Bitcoin Forum
June 22, 2024, 01:36:34 PM *
News: Latest Bitcoin Core release: 27.0 [Torrent]
 
   Home   Help Search Login Register More  
Pages: « 1 2 3 4 5 6 7 8 9 [10] 11 12 13 14 15 16 17 18 »  All
  Print  
Author Topic: Segregated witness - The solution to Scalability (short term)?  (Read 23096 times)
Lauda (OP)
Legendary
*
Offline Offline

Activity: 2674
Merit: 2965


Terminated.


View Profile WWW
December 12, 2015, 05:06:01 PM
 #181

the only valid benefit i see is reduced storage - which is not bad but is it important? i dont think so. AFAIK nodes running on home-intrnet-lines are adding a burden on the network anyway.

so...still undecided ;-) but i like to learn more...
Malleability fix, simpler script upgrades, fraud proof.. those are not 'valid benefits' ? The least important benefit here is reduced storage. Most people don't run nodes so they don't even care about that.

"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks"
😼 Bitcoin Core (onion)
franky1
Legendary
*
Offline Offline

Activity: 4256
Merit: 4532



View Profile
December 12, 2015, 05:08:54 PM
 #182


Transaction malleability aside (because I'm not sure I believe the millions of dollars were actually lost from this), I still know that Bitcoin isn't secure enough for anyone to "go all in" as they say.1. Not only because the protocol isn't well refined yet but because there aren't systems in place to secure users from the inevitable teenaged hacker.2 I have had fraudulent transactions on one of my bank accounts. You know how much I lost? Nothing! You need to make your own choice how much you are willing to use and possibly lose. Your right, of course, if you're willing to have all your keys unusable on a paper wallet then Bitcoin is a fortress. The rest of us have our money constantly in play.3

This Segwit solution is a change that can help4, at least in the short run. I'm really unclear why you are so opposed to it. It seems like a solution that will give the developers a little breathing room to come up with a permanent solution to blocksize while solving the malleability problem without even the need for a hard fork. What's wrong with that?

1. i personally am all in.. my bank account has not seen any deposit in years. i get paid in bitcoin and i move a majority to cold store and a few fractions of bitcoin to a hotwallet (treating it like bank note spending)

2. yes i have lost a few 'bank note spending' fractions of bitcoin due to many reasons. but my cold store has been filling up quite nicely since 2012.

3. then think of the cold store as a bank and the hot wallet as bank notes.. and just dont walk round town with more then your ready to lose

4. segwit pretends to be a hard fork, but how data is saved is not benefiting true bitcoin core nodes.. and most of the benefits can be done by liteclients already.
i can think of 20 different solutions to bloat/malle. all of which are less offensive to bitcoin-core and less security risking for the network.

yes segwit has features.. but the benefits and issues it will cause are not as worthy, and other solutions can do a better job

I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER.
Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
onemorexmr
Sr. Member
****
Offline Offline

Activity: 252
Merit: 250



View Profile
December 12, 2015, 05:09:41 PM
 #183

the only valid benefit i see is reduced storage - which is not bad but is it important? i dont think so. AFAIK nodes running on home-intrnet-lines are adding a burden on the network anyway.

so...still undecided ;-) but i like to learn more...
Malleability fix, simpler script upgrades, fraud proof.. those are not 'valid benefits' ? The least important benefit here is reduced storage. Most people don't run nodes so they don't even care about that.

i missed: simpler script updates and fraud proof
do you have a link?
i thought i had read this thread carefully together with gavins blog entry...are there other sources?

XMR || Monero || monerodice.net || xmr.to || mymonero.com || openalias.org || you think bitcoin is fungible? watch this
QuestionAuthority
Legendary
*
Offline Offline

Activity: 2156
Merit: 1393


You lead and I'll watch you walk away.


