Re: [bitcoin-dev] Modern Soft Fork Activation

[Jeremy via bitcoin-dev]

It's not at a "directly implementable policy state", but I think you might
be interested in checking out the spork protocol upgrade model I proposed a
while back. https://www.youtube.com/watch?v=J1CP7qbnpqA=youtu.be

It has some interesting properties around the 5 properties you've mentioned.

1) Avoid activating in the face of significant, reasonable, and directed
objection. Period.

Up to miners to orphan spork-activating blocks.

2) Avoid activating within a timeframe which does not make high
node-level-adoption likely.

Mandatory minimum flag day for Spork initiation, statistically
improbable/impossible for even earlier adoption.

3) Don't (needlessly) lose hashpower to un-upgraded miners.

Difficulty adjustments make the missing spork'd block "go away" over time,
the additional difficulty of *not activating* a rejected spork fills in as
an additional PoW.


4) Use hashpower enforcement to de-risk the upgrade process, wherever
possible.

Miners choose to activate or build on activating blocks.

5) Follow the will of the community, irrespective of individuals or
unreasoned objection, but without ever overruling any reasonable
objection.

Honest signalling makes people be forced to "put their money where there
mouth is" on what the community wants.
--
@JeremyRubin 

___
bitcoin-dev mailing list
bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev

Re: [bitcoin-dev] Modern Soft Fork Activation

[Luke Dashjr via bitcoin-dev]

I think BIP 9 is a proven failure, and flag day softforks have their own 
problems:

A) There is no way to unambiguously say "the rules for this chain are 
". It leaves the chain in a kind of "quantum state" where the rules 
could be one thing, or could be another. Until the new rules are violated, we 
do not know if the softfork was a success or not. Because of this, people 
will rightly shy away from relying on the new rules. This problem is made 
worse by the fact that common node policies might not produce blocks which 
violate the rules. If we had gone with BIP149 for Segwit, it is IMO probable 
we would still not have a clear answer today to "Is Segwit active or not?"

B) Because of (A), there is also no clear way to intentionally reject the 
softfork. Those who do not consent to it are effectively compelled to accept 
it anyway. While it is usually possible to craft an opposing softfork, this 
should IMO be well-defined and simple to do (including a plan to do so in any 
BIP9-alike spec).

For these reasons, in 2017, I proposed revising BIP 8 with a mandatory signal, 
similar to how BIP148 worked: https://github.com/bitcoin/bips/pull/550
However, the author of BIP 8 has since vanished, and because we had no 
immediate softfork plans, efforts to move this forward were abandoned 
temporarily. It seems like a good time to resume this work.

In regard to your goal #3, I would like to note that after the mandatory 
signal period, old miners could resume mining unchanged. This means there is 
a temporary loss of hashrate to the network, but I think it is overall better 
than the alternatives. The temporary loss of income from invalid blocks will 
also give affected miners a last push to upgrade, hopefully improving the 
long run security of the network hashrate.

Luke

(P.S. As for your #1, I do think it is oversimplified in some cases, but we 
should leave that for later discussion when it actually becomes relevant.)



