Return-Path: Received: from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by lists.linuxfoundation.org (Postfix) with ESMTP id 735C9C002D for ; Fri, 22 Apr 2022 18:49:54 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id 4D6AF82CFA for ; Fri, 22 Apr 2022 18:49:54 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -0.848 X-Spam-Level: X-Spam-Status: No, score=-0.848 tagged_above=-999 required=5 tests=[BAYES_00=-1.9, BITCOIN_OBFU_SUBJ=1, DKIM_SIGNED=0.1, DKIM_VALID=-0.1, DKIM_VALID_AU=-0.1, DKIM_VALID_EF=-0.1, FREEMAIL_ENVFROM_END_DIGIT=0.25, FREEMAIL_FROM=0.001, HTML_MESSAGE=0.001, RCVD_IN_DNSWL_NONE=-0.0001, SPF_HELO_NONE=0.001, SPF_PASS=-0.001] autolearn=no autolearn_force=no Authentication-Results: smtp1.osuosl.org (amavisd-new); dkim=pass (2048-bit key) header.d=gmail.com Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id xZNtnJm28j4z for ; Fri, 22 Apr 2022 18:49:53 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.8.0 Received: from mail-yw1-x1129.google.com (mail-yw1-x1129.google.com [IPv6:2607:f8b0:4864:20::1129]) by smtp1.osuosl.org (Postfix) with ESMTPS id EE5CE8295A for ; Fri, 22 Apr 2022 18:49:52 +0000 (UTC) Received: by mail-yw1-x1129.google.com with SMTP id 00721157ae682-2f7c57ee6feso110897b3.2 for ; Fri, 22 Apr 2022 11:49:52 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20210112; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=Kjo9N+/T0FZhPXX7O2mVSIcpwDim6bxKdXW3gtVX1YY=; b=cSm+JjxCWS7BM2tAZBAAVFPljG4VXH+pmzmAQQ5n+PTPEjs4iHNwHmuUSJA4050Smx /DdLUSYrKGXSMRSEqsMZy8YCKrirk8KlAEa67h5m+dU/FgtrttNzelAlSF/FWpiJrX/g tqk5URAXc5vSmxvfRwy6voxXqCbE03jC3T6DEBbshdlsCm0tECaBf9/fJ7T2JtkTyusX ipo2DY8hRO9IYF/B3fC6RxrD9ryVltjae61mtJPx3/DijgpfoTlnWLy/MjLTVFJTL2dm BtAiGlhc+TCo471d/0TsKeReTHZEcaJsZ3p4qeF8PG7rSmMTGGBOXCpAKWFB9xWXnviO JByQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20210112; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=Kjo9N+/T0FZhPXX7O2mVSIcpwDim6bxKdXW3gtVX1YY=; b=F0SK6M3fMyH5NN5lGqBBZYZUTWSdsO8XNbUxob0OHg19OkR7S3hZ+G2iisTmaXxoSc KAUmQA1lYbPqKFLVbid42wSCg1B7XrEVPR9bqSQDE5Loq0J/2/umXsw4g3Hq7VSFkzuj AZoZOpcRKZq4tEhyj3h7mUSrforRfYEI0+anj61IG2Y3E7XvIBbbmQ7JhBTGnMSgbfxs WhU1I0gUcc8vt83SWFBYAeEmqL0b9SUs69F2+mC3OK+J49vxYLDTL9lQDfDZIyC1LvmJ zN0ThTK7UIObZHrZzoWlcnv0d5ArCqoaj256K7M3HMoq4BKk6keQkijLY/i420XqFAwp tFWg== X-Gm-Message-State: AOAM533n3qIIxGgvA8eq2dzsicBgDxqsl1whp1k1RoABMzA8AT7ulbBx SIBpQrutPIRPUWf/ghZ/rQKbU5umTP38lPnbuh7NjK17 X-Google-Smtp-Source: ABdhPJyongraF4uyDxhg0LZMMPpepwq/el3qSM48t19CghIWYjZDxzwU5kZWrYmEBaezaW42D/z473xpmRBaeMbUozE= X-Received: by 2002:a81:9c48:0:b0:2ed:7f5b:84fa with SMTP id n8-20020a819c48000000b002ed7f5b84famr6087146ywa.511.1650653391834; Fri, 22 Apr 2022 11:49:51 -0700 (PDT) MIME-Version: 1.0 References: <64a34b4d46461da322be51b53ec2eb01@dtrt.org> <4b252ef6f86bbd494a67683f6113f3fe@dtrt.org> <4056eca7e1ff018bff03918b8c266d76@dtrt.org> <01d4a034-eb80-a598-1858-6b0ed8295a13@mattcorallo.com> <64ebb176-0243-ac56-3172-b2f4f9b4359f@mattcorallo.com> In-Reply-To: <64ebb176-0243-ac56-3172-b2f4f9b4359f@mattcorallo.com> From: Corey Haddad Date: Fri, 22 Apr 2022 14:49:41 -0400 Message-ID: To: Matt Corallo , Bitcoin Protocol Discussion Content-Type: multipart/alternative; boundary="00000000000011510505dd42b14e" Subject: Re: [bitcoin-dev] Automatically reverting ("transitory") soft forks, e.g. for CTV X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 22 Apr 2022 18:49:54 -0000 --00000000000011510505dd42b14e Content-Type: text/plain; charset="UTF-8" If none of the alternative proposals have been developed as much as CTV, it seems reasonable to interpret that as a lack of interest in those alternative proposals themselves. That should not be interpreted as lack of interest in covenants. Perhaps if CTV didn't exist, we would have seen more progress on the alternatives. It's entirely reasonable to assume that people who are interested in covenants have put their energy and attention primarily behind CTV, and that is why it is the furthest along. It shouldn't be a requisite to improving Bitcoin that we have multiple, competing proposals for a similar use case that have all been debated, implemented and tested before we will be okay with integrating one of them. That may be the ideal, but it shouldn't be a requirement. If we can find consensus of