Re: [bitcoin-dev] Taproot activates - A time/block line

[0xB10C via bitcoin-dev]

Thanks, Michael, for writing this up. I agree that it's good to archive
events like, for example, soft-fork activations in an ML post.

All bigger pools have now included multiple P2TR spends in their blocks.
I have a few comments on what happened at F2Pool and to some extend also
at AntPool. These were pool number three and pool number five to signal
taproot readiness. I'm not affiliated with them but was happy to help
F2Pool out and return the favor[1] when they asked for help debugging
why they don't include P2TR spends. I have the permission to share some
pool internals and hope this can help make future soft-forks even smoother.

Please take my comments with a grain of salt. On the one hand, it could
be that I'm naive in believing what the pools have told me in private
communication. On the other hand, I'm not as marked from the blocksize
war as others might be.


On 11/15/21 3:42 PM, Michael Folkson via bitcoin-dev wrote:
> [..]
>
> Block 709632: The first block where full nodes started enforcing
> Taproot rules was mined by F2Pool. It seems [2] F2Pool wasn’t
> enforcing Taproot rules and did not include any Taproot spends (some
> with high fee rates) in this block. [..] but it does lead to
> discussions for a later time on whether Speedy Trial signaling was
> effective if some mining pools signaled readiness months previous but
> then did not enforce the new soft fork rules on activation.
>
> Block 709633: Mined by AntPool. Similar to F2Pool they didn’t include
> any Taproot spends in this block and one would assume that they also
> weren’t enforcing Taproot rules though this has not been confirmed.
>
> Block 709634: Also mined by AntPool.
>
> Block 709635: The first block which included (numerous) valid Taproot
> spends (and no invalid Taproot spends) was mined by Foundry USA.
>
> [..]
>
> [1]: https://b10c.me/blog/007-spending-p2tr-pre-activation/
> [2]: https://twitter.com/satofishi/status/1459868549674065926
> 
>
> [..]

While F2Pool responded they "Will upgrade soon" [2] to my question if
they haven't upgraded their nodes yet, I think they were primarily
buying time as they them-self weren't sure what the issue is. "We are
looking into it" could have been a better and more fitting response.

An F2Pool engineer reached out on the 16th (two days after activation),
mentioning they had been running Bitcoin Core v0.21.1 for a few weeks
now and upgraded to v22.0 today (on the 16th) in the hope that this
would fix their problem of not including P2TR spends. They asked if I
could create and _not_ broadcast a P2TR spending transaction for them to
check with testmempoolaccept/sendrawtransaction/getblocktemplate.

I constructed and sent a P2TR spend and asked them to check the versions
of their nodes peers too. testmempoolaccept returned "allowed": true
(expected as they were running >= v0.21.1). However, it turned out that
they weren't connected to any P2TR-spend-relaying peers. They didn't
receive any P2TR spending transaction and couldn't include them in their
block templates. It seems like this was caused by a) using addnode to
directly connect to known, external peers that hadn't upgraded. But more
importantly, b) by applying a custom patch to their node's peer
selection behavior based on a heuristic that worked for a few years but
at some point broke without being noticed (I'm not publishing details on
purpose). F2Pool has fixed this. With connections to >= v0.21.1 nodes,
they started receiving and constructing blocks with P2TR spends.

I haven't been in contact with AntPool directly and don't know details
about their situation. Alejandro De La Torre (@bitentrepreneur)
communicated with them and said I can include the following:

"I spoke with antpool after I noticed from b10c’s tweet that they had
not included P2TR [spends]. They were quick to react when I inquired.
They had not updated to bitcoind 22.0, but had tested it and were
planning to update soon. The next day they indeed updated and were able
to include a tx with a P2TR spend."

and

 "[Anpool] said that the old peer issue that F2Pool faced 'may be the
issue'."

AntPool didn't provide more information to Alejandro. It's not clear to
me what the actual issues and fixes were.


I'll leave it to someone else to properly reflect on speedy trial. I,
however, want to add: F2Pool mentioned that they "upgraded to v0.21.1
several weeks ago". This indicates that they were signaling without
being ready. I don't blame them and assume they were not the only pool
just setting the version bit. IMO some of the motivations for fake
signaling: a) Immense community pressure (e.g., on Twitter) to just set
the bit and then get ready in the next six months. b) Running nodes with
custom patches. These require longer to upgrade, especially if you want
to ensure there aren't any bugs in your patches...


It's out of the scope of the Bitcoin Core project to consider people's
custom patches, and it's 

Re: [bitcoin-dev] Taproot Fields for PSBT

[Pieter Wuille via bitcoin-dev]

On Wednesday, November 24th, 2021 at 7:44 AM, Sjors Provoost via bitcoin-dev 
 wrote:

> Hi Andrew,
>
> I'm confused why PSBT_IN_TAP_BIP32_DERIVATION and 
> PSBT_OUT_TAP_BIP32_DERIVATION
> contain not just the derivation path for the xonlypubkey, but also the 
> tapleaf merkle path.
>
> First I thought it was perhaps necessary in order for a signer to guess which
> script leaves it can sign with its own keys. But you can't really know that 
> without
> actually seeing the script. When a signer looks at a script, it presumably 
> already
> knows the leaf path.