On Friday 10 January 2020 21:30:09 Matt Corallo via bitcoin-dev wrote:
> There are a series of soft-fork designs which have recently been making
> good progress towards implementation and future adoption. However, for
> various reasons, activation methods therefor have gotten limited
> discussion. I'd like to reopen that discussion here.
>
> It is likely worth revisiting the goals both for soft forks and their
> activation methods to start. I'm probably missing some, but some basic
> requirements:
>
> 1) Avoid activating in the face of significant, reasonable, and directed
> objection. Period. If someone has a well-accepted, reasonable use of
> Bitcoin that is working today, have no reason to believe wouldn't work
> long into the future without a change, and which would be made
> impossible or significantly more difficult by a change, that change must
> not happen. I certainly hope there is no objection on this point (see
> the last point for an important caveat that I'm sure everyone will jump
> to point out).
>
> 2) Avoid activating within a timeframe which does not make high
> node-level-adoption likely. As with all "node" arguments, I'll note that
> I mean "economically-used" nodes, not the thousand or so spy nodes on
> Google Cloud and AWS. Rule changes don't make sense without nodes
> enforcing them, whether they happen to be a soft fork, hard fork, or a
> blue fork, so activating in a reduced timeframe that doesn't allow for
> large-scale node adoption doesn't have any value, and may cause other
> unintended side effects.
>
> 3) Don't (needlessly) lose hashpower to un-upgraded miners. As a part of
> Bitcoin's security comes from miners, reducing the hashpower of the
> network as a side effect of a rule change is a needless reduction in a
> key security parameter of the network. This is why, in recent history,
> soft forks required 95% of hashpower to indicate that they have upgraded
> and are capable of enforcing the new rules. Further, this is why recent
> soft forks have not included changes which would result in a standard
> Bitcoin Core instance mining invalid-by-new-rules changes (by relying on
> the standardness behavior of Bitcoin Core).
>
> 4) Use hashpower enforcement to de-risk the upgrade process, wherever
> possible. As a corollary of the above, one of the primary reasons we use
> soft forks is that hashpower-based enforcement of rules is an elegant
> way to prevent network splits during the node upgrade process. While it
> does not make sense to invest material value in systems protected by new
> rules until a significant majority of "economic nodes" is enforcing said
> rules, hashpower lets us neatly bridge the gap in time between
> activation and then. By having a supermajority of miners enforce the new
> rules, attempts at violating the new rules does not result in a
> significant network split, disrupting existing users of the system. If
> we aren't going to take advantage of this, we should do a hard fork
> instead, with the necessarily slow timescale that 

Re: [bitcoin-dev] Modern Soft Fork Activation

[Jorge Timón via bitcoin-dev]

I see how your approach doesn't lose goal 3 while "mine" does.
Regarding goal 4, I don't think any of the approaches loses it. "Use
hashpower enforcement to de-risk the upgrade process, wherever
possible".
Well, in the case of activation while there's "many" non upgrade
miners, they simply can't help to reduce upgrade risks unless they
upgrade. It doesn't matter if the activation is silent or with
mandatory signaling. Am I missing something?

>  in order to nudge miners

That's not the goal at all. All my arguments have been focused on
users, not miners.

> If you want to fork yourself off the network, you can do it in easier ways,

Well, it's not that you want to fork yourself off the network, is that
you don't want change X. Ideally change X wouldn't be activated, but
if it is, you prefer to be in a chain without change X.
Let's say we're using your system to deploy change X you oppose for
legitimate reasons.
What easier thing would you do as a user to resist change X with all
other users who also oppose it?

If there are simpler and better ways to do this, great. It's just
something to think about.





