PM, Luke Dashjr wrote:
> I think BIP 9 is a proven failure, and flag day softforks have their own
> problems:
>
> A) There is no way to unambiguously say "the rules for this chain are
> <x,y,z>". It leaves the chain in a kind of "quantum state" where the rules
> could be one thing, or could be another. Until the new rules are violated, we
> do not know if the softfork was a success or not. Because of this, people
> will rightly shy away from relying on the new rules. This problem is made
> worse by the fact that common node policies might not produce blocks which
> violate the rules. If we had gone with BIP149 for Segwit, it is IMO probable
> we would still not have a clear answer today to "Is Segwit active or not?"
>
> B) Because of (A), there is also no clear way to intentionally reject the
> softfork. Those who do not consent to it are effectively compelled to accept
> it anyway. While it is usually possible to craft an opposing softfork, this
> should IMO be well-defined and simple to do (including a plan to do so in any
> BIP9-alike spec).
>
> For these reasons, in 2017, I proposed revising BIP 8 with a mandatory signal,
> similar to how BIP148 worked: https://github.com/bitcoin/bips/pull/550
> However, the author of BIP 8 has since vanished, and because we had no
> immediate softfork plans, efforts to move this forward were abandoned
> temporarily. It seems like a good time to resume this work.
>
> In regard to your goal #3, I would like to note that after the mandatory
> signal period, old miners could resume mining unchanged. This means there is
> a temporary loss of hashrate to the network, but I think it is overall better
> than the alternatives. The temporary loss of income from invalid blocks will
> also give affected miners a last push to upgrade, hopefully improving the
> long run security of the network hashrate.
>
> Luke
>
> (P.S. As for your #1, I do think it is oversimplified in some cases, but we
> should leave that for later discussion when it actually becomes relevant.)
More information about the bitcoin-dev
mailing list