View Profile
December 12, 2015, 05:10:50 PM
 #184


Transaction malleability aside (because I'm not sure I believe the millions of dollars were actually lost from this), I still know that Bitcoin isn't secure enough for anyone to "go all in" as they say.1. Not only because the protocol isn't well refined yet but because there aren't systems in place to secure users from the inevitable teenaged hacker.2 I have had fraudulent transactions on one of my bank accounts. You know how much I lost? Nothing! You need to make your own choice how much you are willing to use and possibly lose. Your right, of course, if you're willing to have all your keys unusable on a paper wallet then Bitcoin is a fortress. The rest of us have our money constantly in play.3

This Segwit solution is a change that can help4, at least in the short run. I'm really unclear why you are so opposed to it. It seems like a solution that will give the developers a little breathing room to come up with a permanent solution to blocksize while solving the malleability problem without even the need for a hard fork. What's wrong with that?

1. i personally am all in.. my bank account has not seen any deposit in years. i get paid in bitcoin and i move a majority to cold store and a few fractions of bitcoin to a hotwallet (treating it like bank note spending)

2. yes i have lost a few 'bank note spending' fractions of bitcoin due to many reasons. but my cold store has been filling up quite nicely since 2012.

3. then think of the cold store as a bank and the hot wallet as bank notes.. and just dont walk round town with more then your ready to lose

4. segwit pretends to be a hard fork, but how data is saved is not benefiting true bitcoin core nodes.. and most of the benefits can be done by liteclients already.
i can think of 20 different solutions to bloat/malle. all of which are less offensive to bitcoin-core and less security risking for the network.

yes segwit has features.. but the benefits and issues it will cause are not as worthy, and other solutions can do a better job

Ok, I'll assume you're actually trying to help. Please see the edit on my last post.

franky1
Legendary
*
Offline Offline

Activity: 4256
Merit: 4532



View Profile
December 12, 2015, 05:11:27 PM
 #185

i know.. im just poking at Lauda because he seems to really want to push segwit, as if its the ultimate solution.. and the only solution..
yet many other people know there are better solutions that dont mess up the main bitcoin chain..
This is incorrect. Did you notice the question mark in the thread title? There is no "ultimate solution" and there never will be.
you original title on december 7th was
Segregated witness - The solution to Scalability
and now
Segregated witness - The solution to Scalability (short term)?

so just admit that even you have lost the faith seeing as you edited the title

I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER.
Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
Lauda (OP)
Legendary
*
Offline Offline

Activity: 2674
Merit: 2965


Terminated.


View Profile WWW
December 12, 2015, 05:13:10 PM
 #186

i missed: simpler script updates and fraud proof
do you have a link?
i thought i had read this thread carefully together with gavins blog entry...are there other sources?
If you look at the picture in the OP, you are going to notice those benefits. Here's a transcript of the original presentation and more information can be found on reddit.

you original title on december 7th was
Segregated witness - The solution to Scalability
and now
Segregated witness - The solution to Scalability (short term)?

so just admit that even you have lost the faith seeing as you edited the title
No. The title was changed a few days ago. The initial title was misleading; I think it fits better now.


Off-topic: Milestone reached.

"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks"
😼 Bitcoin Core (onion)
franky1
Legendary
*
Offline Offline

Activity: 4256
Merit: 4532



View Profile
December 12, 2015, 05:15:51 PM
 #187

No. The title was changed a few days ago. The initial title was misleading; I think it fits better now.

so you admit its not the ultimate solution and never was... ok, but i still wonder why your trying to push people soo hard..

and yea i seen the image 20 times.. its not showing how..to me, i dont read a cerial box of ingrediants.. id rather do my own tests
and yea i read the article 5 times. and its solutions seem flimsy at best and i can see 20 other ways the same benefits in the image can be met without messing with the real blockchain.

i do believe bitcoin needs a new opcode for the scripting/malle stuff.. but the whole splitting signatures part.. no way should that happen, lite clients can ignore signatures themselves or reduce data saved like i explained on a long past on the other page.. but no way should bitcoin-core be altered just for liteclients lazy sake of 15 lines of code in their lite client software

I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER.
Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
Lauda (OP)
Legendary
*
Offline Offline

Activity: 2674
Merit: 2965


Terminated.