On Fri, Jan 10, 2020 at 11:43 PM Matt Corallo  wrote:
>
> I went back and forth with a few folks on this one. I think the fact that we 
> lose goals 3/4 very explicitly in order to nudge miners seems like a poor 
> trade off. I’ll note that your point 2 here seems a bit disconnected to me. 
> If you want to fork yourself off the network, you can do it in easier ways, 
> and if miners want to maliciously censors transactions to the detriment of 
> users, rejecting a version bit doesn’t really help avoid that.
>
> Your point about upgrade warnings is well-made, but I’m dubious of it’s value 
> over the network chaos many large forks might otherwise cause.
>
> Matt
>
> > On Jan 10, 2020, at 17:22, Jorge Timón  wrote:
> >
> > Well, bip9 doesn't only fall apart in case of unreasonable objection,
> > it also fails simply with miners' apathy.
> > Anyway, your proposed plan should take care of that case too, I think.
> > Overall sounds good to me.
> >
> > Regarding bip8-like activation, luke-jr suggested that instead of
> > simply activating on date x if failed to do so by miners' signaling, a
> > consensus rule could require the blocks to signal for activation in
> > the last activation window.
> > I see 2 main advantages for this:
> >
> > 1) Outdated nodes can implement warnings (like in bip9) and they can
> > see those warnings even if it's activated in the last activation
> > window. Of course this can become counterproductive if miners' squat
> > signaling bits for asicboost again.
> >
> > 2) It is easier for users to actively resist a given change they
> > oppose. Instead of requiring signaling, their nodes can be set to
> > ignore chains that activate it. This will result in a fork, but if
> > different groups of users want different things, this is arguably the
> > best behaviour: a "clean" split.
> >
> > I assume many people won't like this, but I really think we should
> > consider how users should ideally resist an unwanted change, even if
> > the proponents had the best intentions in mind, there may be
> > legitimate reasons to resist it that they may not have considered.
> >
> >> On Fri, Jan 10, 2020 at 10:30 PM Matt Corallo via bitcoin-dev
> >>  wrote:
> >>
> >> There are a series of soft-fork designs which have recently been making
> >> good progress towards implementation and future adoption. However, for
> >> various reasons, activation methods therefor have gotten limited
> >> discussion. I'd like to reopen that discussion here.
> >>
> >> It is likely worth revisiting the goals both for soft forks and their
> >> activation methods to start. I'm probably missing some, but some basic
> >> requirements:
> >>
> >> 1) Avoid activating in the face of significant, reasonable, and directed
> >> objection. Period. If someone has a well-accepted, reasonable use of
> >> Bitcoin that is working today, have no reason to believe wouldn't work
> >> long into the future without a change, and which would be made
> >> impossible or significantly more difficult by a change, that change must
> >> not happen. I certainly hope there is no objection on this point (see
> >> the last point for an important caveat that I'm sure everyone will jump
> >> to point out).
> >>
> >> 2) Avoid activating within a timeframe which does not make high
> >> node-level-adoption likely. As with all "node" arguments, I'll note that
> >> I mean "economically-used" nodes, not the thousand or so spy nodes on
> >> Google Cloud and AWS. Rule changes don't make sense without nodes
> >> enforcing them, whether they happen to be a soft fork, hard fork, or a
> >> blue fork, so activating in a reduced timeframe that doesn't allow for
> >> large-scale node adoption doesn't have any value, and may cause other
> >> unintended side effects.
> >>
> >> 3) Don't (needlessly) lose hashpower to un-upgraded miners. As a part of
> >> Bitcoin's security 

Re: [bitcoin-dev] Modern Soft Fork Activation

[Matt Corallo via bitcoin-dev]

I went back and forth with a few folks on this one. I think the fact that we 
lose goals 3/4 very explicitly in order to nudge miners seems like a poor trade 
off. I’ll note that your point 2 here seems a bit disconnected to me. If you 
want to fork yourself off the network, you can do it in easier ways, and if 
miners want to maliciously censors transactions to the detriment of users, 
rejecting a version bit doesn’t really help avoid that.

Your point about upgrade warnings is well-made, but I’m dubious of it’s value 
over the network chaos many large forks might otherwise cause.

