Delivery-date: Mon, 31 Mar 2025 13:50:34 -0700 Received: from mail-yw1-f191.google.com ([209.85.128.191]) by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1tzM5Z-00029n-HC for bitcoindev@gnusha.org; Mon, 31 Mar 2025 13:50:34 -0700 Received: by mail-yw1-f191.google.com with SMTP id 00721157ae682-6f79c1cf49dsf83957447b3.2 for ; Mon, 31 Mar 2025 13:50:33 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1743454228; x=1744059028; darn=gnusha.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-sender:mime-version :subject:references:in-reply-to:message-id:to:from:date:sender:from :to:cc:subject:date:message-id:reply-to; bh=P/L/ha3u2dh/9FaPyIgvY1bPYr4k62KpA1uj1d35o00=; b=lnJedjkEHTL2ipZW279G3YYCc7aY9SAtzJ4NNSPtUKo+WEEKrPfp6DoqMuhvly2rtI 1vTxJfmnHnQZCB17k1AYHm/+qBk0E9qoJmPoNpUTKwT2IucxMs5WX1cCAZIKyNEEI7+K GEI+hzp6GN2ZIZxZ5f7txC9gZRWmYTz5+oNrNmmTVZ/WHv3nMbDgsCPNsKggVEnZTjTr PBrL7fyThLn8ErruKjQ5WMzD14zuCj77uys4DmVL9ETt+jjF4N4Dt49cM7Gi/h1GxuU4 4QfylG/8ulyFMRQVtIAXATzPzV0TPMuOgkPoyAhoXZ23cs4xmDalqj863NZ82gd0ikVb 4Uhw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1743454228; x=1744059028; darn=gnusha.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-sender:mime-version :subject:references:in-reply-to:message-id:to:from:date:from:to:cc :subject:date:message-id:reply-to; bh=P/L/ha3u2dh/9FaPyIgvY1bPYr4k62KpA1uj1d35o00=; b=dE64BCSo5EgGR0EcvTVbSe6d41cHkRlRYKpsJQ+WGHpB514KWg71dPBgKOQ0s4wKtW H9r0yEUcwXKABh922tKZaWjO1VrDW18TpCkSdmyG4xeeLXBe8p6MuNoUxMNgQjJQ9Q6+ RvFEszPWt4Tgr3nlx4fOQpuw9epGPc8GTZSBLNazW7qqGYpA3Bom6L8vAn9MWVErdEl3 qXYuqyw28THyzfM9HeZXv8ejShyQrlbPTcv89l6SpHC9MtC6rHesFVHqNo5Wr165ZZPC awch+u5KyZRyJuaYa1/7CDXP56zFh4zpVgAcHz3k8EAAI3/hLjfgmuEnEq/3lWJQgXrx BoDg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1743454228; x=1744059028; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-sender:mime-version :subject:references:in-reply-to:message-id:to:from:date:x-beenthere :x-gm-message-state:sender:from:to:cc:subject:date:message-id :reply-to; bh=P/L/ha3u2dh/9FaPyIgvY1bPYr4k62KpA1uj1d35o00=; b=jDWtpTlbF5/Yc0J7kj5eDGA0WOMvC/UTGo2gaLBFLsLOp8PQXbvs+FHwvUbzeKKMHs +AvHmsPqhxFROBQ57D2SIreR1UMhLZUpaRKUoXcg7xQuXjJJUuPZUUUj40kUg6pyOIqc pos+pR16kaG0V2+nXqOfNB3hZNqcUyiqDCYhPqjEsYWsyBSM0zm4q2T9EHPg0tkpXF9m ABj+1Aa8aN+PPxK674jEu88zhGpVQ1wt8qbAAsXK4iQ/cSltT5zZrnjlZ6Au2HySSagV +PFpIeGY2L6IZdqQbg76Wu9jGfOkJBMRD2FyqQAOpAtiyser6afVCw0Z/V9+XfRRBg+w UGag== Sender: bitcoindev@googlegroups.com X-Forwarded-Encrypted: i=1; AJvYcCW5cxKH68qQe54ndbUVfjzHtk5VbQLmjoEajI1oCPnpjlyU3Fvz4UZAYSO0PInkXRo5ZaWvnP8RVt1L@gnusha.org X-Gm-Message-State: AOJu0YxDzFKg9CIknvUxkpQ88dZvA+M3L7rO4PWo1AJY5/6pJYz2GEU9 9ds7M+Ds43J0cwFnYEaW0dF5x1XBMHw5xwGAmnJBK42sw1lTBYI1 X-Google-Smtp-Source: AGHT+IH6YMGjv23yqFZ9Pqge6YrUhlG0fqzRz86jT4N79Yf3SrhNluBL4LtMRy//imXs5uqXFUctFA== X-Received: by 2002:a05:690c:25ca:b0:6fd:4849:62da with SMTP id 00721157ae682-7025725c9f6mr154821597b3.22.1743454227897; Mon, 31 Mar 2025 13:50:27 -0700 (PDT) X-BeenThere: bitcoindev@googlegroups.com; h=ARLLPAIk+dAyOzfEH6SteQRdMRuqRkuDDlkmTrY0DBnprldvzQ== Received: by 2002:a25:ae9b:0:b0:e64:3d36:beb2 with SMTP id 3f1490d57ef6-e6942e710b4ls1283391276.2.