View Profile WWW
December 12, 2015, 05:24:41 PM
 #188

so you admit its not the ultimate solution and never was... ok, but i still wonder why your trying to push people soo hard..

and yea i seen the image 20 times.. its not showing how..to me, i dont read a cerial box of ingrediants.. id rather do my own tests
and yea i read the article 5 times. and its solutions seem flimsy at best and i can see 20 other ways the same benefits in the image can be met without messing with the real blockchain.

i do believe bitcoin needs a new opcode for the scripting/malle stuff.. but the whole splitting signatures part.. no way should that happen, lite clients can ignore signatures themselves or reduce data saved like i explained on a long past on the other page.. but no way should bitcoin-core be altered just for liteclients lazy sake of 15 lines of code in their lite client software
Pushing hard? I don't think so. You're the guys who are mostly leading the discussion. Look at how many posts I've made (percentage wise) of the total posts here. I like this idea; test-net is going to be out this month (IIRC). You can then do your own tests. Would I mind a simple block size increase to 2 or 4 MB right now? No, I would not. I don't think those "20 ways" could work else some developer would have already proposed it/coded it. Simpler script upgrades and a malleability fix is really good, without those the added complexity/potential attack vectors would not be worth it at all.

"The Times 03/Jan/2009 Chancellor on brink of second bailout for banks"
😼 Bitcoin Core (onion)
onemorexmr
Sr. Member
****
Offline Offline

Activity: 252
Merit: 250



View Profile
December 12, 2015, 05:36:55 PM
 #189

i missed: simpler script updates and fraud proof
do you have a link?
i thought i had read this thread carefully together with gavins blog entry...are there other sources?
If you look at the picture in the OP, you are going to notice those benefits. Here's a transcript of the original presentation and more information can be found on reddit.

you original title on december 7th was
Segregated witness - The solution to Scalability
and now
Segregated witness - The solution to Scalability (short term)?

so just admit that even you have lost the faith seeing as you edited the title
No. The title was changed a few days ago. The initial title was misleading; I think it fits better now.


Off-topic: Milestone reached.


thank you.. here are a few thoughts (if segwit is implemented):
  • in case of a bigger chain-split and merge it might not be possible for a miner to include tx from the wrong chain into the correct one because of the missing proof
  • segwit fixes tx malleability for P2SH transactions which we dont have a solution for today (bip62 dont work - and its relevant for LN)...nice
  • easier script changes: neat... soft-forks for script updates. and to easily support other crypt-algos seems good too in case current ones get broken we have an upgrade path (ofc schnorr as a possibility is nice too).
    i dont understand (yet) why P2SH does not work for this. AFAIK it is a a hash of a script placed in the block which also resolves to ANYCANSPEND. isnt it possible to use this method for further script-changes?
  • fraud-proof: IMHO unneeded as only nodes which has storage/bandwidth problems would benefit (and we did agree this is not a big problem anyway)

please correct me where i am wrong ;-)

XMR || Monero || monerodice.net || xmr.to || mymonero.com || openalias.org || you think bitcoin is fungible? watch this
johnyj
Legendary
*
Offline Offline

Activity: 1988
Merit: 1012


Beyond Imagination


View Profile
December 12, 2015, 05:56:10 PM
 #190

In fact, this possible change in bitcoin architecture raised a question: Are your bitcoin safe in a cold storage?

I used to believe that it is protected by the public-private key cryptography, e.g. without the signature generated from private key, the coin at certain address can not be spent

But now I realized that this really depends on the client running on the nodes

If a group of nodes are running a new version which does not need the signature to spend coins, then that version can spend anyone's coin without their signature (The new version can use a new signature scheme to protect their new address). Of course this transaction would not be known to the old client since that is not part of the old protocol, so in the old client coins are still there but in the new client the coins have already been spent. After the old client upgraded to new, the coins are gone

And there is really motivation in doing this: Since by the time when over 99% of the client is running new software, the old client essentially becomes minority thus have to upgrade to the new version because almost no node is using the old version anymore. So, by successfully rolling out a new version you can steal other's coins, especially Satoshi's 1 million coins, doesn't that sounds like a good idea?