Matt

> On Jan 10, 2020, at 17:22, Jorge Timón  wrote:
> 
> Well, bip9 doesn't only fall apart in case of unreasonable objection,
> it also fails simply with miners' apathy.
> Anyway, your proposed plan should take care of that case too, I think.
> Overall sounds good to me.
> 
> Regarding bip8-like activation, luke-jr suggested that instead of
> simply activating on date x if failed to do so by miners' signaling, a
> consensus rule could require the blocks to signal for activation in
> the last activation window.
> I see 2 main advantages for this:
> 
> 1) Outdated nodes can implement warnings (like in bip9) and they can
> see those warnings even if it's activated in the last activation
> window. Of course this can become counterproductive if miners' squat
> signaling bits for asicboost again.
> 
> 2) It is easier for users to actively resist a given change they
> oppose. Instead of requiring signaling, their nodes can be set to
> ignore chains that activate it. This will result in a fork, but if
> different groups of users want different things, this is arguably the
> best behaviour: a "clean" split.
> 
> I assume many people won't like this, but I really think we should
> consider how users should ideally resist an unwanted change, even if
> the proponents had the best intentions in mind, there may be
> legitimate reasons to resist it that they may not have considered.
> 
>> On Fri, Jan 10, 2020 at 10:30 PM Matt Corallo via bitcoin-dev
>>  wrote:
>> 
>> There are a series of soft-fork designs which have recently been making
>> good progress towards implementation and future adoption. However, for
>> various reasons, activation methods therefor have gotten limited
>> discussion. I'd like to reopen that discussion here.
>> 
>> It is likely worth revisiting the goals both for soft forks and their
>> activation methods to start. I'm probably missing some, but some basic
>> requirements:
>> 
>> 1) Avoid activating in the face of significant, reasonable, and directed
>> objection. Period. If someone has a well-accepted, reasonable use of
>> Bitcoin that is working today, have no reason to believe wouldn't work
>> long into the future without a change, and which would be made
>> impossible or significantly more difficult by a change, that change must
>> not happen. I certainly hope there is no objection on this point (see
>> the last point for an important caveat that I'm sure everyone will jump
>> to point out).
>> 
>> 2) Avoid activating within a timeframe which does not make high
>> node-level-adoption likely. As with all "node" arguments, I'll note that
>> I mean "economically-used" nodes, not the thousand or so spy nodes on
>> Google Cloud and AWS. Rule changes don't make sense without nodes
>> enforcing them, whether they happen to be a soft fork, hard fork, or a
>> blue fork, so activating in a reduced timeframe that doesn't allow for
>> large-scale node adoption doesn't have any value, and may cause other
>> unintended side effects.
>> 
>> 3) Don't (needlessly) lose hashpower to un-upgraded miners. As a part of
>> Bitcoin's security comes from miners, reducing the hashpower of the
>> network as a side effect of a rule change is a needless reduction in a
>> key security parameter of the network. This is why, in recent history,
>> soft forks required 95% of hashpower to indicate that they have upgraded
>> and are capable of enforcing the new rules. Further, this is why recent
>> soft forks have not included changes which would result in a standard
>> Bitcoin Core instance mining invalid-by-new-rules changes (by relying on
>> the standardness behavior of Bitcoin Core).
>> 
>> 4) Use hashpower enforcement to de-risk the upgrade process, wherever
>> possible. As a corollary of the above, one of the primary reasons we use
>> soft forks is that hashpower-based enforcement of rules is an elegant
>> way to prevent network splits during the node upgrade process. While it
>> does not make sense to invest material value in systems protected by new
>> rules until a significant majority of "economic nodes" is enforcing said
>> rules, hashpower lets us neatly bridge the gap in time between
>> activation and then. By having a supermajority of miners enforce the new
>> rules, attempts at violating the new rules does not result in a
>> significant network split, disrupting existing users of the system. If
>> we aren't going to take 

Re: [bitcoin-dev] Modern Soft Fork Activation

[Jorge Timón via bitcoin-dev]

Well, bip9 doesn't only fall apart in case of unreasonable objection,
it also fails simply with miners' apathy.
Anyway, your proposed plan should take care of that case too, I think.
Overall sounds good to me.

Regarding bip8-like activation, luke-jr suggested that instead of
simply activating on date x if failed to do so by miners' signaling, a
consensus rule could require the blocks to signal for activation in
the last activation window.
I see 2 main advantages for this:

1) Outdated nodes can implement warnings (like in bip9) and they can
see those warnings even if it's activated in the last activation
window. Of course this can become counterproductive if miners' squat
signaling bits for asicboost again.