-pod-prod-04-us; Mon, 31 Mar 2025 13:50:24 -0700 (PDT) X-Received: by 2002:a05:690c:dd4:b0:6fb:1c5a:80fc with SMTP id 00721157ae682-7025730767amr146584667b3.26.1743454224414; Mon, 31 Mar 2025 13:50:24 -0700 (PDT) Received: by 2002:a05:690c:f09:b0:6fe:b496:fc0e with SMTP id 00721157ae682-70210e65fc6ms7b3; Thu, 27 Mar 2025 10:54:46 -0700 (PDT) X-Received: by 2002:a05:690c:4d45:b0:6fe:aa66:5d82 with SMTP id 00721157ae682-7022500494dmr63727657b3.19.1743098085540; Thu, 27 Mar 2025 10:54:45 -0700 (PDT) Date: Thu, 27 Mar 2025 10:54:45 -0700 (PDT) From: /dev /fd0 To: Bitcoin Development Mailing List Message-Id: In-Reply-To: References: Subject: Re: [bitcoindev] Consensus Cleanup BIP draft MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_Part_72996_2065780849.1743098085290" X-Original-Sender: alicexbtong@gmail.com Precedence: list Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com List-ID: X-Google-Group-Id: 786775582512 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Score: -0.5 (/) ------=_Part_72996_2065780849.1743098085290 Content-Type: multipart/alternative; boundary="----=_Part_72997_861809440.1743098085290" ------=_Part_72997_861809440.1743098085290 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi Chris, I agree with separation. Also I need more details as some of them could be CIA proxy and introduce= =20 another bug. Any change in consensus code need more discussion. /dev/fd0 floppy disk guy=20 On Thursday, March 27, 2025 at 5:49:30=E2=80=AFPM UTC+5:30 Chris Stewart wr= ote: > Hi Antoine,=20 > > First off, concept ACK. My concerns are procedural rather than objections= =20 > to the individual security fixes themselves. > > The "Great Consensus Cleanup" is a fantastic brand for communicating thes= e=20 > protocol changes to non-technical users. However, since this is a technic= al=20 > forum and we are producing BIPs intended for technical audiences, I belie= ve=20 > we should document these changes in separate BIPs. > > The proposed security fixes are largely unrelated from a technical=20 > standpoint: > > 1.=20 > =20 > Timewarp attack mitigation > 2.=20 > =20 > Worst-case block validation constraints > 3.=20 > =20 > Disallowing 64-byte transactions > 4.=20 > =20 > Avoiding duplicate transactions > =20 > We should absolutely retain the "Great Consensus Cleanup" branding while= =20 > independently documenting each security enhancement. > > A common concern I=E2=80=99ve heard about splitting this BIP is that depl= oying=20 > soft forks is difficult, so all changes should be bundled together. While= =20 > soft fork deployment is indeed challenging, we've successfully activated= =20 > multiple BIPs within a single soft fork in the past=E2=80=94e.g., BIP141 = and BIP143=20 > in Segwit, as well as BIP341, BIP342, and BIP343 in Taproot. If the=20 > community reaches consensus, we can still deploy all these changes=20 > together, even if they are documented separately. > > This approach also provides flexibility: if one of the proposed changes= =20 > turns out to be controversial, we could remove it without holding up the= =20 > rest of the improvements. Additionally, once these fixes are deployed,=20 > there will likely be significant research and documentation to incorporat= e,=20 > and maintaining independent BIPs will make it easier to manage that growt= h. > > I do see merit in implementing all the security fixes in a single PR for= =20 > Bitcoin Core. More active contributors to the project may have stronger= =20 > opinions on the best approach there. > > -Chris=20 > ------------------------------ > > > > > On Wed, Mar 26, 2025 at 1:23=E2=80=AFPM 'Antoine Poinsot' via Bitcoin Dev= elopment=20 > Mailing List wrote: > >> Hi everyone, >> >> About two months ago i shared an update on this list about my (and=20 >> others', really) work on the >> Consensus Cleanup [0]. I am now ready to share a BIP draft for a=20 >> Consensus Cleanup soft fork. >> >> The BIP draft can be found here:=20 >> https://github.com/darosior/bips/blob/consensus_cleanup/bip-cc.md >> >> It includes the following fixes: >> - a restriction on the timestamp of the first and last blocks of a=20 >> difficulty adjustment period to >> address the Timewarp and Murch-Zawy attacks; >> - a limit on the number of legacy signature operations that may be=20 >> executed in validating a single >> transaction to address long block validation times; >> - making 64 bytes transactions invalid to address weaknesses in the bloc= k=20 >> Merkle tree construction; >> - mandating coinbase transactions be timelocked to their block height to= =20 >> prevent future transaction >> duplication without resorting to BIP30 validation. >> >> This BIP draws on the 2019 Great Consensus Cleanup proposal from Matt=20 >> Corallo [1]. A number of >> people contributed ideas, testing, data or useful discussions. This=20 >> includes Ava Chow, Matt Corallo, >> Mark Erhardt, Brian Groll, David A. Harding, Sjors Provoost, Anthony=20 >> Towns, Greg Sanders, Chris >> Stewart, Eric Voskuil, @0xb10c and others. >> >> Antoine Poinsot >> >> [0]=20 >> https://gnusha.org/pi/bitcoindev/jiyMlvTX8BnG71f75SqChQZxyhZDQ65kldcugeI= DJVJsvK4hadCO3GT46xFc7_cUlWdmOCG0B_WIz0HAO5ZugqYTuX5qxnNLRBn3MopuATI=3D@pro= tonmail.com >> [1]=20 >> https://github.com/TheBlueMatt/bips/blob/7f9670b643b7c943a0cc6d2197d3eab= e661050c2/bip-XXXX.mediawiki >> >> --=20 >> You received this message because you are subscribed to the Google Group= s=20 >> "Bitcoin Development Mailing List" group. >> To unsubscribe from this group and stop receiving emails from it, send a= n=20 >> email to bitcoindev+...@googlegroups.com. >> To view this discussion visit=20 >> https://groups.google.com/d/msgid/bitcoindev/uDAujRxk4oWnEGYX9lBD3e0V7a4= V4Pd-c4-2QVybSZNcfJj5a6IbO6fCM_xEQEpBvQeOT8eIi1r91iKFIveeLIxfNMzDys77HUcbl7= Zne4g%3D%40protonmail.com >> . >> > --=20 You received this message because you are subscribed to the Google Groups "= Bitcoin Development Mailing List" group. To unsubscribe from this group and stop receiving emails from it, send an e= mail to bitcoindev+unsubscribe@googlegroups.com. To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/= e32b5d5c-1326-451c-b2eb-d7a92c50d9ban%40googlegroups.com. ------=_Part_72997_861809440.1743098085290 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Hi Chris,