I'm not talking about developer's ethics here, it is just a technical possibility that will attract lots of criminals, and criminals really does not care about bitcoin's long term success, they just need to cash out the stolen coins at exchanges and they are done. In a word, if nodes could not prevent the protocol from being changed to something malicious, then you essentially can not protect your bitcoin at all. And the more complex the code is, the easier to hide malicious implementations

pereira4
Legendary
*
Offline Offline

Activity: 1610
Merit: 1183


View Profile
December 12, 2015, 05:57:47 PM
 #191

the only valid benefit i see is reduced storage - which is not bad but is it important? i dont think so. AFAIK nodes running on home-intrnet-lines are adding a burden on the network anyway.

so...still undecided ;-) but i like to learn more...
Malleability fix, simpler script upgrades, fraud proof.. those are not 'valid benefits' ? The least important benefit here is reduced storage. Most people don't run nodes so they don't even care about that.
This thing is pretty genius to be honest, even Andreas dedicated a post to sigwit and described it as a turning point in Bitcoin. This is exactly what we needed before Lightning Network which disipates all doubts of Bitcoin being able to wait until LN is operative, with sigwit we will be able to deal with any extra traffic of new people jumping in in the next year or so.

Also I noticed you are still not Legendary, pretty bad luck considering it starts randomly at 775 activity+ randomly I think :p
onemorexmr
Sr. Member
****
Offline Offline

Activity: 252
Merit: 250



View Profile
December 12, 2015, 06:00:51 PM
 #192

In fact, this possible change in bitcoin architecture raised a question: Are your bitcoin safe in a cold storage?

I used to believe that it is protected by the public-private key cryptography, e.g. without the signature generated from private key, the coin at certain address can not be spent

But now I realized that this really depends on the client running on the nodes

If a group of nodes are running a new version which does not need the signature to spend coins, then that version can spend anyone's coin without their signature (The new version can use a new signature scheme to protect their new address). Of course this transaction would not be known to the old client since that is not part of the old protocol, so in the old client coins are still there but in the new client the coins have already been spent. After the old client upgraded to new, the coins are gone

And there is really motivation in doing this: Since by the time when over 99% of the client is running new software, the old client essentially becomes minority thus have to upgrade to the new version because almost no node is using the old version anymore. So, by successfully rolling out a new version you can steal other's coins, especially Satoshi's 1 million coins, doesn't that sounds like a good idea?

I'm not talking about developer's ethics here, it is just a technical possibility that will attract lots of people. In a word, if nodes could not prevent the protocol from being changed to something malicious, then you essentially can not protect your bitcoin at all. And the more complex the code is, the easier to hide malicious implementations

IMHO thats only the case if:
 - majority of miners runs new version
 - satoshi moves his coins to a new address
 - majority of miners decide to roll back to old version

or did i miss something?

XMR || Monero || monerodice.net || xmr.to || mymonero.com || openalias.org || you think bitcoin is fungible? watch this
johnyj
Legendary
*
Offline Offline

Activity: 1988
Merit: 1012


Beyond Imagination


View Profile
December 12, 2015, 06:13:35 PM
 #193


IMHO thats only the case if:
 - majority of miners runs new version
 - satoshi moves his coins to a new address
 - majority of miners decide to roll back to old version

or did i miss something?

In this order:

1. Some large miners start to run a new version that can spend satoshi's coin without signature (in new version you can redefine what is a valid transaction)
2. These miners promote the new version to be widely accepted by exchanges and merchants
3. These large miners moved satoshi's coin to their own address in the new version
4. They sell those 1 million coins and gone

Since no one else except Satoshi will notice the difference, and in this case majority of the miners already get Satoshi's coins and be satisfied with the new version. Even Satoshi comes out and protest, it does not make any sense any more

onemorexmr
Sr. Member
****
Offline Offline

Activity: 252
Merit: 250



View Profile
December 12, 2015, 06:20:26 PM
 #194


IMHO thats only the case if:
 - majority of miners runs new version
 - satoshi moves his coins to a new address
 - majority of miners decide to roll back to old version

or did i miss something?

