Gregory Maxwell,

Criticizing 148 without suggesting a specific alternative leaves the community in disarray.

I know you are emphasizing patience. But at the same time, with your patience we are allowing ourselves to get dicked for longer than necessary.

I think that core could easily develop code that could create a solid/reliable date/height based activation to allow miners to create SegWit block candidates and having nodes fully verify them. Shaolinfry is the only person Ive seen actually make such a proposal: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-April/014049.html. His makes it so that SegWit default gets activated at the end of the BIP9 signalling timeframe instead of default leaving it non-activated.

I agree that 148 is is not ideal. Non-SegWit signaling blocks are not a Denial of Service, given that other activation methods are available. Someone just needs to code something up that is better that we can all use in a satisfying time frame. So far 148 is the most practical and reliable method I'm aware of.

If 148 causes orphaning and a fork, I don't think such really matters in the long term. The non-SegWit miners will probably just quickly give up their orphans once they realize that money users like being able to have non-mutable TX IDs. If they do create a long lasting branch... well that is good too, I'd be happy to no longer have them in our community. Good luck to them in creating a competitive money, so that we can all enjoy lower transaction fees.

SegWit has already undergone enough testing. It is time to activate it.

Cheers,
Praxeology Guy

On Friday, 14 April 2017 09:56:31 CEST Gregory Maxwell via bitcoin-dev
This is false,

a segwit transaction to the miner you describe is an "everyone can spend"
transaction, and as such a miner that does not validate the segregated area
in a post-segwit world will be able to create blocks that will not validate
for segwit miners by including a transaction that spends a SW tx.

This would then lead to a chain-fork as the SW miners reject it and the non-
SW miners continue to mine on it.

I'm assuming that you're referring to the flag date "segwit is on now"
approach. This is more dangerous than the orphaning approach that BIP148
uses.

If we orphan non-signalling blocks on the flag date and don't have
majority hash power supporting us, there will be a chain split on the
flag day. We expect this to happen, we plan for it, and we employ
strategies to mitigate any damage. The bulk of the economy has
coordinated around this event happening. We even had the opportunity to
pull the plug before the flag date if things were looking too grim.

After the dust settles, 100% of the miners are guaranteed to have
upgraded, assuming they didn't choose to forgo 2+ weeks of income. Any
further chain splits would have to be the result of deliberate action by
51%+ of the mining power.

If we just have segwit activate on the flag date without orphaning the
blocks of non-segwit miners, we set ourselves up for a chain split at
some unknown time in the future. Without majority hash power on our
side, as soon as someone mines a segwit-invalid transaction, the chain
will split, with upgraded nodes and miners on one side, and non-upgraded
nodes and miners on the other side. The segwit-invalid transaction
doesn't even need to come from someone with their own mining equipment.
Open a short on BTC, rent some hash power, profit.

Since we don't know when this attack will occur, we won't be organized
and ready for it. It's also easy for both miners and users to get
complacent about it and fail to upgrade. The damage will be far worse
than if we had used the orphaning approach.
Punitive action against miners is not the point of BIP148, it's an
unavoidable side-effect of making the UASF less disruptive for the users
of Bitcoin. Minimizing disruption for users must take priority over
minimizing disruption for miners. Given the intensity of this dispute
and the bad faith of certain actors, some schadenfreude is bound to
occur. Don't let that distract you from the actual reasons that BIP148
is designed the way it is.
I respect this perspective, and I agree with it to a certain extent.
However, continuing to wait has costs. I do not believe we have the
luxury of continuing to wait for a couple more years. In doing so it's
entirely possible that we may damage our reputation for stability and
integrity rather than build on it.

We have a window of opportunity with BIP148, and it would be a waste not
to act on it. In the event that we still lack sufficient support by
July, we can abandon the project, and make plans for how best to proceed
from there.

and we should respect it by knowing that it's good enough to wait for,
and for however its activated to be done the best way we know how.

Regarding this last point I was under the impression that if Segwit did not
activate by November then core was going to move on, is that no longer the
case, does the core team plan on trying to activate Segwit in some other
way?

I am also curious, but has there been a softfork, hardfork, or other major
census change that was not rolled out and done by the core team? I only
mention this because BIP148, if it goes ahead (and is successful), would be
the first time a consensus change occurs outside of the core developers --
but again I am not an expert on the history of changes and could be wrong,
I only bring this up because core developers have in the past stressed they
are a part of the bitcoin ecosystem and not the drivers of it (at least
that is the ideal it seems).

My impression is that the community is ready for this and wants it, and if
that impression is correct it will go ahead. No one knows the future, and
simply assuming it's better to be slow and methodical isn't especially
convincing. Technology is in someways the history of failure, we like to
celebrate the seemingly sudden breakthroughs and successes but it's rare
that the original innovator retains a monopoly on their invention, more
often it becomes quickly refined and iterated upon as market forces take
hold to bring costs down and other external political issues
take precedence, all this is say that in ten years everyone could be
chuckling over the 3 year bitcoin scaling debate, or they could be using
litecoin, or ethereum or some other crypto coin, or something entirely
different, no one knows.

On Fri, Apr 14, 2017 at 3:56 AM, Gregory Maxwell via bitcoin-dev <

Hello,

It is hard for me to come out disagreeing with Maxwell, however in this case I feel I must.

As many may remember, there was quite some controversy about the BIP16 vs BIP 17 split; the main argument for BIP16 was the urgency of P2SH, and how this was the already “tested and proven to work” solution.

I was one of the man hold-out supporters of BIP17, not for any clear reason (I now have a much better technical understanding of the Bitcoin technical details, as we all do); But because it was the ‘more elegant’ solution. I knew from other fields of engineering that elegant solutions very often better deal with the ‘unknown, unknowns’. I also didn’t agree with Gavin’s ‘the sky is falling’ sense of urgency.

However, of-course the community got behind BIP16, it was activated, fortunately, without any signifiant incident.

I did learn that in Bitcoin there is something more valuable than technical elegance: that is community buy-in. On the technical side, the engineers need to make sure the solutions are viable: however on the community side we need to make sure that the good solutions are adopted in a reasonable timeframe.

It is both my empirical view and heart-felt belief that the wider Bitcoin Community wants SegWit quickly. In this case the sacrifice of some technical elegance and correctness for expediency is prudent!

It is my unfortunate view that Maxwell is missing the political forest for the technical trees. Not only is SegWit a technical solution to technical problems; it has come to represent, by the larger Bitcoin Community, a political solution to the conflict that we are waist-deep in every, single, day.

BIP 148 is out terms of peace. The Bitcoin Community is tired-to-death of this war and wants a resolution swiftly. BIP 148 proves a outlet, and in Maxwell words: “...almost guarantees at a minor level of disruption.”.

I am willing to go through this minor level of disruption, as the daily disruption from the “scaling debate war”; in my personal online life, is far greater.

SegWit is a exceptional feat of engineering, it solves and mitigates so many small and highly subtle issues within Bitcoin; yet still managed to be simple enough successfully reviewed: now the community is clearly calling for a quick activation of the ‘viable’ technical choice.

If you/we are going to provide any engineering solution to activating SegWit, then Swiftness should be the 1st priority after viability.

BIP 148 is both Swift and Viable.

Cameron.

Greg,

If I understand correctly, the crux of your argument against BIP148 is that
it requires the segwit BIP9 activation flag to be set in every block after
Aug 1st, until segwit activates. This will cause miners which have not
upgrade and indicated support for BIP141 (the segwit BIP) to find their
blocks ignored by UASF nodes, at least for the month or two it takes to
activate segwit.

Isn't this however the entire point of BIP148? I understand if you object
to this, but let's be clear that this is a design requirement of the
proposal, not a technical oversight. The alternative you present (new BIP
bit) has the clear downside of not triggering BIP141 activation, and
therefore not enabling the new consensus rules on already deployed full
nodes. BIP148 is making an explicit choice to favor dragging along those
users which have upgraded to BIP141 support over those miners who have
failed to upgrade.

On an aside, I'm somewhat disappointed that you have decided to make a
public statement against the UASF proposal. Not because we disagree -- that
is fine -- but because any UASF must be a grassroots effort and
endorsements (or denouncements) detract from that.

Mark Friedenbach

Dear Greg,

Thank you for taking the time to review the BIP148 proposal.

I agree with much of your thoughts. I originally started working on a generalized way to deploy user activated soft forks, in a way that leveraged BIP9 to allow for optional faster MASF activation. BIP148 came about as a way to satify many people's frustrations about the current segwit activation. I have said several times in various places that the proposal requires a very high amount of consensus that needs to be present to make actual deployment feasible. BIP148 is certainly not what a normal UASF would or should look like.

I remain convinced the community very much wants segwit activated and that the UASF movement in general has gained a lot of traction. While support for BIP148 is surprisingly high, there are definitely important players who support UASF in general but do not like BIP148 approach (which you rightly point out is a UASF to force a MASF).