I agree with separation.

Also I need more d= etails as some of them could be CIA proxy and introduce another bug. Any ch= ange in consensus code need more discussion.

/dev/fd0
flopp= y disk guy=C2=A0

On Thursday, March 27, 2025 at 5:49:30=E2=80=AFPM UTC+5:= 30 Chris Stewart wrote:
Hi Antoine,

First off, concept ACK. My concerns are procedural rather than objection= s to the individual security fixes themselves.

The "Great Consensus Cleanup" is a fantastic brand for communi= cating these protocol changes to non-technical users. However, since this i= s a technical forum and we are producing BIPs intended for technical audien= ces, I believe we should document these changes in separate BIPs.

The proposed security fixes are largely unrelated from a technical stand= point:

  1. Timewarp attack mitigation

  2. Worst-case block validation constraints

  3. Disallowing 64-byte transactions

  4. Avoiding duplicate transactions

We should absolutely retain the "Great Consensus Cleanup" bran= ding while independently documenting each security enhancement.

A common concern I=E2=80=99ve heard about splitting this BIP is that dep= loying soft forks is difficult, so all changes should be bundled together. = While soft fork deployment is indeed challenging, we've successfully ac= tivated multiple BIPs within a single soft fork in the past=E2=80=94e.g., B= IP141 and BIP143 in Segwit, as well as BIP341, BIP342, and BIP343 in Taproo= t. If the community reaches consensus, we can still deploy all these change= s together, even if they are documented separately.

This approach also provides flexibility: if one of the proposed changes = turns out to be controversial, we could remove it without holding up the re= st of the improvements. Additionally, once these fixes are deployed, there = will likely be significant research and documentation to incorporate, and m= aintaining independent BIPs will make it easier to manage that growth.

I do see merit in implementing all the security fixes in a single PR for= Bitcoin Core. More active contributors to the project may have stronger op= inions on the best approach there.

-Chris





<= div dir=3D"ltr">
On Wed, Mar 26, 2025 at 1:23=E2=80=AFPM 'Antoine Poinsot' via= Bitcoin Development Mailing List <bitco...@googlegroups.com> wrote:
<= /div>
Hi everyone,

About two months ago i shared an update on this list about my (and others&#= 39;, really) work on the
Consensus Cleanup [0]. I am now ready to share a BIP draft for a Consensus = Cleanup soft fork.

The BIP draft can be found here: https://github.com/darosior/bips/blob/consensus_cleanup/bip-cc.md

It includes the following fixes:
- a restriction on the timestamp of the first and last blocks of a difficul= ty adjustment period to
=C2=A0 address the Timewarp and Murch-Zawy attacks;
- a limit on the number of legacy signature operations that may be executed= in validating a single
=C2=A0 transaction to address long block validation times;
- making 64 bytes transactions invalid to address weaknesses in the block M= erkle tree construction;
- mandating coinbase transactions be timelocked to their block height to pr= event future transaction
=C2=A0 duplication without resorting to BIP30 validation.

This BIP draws on the 2019 Great Consensus Cleanup proposal from Matt Coral= lo [1]. A number of
people contributed ideas, testing, data or useful discussions. This include= s Ava Chow, Matt Corallo,
Mark Erhardt, Brian Groll, David A. Harding, Sjors Provoost, Anthony Towns,= Greg Sanders, Chris
Stewart, Eric Voskuil, @0xb10c and others.

Antoine Poinsot

[0] https://gnusha.org/pi/bitcoindev/jiyMlvTX8BnG71f75SqChQZxyhZDQ65kld= cugeIDJVJsvK4hadCO3GT46xFc7_cUlWdmOCG0B_WIz0HAO5ZugqYTuX5qxnNLRBn3MopuATI= =3D@protonmail.com
[1] https://github.com/TheBlueMatt/bi= ps/blob/7f9670b643b7c943a0cc6d2197d3eabe661050c2/bip-XXXX.mediawiki

--
You received this message because you are subscribed to the Google Groups &= quot;Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an e= mail to bitcoindev+...@googlegro= ups.com.
To view this discussion visit https://g= roups.google.com/d/msgid/bitcoindev/uDAujRxk4oWnEGYX9lBD3e0V7a4V4Pd-c4-2QVy= bSZNcfJj5a6IbO6fCM_xEQEpBvQeOT8eIi1r91iKFIveeLIxfNMzDys77HUcbl7Zne4g%3D%40p= rotonmail.com.

--
You received this message because you are subscribed to the Google Groups &= quot;Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an e= mail to bitcoind= ev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoind= ev/e32b5d5c-1326-451c-b2eb-d7a92c50d9ban%40googlegroups.com.
------=_Part_72997_861809440.1743098085290-- ------=_Part_72996_2065780849.1743098085290--