In this order:

1. Some large miners start to run a new version that can spend satoshi's coin without signature (in new version you can redefine what is a valid transaction)
2. These large miners moved satoshi's coin to their own address in the new version
3. These miners promote the new version to be widely accepted by exchanges and merchants
4. They sell the 1 million coins and gone

Since no one else except Satoshi will notice the difference, and in this case majority of the miners already get Satoshi's coins and be satisfied with the new version. Even Satoshi comes out and protest, it does not make any sense any more

i dont think 3 would work ;-)
why should exchanges and merchants accept such a bitcoin version?

XMR || Monero || monerodice.net || xmr.to || mymonero.com || openalias.org || you think bitcoin is fungible? watch this
RoadTrain
Legendary
*
Offline Offline

Activity: 1386
Merit: 1009


View Profile
December 12, 2015, 06:24:23 PM
 #195

In fact, this possible change in bitcoin architecture raised a question: Are your bitcoin safe in a cold storage?

I used to believe that it is protected by the public-private key cryptography, e.g. without the signature generated from private key, the coin at certain address can not be spent

But now I realized that this really depends on the client running on the nodes

If a group of nodes are running a new version which does not need the signature to spend coins, then that version can spend anyone's coin without their signature (The new version can use a new signature scheme to protect their new address). Of course this transaction would not be known to the old client since that is not part of the old protocol, so in the old client coins are still there but in the new client the coins have already been spent. After the old client upgraded to new, the coins are gone

And there is really motivation in doing this: Since by the time when over 99% of the client is running new software, the old client essentially becomes minority thus have to upgrade to the new version because almost no node is using the old version anymore. So, by successfully rolling out a new version you can steal other's coins, especially Satoshi's 1 million coins, doesn't that sounds like a good idea?

I'm not talking about developer's ethics here, it is just a technical possibility that will attract lots of criminals, and criminals really does not care about bitcoin's long term success, they just need to cash out the stolen coins at exchanges and they are done. In a word, if nodes could not prevent the protocol from being changed to something malicious, then you essentially can not protect your bitcoin at all. And the more complex the code is, the easier to hide malicious implementations
First of all, signatures are separated only for transactions that are spending from new SW-compatible outputs. As Gavin explains it, the scriptPubKey will be like this:
Code:
PUSHDATA [version_byte + validation_script]
Old transactions will still employ the current mechanism. This 'old' mechanism will be preserved, and there's no real chance spending from old outputs will be made obsolete (there's a chance sending to 'old' addresses will be made non-standard though, but I also doubt that, given the implications).

I do not understand what an attack vector you are discribing here. Old versions will have decreased security because they will have to assume (w/r/t to those transactions they won't be able to fully check) that the longest chain is the valid one. This kind of an assumption is already here for SPV wallets, which, to my knowledge, are an overwhelming majority these days. But thanks to fraud proofs, the SW will be able to strenghten their security.

Anyway, it's always been that full nodes provide the highest security possible. The full node verifies that the coins you receive are valid. Full nodes act as a check against dishonest miners. It will stay this way.
johnyj
Legendary
*
Offline Offline

Activity: 1988
Merit: 1012


Beyond Imagination


View Profile
December 12, 2015, 06:25:20 PM
 #196


IMHO thats only the case if:
 - majority of miners runs new version
 - satoshi moves his coins to a new address
 - majority of miners decide to roll back to old version

or did i miss something?