In any case, I have been working on various iterations for generalized deployment of soft forks. My latest iteration adds a simple flag to a BIP9 deployment so the deployment will transition to LOCKED_IN at timeout if the deployment hasnt already activated or locked in by then. This is nice because it allows for a long deployment of a soft fork, giving the ecosystem plenty time to upgrade with an effective flagday at the end of the timeout. The hash power can still optionally activate earlier under MASF.

BIP8 (was uaversionbits) can be seen here https://github.com/bitcoin/bips/blob/master/bip-0008.mediawiki

With BIP8 we could perform a UASF segwit deployment. Due to some complexities in the peering logic, I recommend a new deployment with a fresh bit that starts right after November 15th (when BIP9 segwit timesout) with a BIP8 timeout for April 2018. The code can deployed much earlier. For example if code was deployed today, it would give the economy a year to upgrade. Activation could still occur safely by MASF any time from now until April 2018 (SEGWIT until Nov, then UASEGWIT from Nov until April 2018).

I am still working on the finer implementation details, but you can see a rough draft from this diff (which includes BIP8 in the first commit, and the proposed bip-segwit-uasf in the second commit).

https://github.com/bitcoin/bitcoin/compare/master...shaolinfry:uasegwit-flagday

I believe this approach would satisfy the more measured approach expected for Bitcoin and does not have the issues you brought up about BIP148.

I do not support the BIP148 UASF for some of the same reasons that I
do support segwit: Bitcoin is valuable in part because it has high
security and stability, segwit was carefully designed to support and
amplify that engineering integrity that people can count on now and
into the future.

I do not feel the the approach proposed in BIP148 really measures up
to the standard set by segwit itself, or the existing best practices
in protocol development in this community.

The primary flaw in BIP148 is that by forcing the activation of the
existing (non-UASF segwit) nodes it almost guarantees at a minor level
of disruption.

Segwit was carefully engineered so that older unmodified miners could
continue operating _completely_ without interruption after segwit
activates.

Older nodes will not include segwit spends, and so their blocks will
not be invalid even if they do not have segwit support. They can
upgrade to it on their own schedule. The only risk non-participating
miners take after segwit activation is that if someone else mines an
invalid block they would extend it, a risk many miners already
frequently take with spy-mining.

I do not think it is a horrible proposal: it is better engineered than
many things that many altcoins do, but just not up to our normal
standards. I respect the motivations of the authors of BIP 148. If
your goal is the fastest possible segwit activation then it is very
useful to exploit the >80% of existing nodes that already support the
original version of segwit.

But the fastest support should not be our goal, as a community-- there
is always some reckless altcoin or centralized system that can support
something faster than we can-- trying to match that would only erode
our distinguishing value in being well engineered and stable.

"First do no harm." We should use the least disruptive mechanisms
available, and the BIP148 proposal does not meet that test. To hear
some people-- non-developers on reddit and such-- a few even see the
forced orphaning of 148 as a virtue, that it's punitive for
misbehaving miners. I could not not disagree with that perspective any
more strongly.

Of course, I do not oppose the general concept of a UASF but
_generally_ a soft-fork (of any kind) does not need to risk disruption
of mining, just as segwit's activation does not. UASF are the
original kind of soft-fork and were the only kind of fork practiced by
Satoshi. P2SH was activated based on a date, and all prior ones were
based on times or heights. We introduced miner based activation as
part of a process of making Bitcoin more stable in the common case
where the ecosystem is all in harmony. It's kind of weird to see UASF
portrayed as something new.

It's important the users not be at the mercy of any one part of the
ecosystem to the extent that we can avoid it-- be it developers,
exchanges, chat forums, or mining hardware makers. Ultimately the
rules of Bitcoin work because they're enforced by the users
collectively-- that is what makes Bitcoin Bitcoin, it's what makes it
something people can count on: the rules aren't easy to just change.

There have been some other UASF proposals that avoid the forced
disruption-- by just defining a new witness bit and allowing
non-upgraded-to-uasf miners and nodes to continue as non-upgraded, I
think they are vastly superior. They would be slower to deploy, but I
do not think that is a flaw.

We should have patience. Bitcoin is a system that should last for all
ages and power mankind for a long time-- ten years from now a couple
years of dispute will seem like nothing. But the reputation we earn
for stability and integrity, for being a system of money people can
count on will mean everything.

If these discussions come up, they'll come up in the form of reminding
people that Bitcoin isn't easily changed at a whim, even when the
whims are obviously good, and how that protects it from being managed
like all the competing systems of money that the world used to use
were managed. :)

So have patience, don't take short cuts. Segwit is a good improvement
and we should respect it by knowing that it's good enough to wait for,
and for however its activated to be done the best way we know how.