2) It is easier for users to actively resist a given change they
oppose. Instead of requiring signaling, their nodes can be set to
ignore chains that activate it. This will result in a fork, but if
different groups of users want different things, this is arguably the
best behaviour: a "clean" split.

I assume many people won't like this, but I really think we should
consider how users should ideally resist an unwanted change, even if
the proponents had the best intentions in mind, there may be
legitimate reasons to resist it that they may not have considered.

On Fri, Jan 10, 2020 at 10:30 PM Matt Corallo via bitcoin-dev
 wrote:
>
> There are a series of soft-fork designs which have recently been making
> good progress towards implementation and future adoption. However, for
> various reasons, activation methods therefor have gotten limited
> discussion. I'd like to reopen that discussion here.
>
> It is likely worth revisiting the goals both for soft forks and their
> activation methods to start. I'm probably missing some, but some basic
> requirements:
>
> 1) Avoid activating in the face of significant, reasonable, and directed
> objection. Period. If someone has a well-accepted, reasonable use of
> Bitcoin that is working today, have no reason to believe wouldn't work
> long into the future without a change, and which would be made
> impossible or significantly more difficult by a change, that change must
> not happen. I certainly hope there is no objection on this point (see
> the last point for an important caveat that I'm sure everyone will jump
> to point out).
>
> 2) Avoid activating within a timeframe which does not make high
> node-level-adoption likely. As with all "node" arguments, I'll note that
> I mean "economically-used" nodes, not the thousand or so spy nodes on
> Google Cloud and AWS. Rule changes don't make sense without nodes
> enforcing them, whether they happen to be a soft fork, hard fork, or a
> blue fork, so activating in a reduced timeframe that doesn't allow for
> large-scale node adoption doesn't have any value, and may cause other
> unintended side effects.
>
> 3) Don't (needlessly) lose hashpower to un-upgraded miners. As a part of
> Bitcoin's security comes from miners, reducing the hashpower of the
> network as a side effect of a rule change is a needless reduction in a
> key security parameter of the network. This is why, in recent history,
> soft forks required 95% of hashpower to indicate that they have upgraded
> and are capable of enforcing the new rules. Further, this is why recent
> soft forks have not included changes which would result in a standard
> Bitcoin Core instance mining invalid-by-new-rules changes (by relying on
> the standardness behavior of Bitcoin Core).
>
> 4) Use hashpower enforcement to de-risk the upgrade process, wherever
> possible. As a corollary of the above, one of the primary reasons we use
> soft forks is that hashpower-based enforcement of rules is an elegant
> way to prevent network splits during the node upgrade process. While it
> does not make sense to invest material value in systems protected by new
> rules until a significant majority of "economic nodes" is enforcing said
> rules, hashpower lets us neatly bridge the gap in time between
> activation and then. By having a supermajority of miners enforce the new
> rules, attempts at violating the new rules does not result in a
> significant network split, disrupting existing users of the system. If
> we aren't going to take advantage of this, we should do a hard fork
> instead, with the necessarily slow timescale that entails.
>
> 5) Follow the will of the community, irrespective of individuals or
> unreasoned objection, but without ever overruling any reasonable
> objection. Recent history also includes "objection" to soft forks in the
> form of "this is bad because it doesn't fix a different problem I want
> fixed ASAP". I don't think anyone would argue this qualifies as a
> reasonable objection to a change, and we should be in a place, as a
> community (never as developers or purely one group), to ignore such
> objections and make forward progress in spite of them. We don't make
> good engineering decisions by "bundling" unrelated features together to
> enable political 

[bitcoin-dev] Modern Soft Fork Activation

[Matt Corallo via bitcoin-dev]

There are a series of soft-fork designs which have recently been making
good progress towards implementation and future adoption. However, for
various reasons, activation methods therefor have gotten limited
discussion. I'd like to reopen that discussion here.