In this order:

1. Some large miners start to run a new version that can spend satoshi's coin without signature (in new version you can redefine what is a valid transaction)
2. These large miners moved satoshi's coin to their own address in the new version
3. These miners promote the new version to be widely accepted by exchanges and merchants
4. They sell the 1 million coins and gone

Since no one else except Satoshi will notice the difference, and in this case majority of the miners already get Satoshi's coins and be satisfied with the new version. Even Satoshi comes out and protest, it does not make any sense any more

i dont think 3 would work ;-)
why should exchanges and merchants accept such a bitcoin version?

Sorry, I have changed the order a little bit to make it more realistic, they should first push for mass adoption and then do the malicious transaction

Exchanges and merchants accept such a new version simply because they heard that it can bring more transaction capacity, can fix bugs, can reduce the block size and increase performance. etc... And because the code and the implementation is so complex they don't have time to check every detail

franky1
Legendary
*
Offline Offline

Activity: 4256
Merit: 4532



View Profile
December 12, 2015, 06:28:37 PM
 #197

In fact, this possible change in bitcoin architecture raised a question: Are your bitcoin safe in a cold storage?

I used to believe that it is protected by the public-private key cryptography, e.g. without the signature generated from private key, the coin at certain address can not be spent

But now I realized that this really depends on the client running on the nodes

If a group of nodes are running a new version which does not need the signature to spend coins, then that version can spend anyone's coin without their signature (The new version can use a new signature scheme to protect their new address). Of course this transaction would not be known to the old client since that is not part of the old protocol, so in the old client coins are still there but in the new client the coins have already been spent. After the old client upgraded to new, the coins are gone

And there is really motivation in doing this: Since by the time when over 99% of the client is running new software, the old client essentially becomes minority thus have to upgrade to the new version because almost no node is using the old version anymore. So, by successfully rolling out a new version you can steal other's coins, especially Satoshi's 1 million coins, doesn't that sounds like a good idea?

I'm not talking about developer's ethics here, it is just a technical possibility that will attract lots of people. In a word, if nodes could not prevent the protocol from being changed to something malicious, then you essentially can not protect your bitcoin at all. And the more complex the code is, the easier to hide malicious implementations

IMHO thats only the case if:
 - majority of miners runs new version
 - satoshi moves his coins to a new address
 - majority of miners decide to roll back to old version

or did i miss something?

its all theory but here is a story

mining pools will still be full node
in 2015 a tx looks like [txdata&sig]. in 2016 SW softfork would look like [txdata][sig] to a full node. so no worries about miners (i hope)

but it would only be [txdata] relayed/saved to a SWClient wallet..

what i could then do, is hack your SWClient so that im the only relay node you connect to.
i do this for 4 people just so your not curious about lack of network connects.
so i could make a [txdata] that is satoshi -> franky 50btc.
i send the [txdata] to you all. and because you all have the same [txdata].. you accept it (remember you cant contact a fullnode to check signature as you are in my hacked circle).
i then say 'bob im satoshi's friend as you can see he gave me 50btc,  i want to give you 50btc if you send me 5000LTC or $15,000.' your happy because its a cheap deal and also you think you will get fame for receiving funds originally from satoshi.. afterall the [txdata] shows that the satoshi funds came to me
you agree so i make a new [txdata] that shows franky -> bob.
you also see for other connections with the same [txdata] crediting you with 50btc
you then send me the litecoin/dollar funds..
i release you from my hacked circle, where you realise that the [txdata] is all fake.. and ive just run off with your litecoins or dollars.. all because you did not have the signatures stored to check locally while you were not able to check the real data.

I DO NOT TRADE OR ACT AS ESCROW ON THIS FORUM EVER.
Please do your own research & respect what is written here as both opinion & information gleaned from experience. many people replying with insults but no on-topic content substance, automatically are 'facepalmed' and yawned at
RoadTrain
Legendary
*
Offline Offline

Activity: 1386
Merit: 1009


View Profile
December 12, 2015, 06:30:49 PM
 #198

Exchanges and merchants accept such a new version simply because they heard that it can bring more transaction capacity, can fix bugs, can reduce the block size and increase performance. etc... And because the code and the implementation is so complex they don't have time to check every detail
I see you concerns and I must admit that such a situation is theoretically possible, but there are two things I must note that make it less likely practically:
1) there are many experts that are evaluating proposals. It raises the bar for any controversial change.
2) SW is not as complex as you are painting it.