No, that's exactly it. Signers aren't expected to know or understand scripts 
ahead of time. With a field telling them which keys are present in which 
leaves, and how those keys are derived, they can sign without fully 
understanding the script, or needing the ability to parse the relevant script 
at all. The actual script information is there too of course, for those that do 
want to analyze it, or factor that into the decision whether to sign or not.

Cheers,

--
Pieter___
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev

Re: [bitcoin-dev] Taproot Fields for PSBT

[Greg Sanders via bitcoin-dev]

I may be misunderstanding the question, but it seems essential data for the
finalizer role, which may not know such information on its own.

On Wed, Nov 24, 2021 at 11:15 PM Sjors Provoost via bitcoin-dev <
bitcoin-dev@lists.linuxfoundation.org> wrote:

> Hi Andrew,
>
> I'm confused why PSBT_IN_TAP_BIP32_DERIVATION and
> PSBT_OUT_TAP_BIP32_DERIVATION
> contain not just the derivation path for the xonlypubkey, but also the
> tapleaf merkle path.
>
> First I thought it was perhaps necessary in order for a signer to guess
> which
> script leaves it can sign with its own keys. But you can't really know
> that without
> actually seeing the script. When a signer looks at a script, it presumably
> already
> knows the leaf path.
>
> - Sjors
>
> Op 22 jun. 2021, om 23:22 heeft Andrew Chow via bitcoin-dev <
> bitcoin-dev@lists.linuxfoundation.org> het volgende geschreven:
>
> Hi All,
>
> I would like to propose a BIP which defines new fields for Taproot
> support in PSBT.
>
> The full text is below, and the rendered file can be found at
>
>
> Now at: https://github.com/bitcoin/bips/blob/master/bip-0174.mediawiki
>
> -
> | Taproot Key BIP 32 Derivation Path
> | PSBT_IN_TAP_BIP32_DERIVATION = 0x16
> | 
> | The 32 byte X-only public key
> |  * <32-bit uint> <32-bit uint>*
> | A compact size unsigned integer representing the number of leaf
> hashes, followed by a list of leaf hashes, followed by the master key
> fingerprint concatenated with the derivation path of the public key. The
> derivation path is represented as 32-bit little endian unsigned integer
> indexes concatenated with each other. Public keys are those needed to
> spend this output. The leaf hashes are of the leaves which involve this
> public key.
>
>
> |-
> | Taproot Key BIP 32 Derivation Path
> | PSBT_OUT_TAP_BIP32_DERIVATION = 0x07
> | 
> | The 32 byte X-only public key
> |  * <32-bit uint> <32-bit uint>*
>
>
> ___
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
___
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev

Re: [bitcoin-dev] Taproot Fields for PSBT

[Sjors Provoost via bitcoin-dev]

Hi Andrew,

I'm confused why PSBT_IN_TAP_BIP32_DERIVATION and PSBT_OUT_TAP_BIP32_DERIVATION
contain not just the derivation path for the xonlypubkey, but also the tapleaf 
merkle path.

First I thought it was perhaps necessary in order for a signer to guess which
script leaves it can sign with its own keys. But you can't really know that 
without
actually seeing the script. When a signer looks at a script, it presumably 
already
knows the leaf path.

- Sjors

> Op 22 jun. 2021, om 23:22 heeft Andrew Chow via bitcoin-dev 
>  het volgende geschreven:
> 
> Hi All,
> 
> I would like to propose a BIP which defines new fields for Taproot
> support in PSBT.
> 
> The full text is below, and the rendered file can be found at

Now at: https://github.com/bitcoin/bips/blob/master/bip-0174.mediawiki 


> -
> | Taproot Key BIP 32 Derivation Path
> | PSBT_IN_TAP_BIP32_DERIVATION = 0x16
> | 
> | The 32 byte X-only public key
> |  * <32-bit uint> <32-bit uint>*
> | A compact size unsigned integer representing the number of leaf
> hashes, followed by a list of leaf hashes, followed by the master key
> fingerprint concatenated with the derivation path of the public key. The
> derivation path is represented as 32-bit little endian unsigned integer
> indexes concatenated with each other. Public keys are those needed to
> spend this output. The leaf hashes are of the leaves which involve this
> public key.

> |-
> | Taproot Key BIP 32 Derivation Path
> | PSBT_OUT_TAP_BIP32_DERIVATION = 0x07
> | 
> | The 32 byte X-only public key
> |  * <32-bit uint> <32-bit uint>*
> 



signature.asc
Description: Message signed with OpenPGP
___
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev