...snip...
I can't tell if you are trolling me or not. We really do get forks every few days. Here is a list of roughly half of them over the last few months. http://blockexplorer.com/q/reorglog. And the problem isn't that free transactions aren't being included in blocks, the problems is that no transactions are being included in blocks. |
|
|
|
Seems like a bad idea. There's going to be a lot of wasted work if half the miners are working on a different block. You will effectively halve the total network hashrate and make it that much easier to 51% the network. Plus if X+1 and Y+1 are found around the same time, it gets worse. This also makes it easier for some to try to double spend their coins.
Probably best to keep things as they are and things will sort themselves out as designed.
We get network splits all the time. And good miners would have an incentive to build off of the blocks other good miners, so the forks would rarely be anything near 50/50. And most importantly, this gives the antisocial miners powerful incentives to become good miners, without waiting for however many years it takes for fees and subsidies to do that automatically. |
|
|
|
Method b) Nodes invidually determine which nodes are invalid (seems to be the method advocated by kjj )
The problem is that at any moment in time your node my not see every transaction. This is important: CHAIN SELECTION BY NODES IS DETERMINISTIC AND MUST ALWAYS BE TO AVOID FATAL FORKS. Now matter how a node is made aware of a block, how delayed, or what other data it has at the time it currently always picks the same chain. This keeps the entire network operating on the same chain and avoids fatal forks (forks which can't be re-organized by simply allowing dominant chain to grow longer).
If nodes determine which block is valid based on information it has (which may be incomplete) then it is possible (actually very probable given enough time) that some nodes will consider block X valid and some consider block X invalid. Deterministic chain selection is now fatally broken. Once a node considers a block invalid it won't change its mind and thus any blocks built on it also become valid. The two fragments keep diverging. Forks will build upon forks upon forks until the network a fragmented mess of sub networks each with a different view of the current coin balances. An attacker could exploit this fact by broadcasting transactions (not in the block it just mined) selectively right before broadcasting the block to ensure some nodes will consider a block valid and some not. Even without malicious intent the network would destroy itself if chain selection isn't deterministic.
It is a non-issue. Over time transaction fees will make up a larger and larger share of the revenue a miner needs to stay profitable.
You've added a number of assumptions. The biggest one is that you assume that block rejection is permanent. Taking out just that one added assumption, and the system works again. If my node has block X, and another block comes in (call it Y) that has the hash of block X-1 in it, that new block is rejected. Unless when block Y+1 comes in and has the hash of block Y in it instead of X. When that happens, block X is tossed out, and block Y gets unrejected. In this case, if block Y+1 meets the acceptance criteria, block Y becomes valid, even though I didn't like it when I first saw it. However, if block Y+1 is also an antisocial block, they both remain on the lonely pile until a good miner builds on top of it, or until the X chain grows longer than the Y chain, making the issue moot. There may be holes in my idea, but I don't believe that this is one. 16 or 20 years from now, when the subsidy has dropped and hopefully the fees have increased, this may be a non-issue. But today, it is a real issue. We are paying full price for these blocks, but only getting part of the value. For the record, I have no problem with botnets contributing to bitcoin, as far as bitcoin is concerned (i.e. ignoring the moral issues of theft of service or whatever you want to call it), as long as they are contributing to the security of both past and present transactions. |
|
|
|
Perhaps services will spring up that maintain lists. The more accurate ones will largely agree with each other, inaccurate ones or ones not kept up to date will fall by the wayside. Feedback loops can be introduced for those who feel their coins are wrongly listed. In all cases the lists should be advisory with specific reasons posted for each entry, with the end user deciding whether or not they want to use the data. I have no intention of runnning such a service, but I am positive someone can make a working business model. After that, let the market decide. Will people try to spam/abuse such services? Absolutely. That's why the good ones that can effectively filter and correctly identify suspect transactions will succeed, and the other ones will fail.
Yes. Because that is exactly how it worked when the spam fighters had the exact same idea.  |
|
|
|
Did you all choose sf.net for mailing list because no one likes it? I'm not clear on the technical details of this but from a higher-level view it seems that the devs should, if not already, think about how to push updates out. i.e. decentralize the software
I'm not sure how to do what I'm getting at but having everyone update, in the way that's needed to implement this change, isn't going to scale into the future.
Has this been discussed already? Some kind of enforcement that would prevent unsupported software access to the network? Am I making any sense at all?
I realize pushing updates out automatically would be unpopular so another model would be needed. Not sure what model would work.
The people that need to update to make the change stick network-wide are already aware of this, and have committed to updating their nodes. See the second post. The way this has been handled is appropriate for the problem at hand and the network of today. When either of those are different, different methods will be (have been) used to update things. Getting more than half of the hashing power onboard is all that is needed for this fix, and that is already done. The fix does open a tiny sliver of a window of vulnerability where people who are doing things that they know they should not be doing might be at a slight risk if an attacker expends great effort for no gain. The people that want to eliminate that tiny risk and keep being irresponsible have the option to upgrade. Also, from your other (crazier) post, github has a copy of the bitcoin source, but the developers collectively have the bitcoin source. |
|
|
|
|
The idea has floated several times to reject blocks that don't contain at least some portion of the transactions that you node is aware of. Might be time to reconsider it
Of course, it wouldn't be anything as simple as "reject empty blocks" or "reject blocks with less than X transactions". Those won't work.
It will need to be more like "I see 100 pending transactions that are valid and should be included in the next block. This block I just got from the network contains less than 25% of them, so I will reject it." There will probably need to be a threshold too, like "I only see 10 pending transactions, and that isn't enough to enforce a minimum number on this incoming block, so I will accept it, even though it has none".
As a first guess, I would say that a threshold of 10 or 20 and a fraction of 1/4 to 1/2 would work well.
|
|
|
|
A technical question - why the patch does not simply discard the block with the duplicate hash, regardless of its contents?
That is basically what happens: a block with a duplicate transaction will become invalid, and thus will be ignored. EDIT: obviously, this does not happen to blocks with existing duplicate transactions, as that would require invalidating the entire chain since then. I understand the "IF NEWER THAN SOMEDATE" in code, this is to prevent invalidating the entire chain since when first duplicate transaction appeared. But, with this date switch implemented, why to check for spent/unspent transactions, instead of simply comparing the hash against all previous (just for blocks after the switch)? It has been known for quite a while that a new coinbase with the same hash as an old coinbase was possible and not handled at all. But since they are referenced by their (identical) hashes, there was no way to specify which one you meant to redeem, so redeeming one would redeem all of them. This is not in any way a security problem, and can only be used to lose money. There are faster and easier ways to lose money. What was only recently discovered was that if you spend a coinbase, and then generate another identical one, you can then spend the second one too. Spending a transaction doesn't mark that hash invalid for all time, it just removes it from the list of unspent transactions. Another one can show up and be accepted. This is, again, not a security problem, and doesn't, by itself, make it possible for people to lose coins unintentionally. The list of all used transactions isn't readily available, and once pruning shows up, it might not even exist at all. So, it only makes sense to compare the new coinbase to the list of transaction hashes that are unspent at the time, which aren't subject to pruning. This also preserves the old behavior of being able to generate and spend multiple identical coinbases, so long as they are spent before the next one shows up. And finally, it gives us a really short and simple patch, that anyone can read and understand without having to worry that a new side effect has snuck in. |
|
|
|
No, no, you're right - when I can I join your anti-bathtub campaign? After all, if 0.000005% of the children in the US die in drowning deaths happen every year, we MUST take bathtubs away from everyone to prevent "stupid parents" from letting their children drown. And let's take them away from people who aren't parents while we're at it. "If it saves one child..."
I don’t need a gun – police need a gun and get the proper training and psych tests to carry one. I don’t even need a bathtub. I’ll make you a deal I’ll give up bathtubs if you give up guns. I can take a sponge bath and you can just knife somebody. Ok Look I’m not going to do this anymore. I’ve said we are not going to convince each other. Training? Psych tests? LOL. |
|
|
|
|
Section 4.3 of the Xavier paper makes me wonder if they've read any of my many posts about setting an exponential difficulty function for reorgs.
|
|
|
|
I'd even go so far to say that each new version should have to at least double the fees of the previous one, with the initial/timelocked transaction having a set minimum fee (or a percentage fee, even). That increases the cost of multiple versions very rapidly while keeping the normal use case of a single replacement cheap. But that isn't the normal use case. That is merely a normal use case. Doubling fees with every replacement would certainly turn it into the only possible normal use case. |
|
|
|
It is because of my low hashing power. If you have a sufficiently high hashing frequency you will get a portion of every donation. For loower frequencies it is supposed to be a chance function. Forrest showed me in this thread. So either I'm unlucky or the function is broken. Here is the post Okay, then how come I didn't receive any? (see previous link for the address I use to mine)
Do you see your address in the output of: http://forre.st:9332/patron_sendmany?total=1How about in the output of: http://forre.st:9332/patron_sendmany?total=10000If you address is in the second one but not the first one, then I believe that is because of the small miner lottery. In order to prevent lots of tiny payments, the donation code takes all the people who would have received only a very small donation payment, adds up all those payments, and awards the entire amount to one of those small miners randomly. "Small Miner" depends on the size of the donation. If someone is donating 1 BTC at a time and the pool hashrate is 200GH/s, and the small payment cutoff is 0.01, then you have to have approx 2GH/s to not fall into the "small miner" bucket. If someone donates 10 BTC in one fell swoop, then you only need to have 200 MH/s in order to be above the 0.01 payment cutoff. P.S. The default cutoff is 0.01, but people doing donation can choose a different one by adding it to the URL with a '/'. For example, here is a 1 BTC donation with a 0.001 cutoff instead: http://forre.st:9332/patron_sendmany?total=1/0.001But the function no longer seems to work The URL format was changed. It was in this thread a couple of times, but tends to get lost in the flow. Try this: http://forre.st:9332/patron_sendmany/1/0.001 |
|
|
|
Someone exploited the fact that BIP 16 isn't active to steal 0.004 BTC from someone who tried to use it. rc1 is enforcing BIP 16 unless you use -pushtoscripthashtime (see some other thread for what to set it to). In short, this problem is because 0.6.0rc* includes BIP 16 support before it is accepted by the Bitcoin network (as an attempt to force BIP 16 despite objections).
Disclaimer: BIP 17 would have the same problem if it were included in the client before network acceptance.
Got it. This thread. It appears to be correct in rc2, but if there is another delay (unlikely), we'll need to adjust again. -paytoscripthashtime=1333238400
|
|
|
|
|
Hmm. I think I need to sit down and read everything again when I have time to be more thorough. I'm not doing a very good job of keeping "is" distinct from "should be" as I walk through these scenarios. Also on my todo list, look into how the lock timer really works. There is a world of difference between absolute time and relative time.
I keep thinking that the network would see transaction # 2 as a double spend and reject it. But we can't prevent the source from passing it directly to a friendly miner that could include it in a block, which would make it the real version regardless of how the rest of the network felt about things.
I'm not a big fan of mandatory fees, even trivially small ones. But it does seem to work here, at first glance.
|
|
|
|
|
So, every single one of my rc1 nodes is stuck on block 170,059 and refuse to move forward. While I'm compiling rc2, does anyone know if this is a known problem?
|
|
|
|
If anything will ever go wrong with bitcoin... it'll be now.... the whole idea of a possible fork is somewhat scary.
Very unlikely. Someone would need to plan the attack very carefully, have huge amounts of hashing power hiding offline, and gain essentially nothing from it. |
|
|
|
- Some form of discouragement should be undertaken to prevent miners from including versions of transactions that aren't the latest version. If this uses block rejection, this will cause miners not following the rules of the majority to mine blocks that will not be accepted in the consensus chain, causing lots of dead-end branches. If this uses transaction fees to incentivize miners to get the maximum fees by including the latest version, it might be a good idea to restrict newer versions to force them to pay higher fees with each version. This still requires guesswork on the part of the sender to predict how much of a transaction fee addition would make miners willing to validate the new version of the transaction. It also means we may need to change the rules for transaction replacement with regard to inputs, allowing a new input to cover the additional transaction fees if needed (this would mean modifying at least CTransaction::FetchInputs as well).
Do the current block validation rules not reject blocks that include transactions with unexpired lock times? |
|
|
|
|
Do we have an ETA on the patch getting merged and included in rc3 or whatever?
|
|
|
|
If you're asking for their books, you're probably not going to get those.
Discovery |
|
|
|
|
Since there are no laws on your island, I could just show up with a bunch of guys with guns and make it my island. Right?
|
|
|
|
|
Show Posts
