On Monday, December 21, 2020 2:57 PM, Pieter Wuille via bitcoin-dev
<bitcoin-dev@lists.linuxfoundation.org> wrote:
> On Sunday, December 20, 2020 9:37 PM, Karl-Johan Alm via bitcoin-dev
> bitcoin-dev@lists.linuxfoundation.org wrote:
>
> > Thanks a lot for taking the time to brush up the BIP. For what it's
> > worth, I am all for these changes, and I see them as clear
> > improvements all around.
> > IIRC Pieter was the one who originally suggested the two-checks
> > approach (invalid, inconclusive, valid) which is being modified here,
> > so would be good if you chimed in (or not -- which I'll assume means
> > you don't mind).
>
> I agree with the idea of permitting incomplete validators to return
> inconclusive as well. That doesn't really reduce the functionality (given
> that "inconclusive" was already a potential result), and it obviously makes
> it much more accessible to a variety of software.
>
> This suggestion breaks the original use of inconclusive though: the ability
> to detect that future features are used in the signature. The idea was to use
> divergence between "consensus valid" and "standardness valid" as a proxy for
> future extensions to be detected (e.g. OP_NOPn, future witness versions,
> ...). I think it's undesirable that these things now become unconditionally
> invalid (until the BIP is updated, but once that happens old validators will
> give a different result than new ones).
>
> Since the BIP no longer relies on a nebulous concept of standardness, and
> instead specifically defines which standardness features are to be
> considered, this seems easy to fix: whenever validation fails due to any of
> those, require reporting inconclusive instead of invalid (unless of course
> something actually invalid also happens). In practice I guess you'd implement
> that (in capable validators) by still doing validation twice, once with all
> features enabled that distinguish between valid/invalid, and if valid, again
> but now with the features enabled that distinguish between valid and (invalid
> or inconclusive).
Re-reading your proposed text, I'm wondering if the "consensus-only validation"
extension is intended to replace the
inconclusive-due-to-consensus-and-standardness-differ state. If so, I don't
think it does, and regardless it doesn't seem very useful.
What I'm suggestion could be specified this way:
* If validator understands the script:
* If signature is consensus valid (as far as the validator knows):
* If signature is not known to trigger standardness rules intended for
future extension (well-defined set of rules listed in BIP, and revisable):
return valid
* Otherwise: return inconclusive
* Otherwise: return invalid
* Otherwise: return inconclusive
Or in other words: every signature has a well-defined result (valid, invalid,
inconclusive) + validators may choose to report inconclusive for anything they
don't understand.
This has the property that as long as new consensus rules only change things
that were covered under for-future-extension standardness rules, no two
validators will ever claim valid and invalid for the same signature. Only
valid+inconclusive or invalid+inconclusive.
Cheers,
--
Pieter
_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
