Are there any Bitcoin emergency plans? Migration to BTC 2.0?

[leopard2]

Hi all,

what happens in a worst case scenario? Let's say a critical security flaw is exposed, or the blockchain simply becomes too large to handle or something else that damages Bitcoin beyond repair, slowly or suddenly.    In theory a rollback to the last known good (point in the blockchain) would be possible, and a migration of existing balances to another, or a new, blockchain - whatever it is called.

So that would be more than a hard fork, it would actually be a complete reset. For fiat currencies there is a such a thing, called a currency reform, and emergency money does exist in most developed countries. For example in a war-like scenario, or in case large quantities of counterfeit notes hit the market, such plans exist to ensure balances are migrated and cash exchanged. Even the EUR introduction was such a migration, albeit a planned one.   

But I do not understand enough about BTC how such a scenario could work; would the new currency be pre-mined until there are enough BTC 2.0 and then migrated? Is that even possible; what about all the private keys; is there a method how to use existing private keys to allow BTC 1.0 owners to grab their 2.0 coins? 

Please discuss.

[barwizi]

it's called a private key. that is the be all and is all you'll ever need in case of emergency. so long as you have it, your problems are solved.

[amspir]

It wouldn't work that way.  Bitcoins are only worth something because there are buyers and sellers.  If the bitcoin protocol was compromised in some way (such as a cartel controlling the majority of mining, or practical quantum computer attacks), then there would be more sellers and buyers and the price would go down until there were no buyers. 

[leopard2]

Sorry but altcoins are not the solution here. If bitcoin fails, it may not even be possible to trade it anymore. Billions in market cap will be destroyed, period.

That is stupid because there is a public ledger and it should be possible to move the existing balances. If the protocol is compromised (and it will be at some point in the future) that should not be the end - all that is needed is a new better protocol and a migration procedure.  

It is done with fiat bills all the time; old bills are called back and exchange with new ones.

How can that be done without a central authority, though?  

Lets say there are 12494525 BTC today and SHA-256 is broken (just an example, I know that is not likely). At 12494500 BTC, it was not broken, so that would be the last known good.

Now we would create BTC 2.0 with a new algo, call it SHA-1024, and premine 12494500 blocks in a testnet before it is released to the public.

Is it technically possible at all, to migrate all balances on existing private keys from "12494500 BTC 1.0" to "12494500 BTC 2.0"?

Horcruxing BTC if you will  

[DanielVG]

Is it technically possible at all, to migrate all balances on existing private keys from "12494500 BTC 1.0" to "12494500 BTC 2.0"?

No, I think that's a fantasy... BTC 2.0 would have a different genesis block.

When the protocol is somehow compromised to an extend it can't be fixed then the market cap just drops like a cliff and everyone who invested will bite the dust.
plus, it will drag the whole alt coin community down as extra collateral.
The only thing that's left in the economy is miners who believe in alt coins that are provably not affected by the same thing bitcoin suffered from.  
crypto-currency would need years to recover from a compromised protocol to come back to the point of adaptation it now has.

Such events are not unthinkable, but even when it happens, it will never destroy the theory of crypto-currency and blockchain technology. it will only destroy the current application, new ones will rise, but it will take years, even decades.

[klabaki]

Step 1: Create a new source repository, and fix the flaws that caused the emergency.

Step 2: Agree on the last known valid block.

Step 3: Get the UTXO set that is current at the block from step 2, and convert it into a set of one-input-one-output transactions. (The input is a coinbase-like input with a nonce in the scriptSig, and the output is the UTXO.)

Step 4: Craft a new genesis block, include the hash of the block from step 2 into the coinbase transaction's scriptSig, and include the transactions from step 3 into the transactions' list.

Step 5: Edit the function that calculates the current block reward: The height of the block from step 2 needs to be subtracted in order to account for the blocks mined on the old chain.

Step 6: Choose a new port number, network magic, seeding nodes, and initial difficulty, and reset the checkpoints.

Step 7: Compile and distribute it to miners and full node operators.

Step 8: Adopt the changes into a new repository for the SPV wallets.

Step 9: Compile and distribute it to SPV wallet users.



Technically, it is possible. However, the critical point is how long it takes to execute this plan: If it takes too long, the users will be scared away.
So, it is in the community's best interest to be able to execute this as quickly as possible.

Is there anyone who'd like to do a dry run of this procedure?

[leopard2]

Klabaki - good response

Should that not be the Bitcoin foundation's job to ensure such a procedure exists? It would be immensely confidence building to have such a safety net. 

One question: how would you prevent 51% attacks during step 7? There will be a time span until most miners are mining this so that the network would be vulnerable, or not?

[amspir]

One question: how would you prevent 51% attacks during step 7? There will be a time span until most miners are mining this so that the network would be vulnerable, or not?

Technically, the organization distributing the change would be the one attempting the 51% attack.  If it succeeds, then it demonstrates the protocol is weak in the first place and that 51% can be done by a small group of individuals.

[leopard2]

One question: how would you prevent 51% attacks during step 7? There will be a time span until most miners are mining this so that the network would be vulnerable, or not?

Technically, the organization distributing the change would be the one attempting the 51% attack.  If it succeeds, then it demonstrates the protocol is weak in the first place and that 51% can be done by a small group of individuals.

I do not understand. Even the safest protocol cannot withstand a 51% attack. You could bring Securecoin down that way.

[amspir]

One question: how would you prevent 51% attacks during step 7? There will be a time span until most miners are mining this so that the network would be vulnerable, or not?

Technically, the organization distributing the change would be the one attempting the 51% attack.  If it succeeds, then it demonstrates the protocol is weak in the first place and that 51% can be done by a small group of individuals.

I do not understand. Even the safest protocol cannot withstand a 51% attack. You could bring Securecoin down that way.