I also do not support the BIP 148 UASF, and I'd like to add to the points
that Greg has already raised in this thread.

BIP 148 would introduce a new consensus rule that softforks out non-segwit
signalling blocks in some time period. I reject this consensus rule as
both arbitrary and needlessly disruptive. Bitcoin's primary purpose is to
reach consensus on the state of a shared ledger, and even though I think
the Bitcoin network ought to adopt segwit, I don't think that concern
trumps the goal of not splitting the network.

Many BIP 148 advocates seem to start with the assumption that segwit
already has a lot of support, and suggest that BIP 148 does as well.
However I don't think it's fair or correct to separate the activation
proposal for segwit from the rest of the segwit proposal. The deployment
parameters for segwit are consensus-critical; assuming that some other
deployment has consensus because it would result in the rest of the segwit
proposal activating is an unjustified leap.

Even if there were no feasible alternate segwit deployment method available
to us, I would hesitate to recommend that the network adopt a potentially
consensus-splitting approach, even though I firmly believe that the ideas
behind segwit are fundamentally good ones. But fortunately that is not the
situation we are in; we have substantially less disruptive methods
available to us to activate it, even if the current BIP 9 deployment were
to fail -- such as another BIP 9 deployment in the future, or perhaps a BIP
149 deployment.

If we do pursue a "user-activated" deployment of segwit, I'd recommend that
we do so in a more careful way than BIP 148 or 149 currently suggest, which
as I understand would otherwise make very few changes to the current
implementation. However, due to the BIP 9 activation assumption, the
Bitcoin Core 0.13.1 - 0.14.0 segwit implementation largely lumps together
the idea that miners would both enforce the rules and mine segwit blocks.
However, we can separate these concerns, as we started to do in the Bitcoin
Core 0.14.1 release, where mining segwit blocks is not required in order to
generally mine or signal for segwit in the software. And we can go further
still: without too much work, we could make further improvements to
accommodate miners who, for whatever reason, don't want to upgrade their
systems, such as by improving block relay from pre-segwit peers [1], or
optimizing transaction selection for miners who are willing to enforce the
segwit rules but haven't upgraded their systems to mine segwit blocks [2].

If we would seek to activate a soft-fork with less clear miner signaling
(such as BIP 149), then I think such improvements are warranted to minimize
network disruption. In general, we should not seek to censor hashpower on
the network unless we have a very important reason for doing so. While the
issues here are nuanced, if I were to evaluate the BIP 148 soft-fork
proposal on the spectrum of "censorship attack on Bitcoin" to "benign
protocol upgrade", BIP 148 strikes me as closer to the former than the
latter. There is simply no need here to orphan these non-signalling blocks
that could otherwise be used to secure the network.

To go further: I think BIP 148 is ill-conceived even for achieving its own
presumed goals -- the motivation for adding a consensus rule that applies
to the version bits on blocks is surely for the effect such bits have on
older software, such as Bitcoin Core releases 0.13.1 and later. Yet in
trying to bring those implementations along as segwit-enforcing software,
BIP 148 would risk forking from such clients in the short term! If one
really cared about maintaining consensus with older, segwit-enabled
software, it would make far more sense to seek segwit activation in a way
that didn't fork from them (such as BIP 149, or a new BIP 9 deployment
after this one times out). And if one doesn't care about such consensus,
then it'd be far simpler to just set (e.g.) August 1 as the flag day
activation of segwit, and not play these contortionist games with block
version bits, which carry no useful or intrinsic meaning. Either of these
two approaches should have the advantage of reduced fork risk, compared
with BIP 148.

Of course, everyone is free to run the software of their choosing. I write
this to both generally convey my opposition to a careless proposal, which I
believe represents a way of thinking that is detrimental to Bitcoin's long
run success, and specifically explain why I oppose inclusion of this
proposal in the Bitcoin Core implementation [3]. The Bitcoin Core project
hasn't been, and shouldn't be, careless in deploying consensus changes.
Instead, I think the Bitcoin Core project ought to stand up for the best
practices that our community has learned about how to deploy such changes
(specifically for minimizing chain-split risk when deploying a soft fork!),
and I think we should all avoid adoption or encouragement of practices that
would depart from the high standards we are capable of achieving.


[1] https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017
-March/013811.html
[2] https://github.com/bitcoin/bitcoin/pull/9955
[3] https://github.com/bitcoin/bitcoin/pull/10428#issuecomment-303098925


--Suhas Daftuar


On Fri, Apr 14, 2017 at 3:56 AM, Gregory Maxwell via bitcoin-dev <