It is likely worth revisiting the goals both for soft forks and their
activation methods to start. I'm probably missing some, but some basic
requirements:

1) Avoid activating in the face of significant, reasonable, and directed
objection. Period. If someone has a well-accepted, reasonable use of
Bitcoin that is working today, have no reason to believe wouldn't work
long into the future without a change, and which would be made
impossible or significantly more difficult by a change, that change must
not happen. I certainly hope there is no objection on this point (see
the last point for an important caveat that I'm sure everyone will jump
to point out).

2) Avoid activating within a timeframe which does not make high
node-level-adoption likely. As with all "node" arguments, I'll note that
I mean "economically-used" nodes, not the thousand or so spy nodes on
Google Cloud and AWS. Rule changes don't make sense without nodes
enforcing them, whether they happen to be a soft fork, hard fork, or a
blue fork, so activating in a reduced timeframe that doesn't allow for
large-scale node adoption doesn't have any value, and may cause other
unintended side effects.

3) Don't (needlessly) lose hashpower to un-upgraded miners. As a part of
Bitcoin's security comes from miners, reducing the hashpower of the
network as a side effect of a rule change is a needless reduction in a
key security parameter of the network. This is why, in recent history,
soft forks required 95% of hashpower to indicate that they have upgraded
and are capable of enforcing the new rules. Further, this is why recent
soft forks have not included changes which would result in a standard
Bitcoin Core instance mining invalid-by-new-rules changes (by relying on
the standardness behavior of Bitcoin Core).

4) Use hashpower enforcement to de-risk the upgrade process, wherever
possible. As a corollary of the above, one of the primary reasons we use
soft forks is that hashpower-based enforcement of rules is an elegant
way to prevent network splits during the node upgrade process. While it
does not make sense to invest material value in systems protected by new
rules until a significant majority of "economic nodes" is enforcing said
rules, hashpower lets us neatly bridge the gap in time between
activation and then. By having a supermajority of miners enforce the new
rules, attempts at violating the new rules does not result in a
significant network split, disrupting existing users of the system. If
we aren't going to take advantage of this, we should do a hard fork
instead, with the necessarily slow timescale that entails.

5) Follow the will of the community, irrespective of individuals or
unreasoned objection, but without ever overruling any reasonable
objection. Recent history also includes "objection" to soft forks in the
form of "this is bad because it doesn't fix a different problem I want
fixed ASAP". I don't think anyone would argue this qualifies as a
reasonable objection to a change, and we should be in a place, as a
community (never as developers or purely one group), to ignore such
objections and make forward progress in spite of them. We don't make
good engineering decisions by "bundling" unrelated features together to
enable political football and compromise.

I think BIP 9 (plus a well-crafted softfork) pretty effectively checks
the boxes for #2-4 here, and when done carefully with lots of community
engagement and measurement, can effectively fulfill #1 as well. #5 is,
as I'm sure everyone is aware, where it starts to fall down pretty hard.

BIP 8 has been proposed as an alternative, largely in response to issues
with #5. However, a naive deployment of it, rather obviously, completely
fails #1, #3, and #4, and, in my view, fails #5 as well by both giving
an impression of, setting a precedent of, and possibly even in practice
increasing the ability of developers to decide the consensus rules of
the system. A BIP 8 deployment that more accurately measures community
support as a prerequisite could arguably fulfill #1 and #5, though I'm
unaware of any concrete proposals on how to accomplish that. Arguably, a
significantly longer activation window could also allow BIP 8 to fulfill
#3 and #4, but only by exploiting the "needlessly" and "wherever
possible" loopholes.

You may note that, from the point of view of achieving the critical
goals here, BIP 8 is only different from a flag-day activation in that,
if it takes the "happy-path" of activating before the flag day, it looks
like BIP 9, but isn't guaranteed to. It additionally has the
"nice-to-have" property that activation can occur before the flag-day in
the case of faster miner adoption, though there is a limit of how fast
is useful due