Anyway, the possible soft-fork is still months away, so you'll have time to evaluate it yourself.
johnyj
Legendary
*
Offline Offline

Activity: 1988
Merit: 1012


Beyond Imagination


View Profile
December 12, 2015, 06:32:35 PM
 #199

In fact, this possible change in bitcoin architecture raised a question: Are your bitcoin safe in a cold storage?

I used to believe that it is protected by the public-private key cryptography, e.g. without the signature generated from private key, the coin at certain address can not be spent

But now I realized that this really depends on the client running on the nodes

If a group of nodes are running a new version which does not need the signature to spend coins, then that version can spend anyone's coin without their signature (The new version can use a new signature scheme to protect their new address). Of course this transaction would not be known to the old client since that is not part of the old protocol, so in the old client coins are still there but in the new client the coins have already been spent. After the old client upgraded to new, the coins are gone

And there is really motivation in doing this: Since by the time when over 99% of the client is running new software, the old client essentially becomes minority thus have to upgrade to the new version because almost no node is using the old version anymore. So, by successfully rolling out a new version you can steal other's coins, especially Satoshi's 1 million coins, doesn't that sounds like a good idea?

I'm not talking about developer's ethics here, it is just a technical possibility that will attract lots of criminals, and criminals really does not care about bitcoin's long term success, they just need to cash out the stolen coins at exchanges and they are done. In a word, if nodes could not prevent the protocol from being changed to something malicious, then you essentially can not protect your bitcoin at all. And the more complex the code is, the easier to hide malicious implementations
First of all, signatures are separated only for transactions that are spending from new SW-compatible outputs. As Gavin explains it, the scriptPubKey will be like this:
Code:
PUSHDATA [version_byte + validation_script]
Old transactions will still employ the current mechanism. This 'old' mechanism will be preserved, and there's no real chance spending from old outputs will be made obsolete (there's a chance sending to 'old' addresses will be made non-standard though, but I also doubt that, given the implications).

I do not understand what an attack vector you are discribing here. Old versions will have decreased security because they will have to assume (w/r/t to those transactions they won't be able to fully check) that the longest chain is the valid one. This kind of an assumption is already here for SPV wallets, which, to my knowledge, are an overwhelming majority these days. But thanks to fraud proofs, the SW will be able to strenghten their security.

Anyway, it's always been that full nodes provide the highest security possible. The full node verifies that the coins you receive are valid. Full nodes act as a check against dishonest miners. It will stay this way.

If full nodes are still needed then they are still the slowest bottleneck of the system, the SW implementation won't improve the bottleneck then what's the benefit?

Anyway this is just a generalized talk, I am not aiming SW, just showing by changing the protocol you can do whatever thing to bitcoin. So a change to protocol should be very carefully tested and reviewed, but due to the complexity of the codes, the review will be quite difficult

RoadTrain
Legendary
*
Offline Offline

Activity: 1386
Merit: 1009


View Profile
December 12, 2015, 06:38:32 PM
 #200

If full nodes are still needed then they are still the slowest bottleneck of the system, the SW implementation won't improve the bottleneck then what's the benefit?

Anyway this is just a generalized talk, I am not aiming SW, just showing by changing the protocol you can do whatever thing to bitcoin. So a change to protocol should be very carefully tested and reviewed, but due to the complexity of the codes, the review will be quite difficult
What constitutes a full node might change over time, as more advanced features, like UTXO commitments, are implemented. But yes, they are still the bottleneck, and the SW doesn't claim fixing it. The benefits are those listed in the OP, on the picture.
Pages: « 1 2 3 4 5 6 7 8 9 [10] 11 12 13 14 15 16 17 18 »  All
  Print  
 
Jump to:  

Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!