The goal of any 51% attack is to control the protocol, for evil, for good, it doesn't matter.  To change the protocol, you just need 51% control of the mining.  You are hypothetically executing a 51% attack by getting 51% of the miner's power to follow the "BTC 2.0" protocol.  If it can be done for "BTC 2.0", then it could be done by a government or criminal organization.

[BADecker]

The best plan would be to migrate Bitcoin to the quantum computer when it first comes online. From what I hear, doing that would make it a whole lot safer encryption-wise, even from other quantum computers, and a whole lot more private.

[Ichthyo]

I do not understand. Even the safest protocol cannot withstand a 51% attack. You could bring Securecoin down that way.

The goal of any 51% attack is to control the protocol, for evil, for good, it doesn't matter.  To change the protocol, you just need 51% control of the mining.  You are hypothetically executing a 51% attack by getting 51% of the miner's power to follow the "BTC 2.0" protocol.  If it can be done for "BTC 2.0", then it could be done by a government or criminal organization.

Basically we had this very situation last year.
A critical flaw in a just released new version of the standard client was discovered, which would have led to transactions being judged differently by miners, and thus to a split of the chain. It took the core devs just some hours to negotiate with some large miner pools to revert back. Before 12:00 PM UTC next day, most of the bitcoin network had followed this move, and the few problematic blocks where obsoleted this way.

Initially this created quite some turmoil and a lot of bad press, but in the end consensus was that this incident showed the Bitcoin Community's ability to deal with critical situations professionally.

[CryptoDomains]

This is what gold is for lol

[klabaki]

One question: how would you prevent 51% attacks during step 7? There will be a time span until most miners are mining this so that the network would be vulnerable, or not?

In the emergency scenario that I have in mind, the old network is already under attack and unusable.

For example, let's imagine a serious flaw in SHA-256 is discovered and it becomes possible to calculate the nonce for any block and any difficulty in essentially no time.
Then it wouldn't take an hour until miners start abusing this flaw and we'd have virtually infinite hashing power which keeps flooding us with new blocks.
The difficulty could never adjust to this because the only thing that limits blocks from being created is the network latency.

Applying the above procedure to this scenario, step 1 would consist of replacing the defunct SHA-256 function with something else, for example Keccak.
Step 2 would be to agree on the last block that was mined before the SHA-256 flaw was first used.

When distributing the new software in step 7, the old network would still be online and running, but it is unusable, because it keeps being flooded with new blocks.
The new network would be established just like any other Keccak-based altcoin, with the exception that everyone's wallet balance is preserved.

About the >50% attack: It's like with every other altcoin. An attack becomes increasingly difficult as the network keeps growing. But yes, conversely, this means that the new network is most vulnerable at the beginning.

Basically we had this very situation last year.
A critical flaw in a just released new version of the standard client was discovered, which would have led to transactions being judged differently by miners, and thus to a split of the chain. It took the core devs just some hours to negotiate with some large miner pools to revert back. Before 12:00 PM UTC next day, most of the bitcoin network had followed this move, and the few problematic blocks where obsoleted this way.

Initially this created quite some turmoil and a lot of bad press, but in the end consensus was that this incident showed the Bitcoin Community's ability to deal with critical situations professionally.

Exactly. The events of March 2013 strengthened my confidence in Bitcoin's stability.
I'm convinced that in case of emergency, most if not all of the Bitcoin developers, miners, and full node operators will act together in Bitcoin's best interest.
I would argue that this was one of the things that drove up the currency's value in the following months.

While we can't foresee what the exact cause of emergency will be, it can't hurt to make plans as much as possible.

Should that not be the Bitcoin foundation's job to ensure such a procedure exists?

There is no such thing like the Bitcoin foundation. There are multiple organisations supporting the Bitcoin project, one of them is called "Bitcoin Foundation", but that doesn't make them officially responsible for Bitcoin.

It would be immensely confidence building to have such a safety net.

Definitely! Let's just do it.

[tvbcof]

I've long theorized that the most likely scenario would be that at a moment of crisis we'll see a large number of efforts which start off with the existing blockchain (with varying degrees of roll-back) used as a starting point for a decent number efforts vying for the '2.0' mantle.  This because it would act as a bootstrap as it will enlist people with a stake in Bitcoin 1.x.  The most probable point of failure is the efficiency and centralization of mining effort, so I would anticipate that being one of the major changes in '2.0'.  That is, a shift in the current proof-of-work mechanism from that point forward.

The trick will be to figure out which of the myriad of 2.0's will be the one which takes off.  If one is prepared to simply sit on one's hoard for a while, it should be possible to observe empirically which one seems to be taking the lead.  Some of the efforts will likely try to force a spend onto the extended portion of the blockchain which will create some pressure for adoption.  I believe (and hope) that this will create a deterrent toward adoption and end up making participants who follow that track noncompetitive.

---

An interesting thing which I thought of more recently is that the U.S. govt is possibly the largest holder of BTC at this time.  They also have influence of other large holders (e.g., Karpeles, the Winklevoss guys, etc.)  What this means is that they might have the ability to influence the outcome of post-apocalyptic re-consolidation.

In a way, the loss of 'privacy' inherent in the first-cut public ledger of Bitcoin 1.x, and the efforts toward tracking large blocks of control (thefts, confiscations, etc) might be a blessing in disguise.  I personally would be pre-disposed to selecting a 2.x effort which used the existing blockchain as a starting point-of-truth but subtracted out values which were sufficiently proven to be potentially disruptive (e.g., the U.S. govt's hoard.)

[BitCoinsLOL]

Bitcoin may one day fail or be replaced with a better way what ever that is. The concept though is here to stay the old saying is "The first one through the wall always gets bloody". This is the best most effective form of rebellion against a government I've ever seen.