moving forward with one of the proposals, and there are concrete commitments to develop the alternatives over the next few months, I would suggest that would be something worth waiting for. In the absence of such consensus and commitments, the ask here is that CTV be set aside in favor of an unlikely hypothetical. Corey On Fri, Apr 22, 2022 at 2:40 PM Matt Corallo via bitcoin-dev < bitcoin-dev@lists.linuxfoundation.org> wrote: > > > On 4/21/22 6:20 PM, David A. Harding wrote: > > [Rearranging Matt's text in my reply so my nitpicks come last.] > > > > On 21.04.2022 13:02, Matt Corallo wrote: > >> I agree, there is no universal best, probably. But is there a concrete > >> listing of a number of use-cases and the different weights of things, > >> plus flexibility especially around forward-looking designs? > > > > I'm sure we could make a nice list of covenant usecases, but I don't > know how we would assign > > reasonable objective weights to the different things purely through > group foresight. I know I'm > > skeptical about congestion control and enthusiastic about > joinpools---but I've talked to developers > > I respect who've had the opposite opinions from me about those things. > The best way I know of to > > reconcile our differing opinions is to see what real Bitcoin users > actually pay for. But to do > > that, I think they must have a way to use covenants in something like > the production environment. > > To get good data for this kind of question you'd need much longer than > five years, sadly. As we've > seen over and over again in Bitcoin deploying very nontrivial things takes > at least five years, > often more. While vaults may be deployed relatively more quickly, the fact > that we haven't seen > (AFAIK) *anyone* deploy some of the key-deletion-based vault designs that > have been floating around > for some time is indication that even that probably wouldn't be deployed > quickly. > > >> You're also writing off [...] a community of > >> independent contributors who care about Bitcoin working together to > >> make decisions on what is or isn't the "right way to go" [...]. Why are > you > >> suggesting its something that you "don't know how to do"? > > > > You said we should use the best design. I said the different designs > optimize for different things, > > so it's unlikely that there's an objective best. That implies to me > that we either need to choose a > > winner (yuck) or we need to implement more than one of the designs. In > either of those cases, > > choosing what to implement would benefit from data about how much the > thing will be used and how > > much users will pay for it in fees. > > I agree, there is no objective "best" design. But we can sill explore > design tradeoffs and utility > for different classes of covenants. I've seen relatively little of this so > far, and from what I have > seen its not been clear that CTV is really a good option, sadly. > > > >> Again, you're writing off the real and nontrivial risk of doing a fork > >> to begin with. > > > > I agree this risk exists and it isn't my intention to write it off---my > OP did say "we [must be] > > absolutely convinced CTV will have no negative effects on the holders or > receivers of non-CTV > > coins." I haven't been focusing on this in my replies because I think > the other issues we've been > > discussing are more significant. If we were to get everyone to agree to > do a transitory soft fork, > > I think the safety concerns related to a CTV soft fork could be > mitigated the same way we've > > mitigated them for previous soft forks: heaps of code review/testing and > making sure a large part of > > the active community supports the change. > > I'm not sure I made my point here clear - the nontrivial and real risk I > was referring to was not > avoidable with "moar code review" or "careful analysis to make sure the > proposed fork doesn't cause > damage". I mean issues that keep cropping up in many changes like "people > start threatening to run a > fork-causing client" or "some miners aren't validating blocks and end up > creating a fork" or "some > people forget to upgrade and follow such a fork" or..... there's lots and > lots of risks to a doing a > fork that come from the process and nature of forks, that have nothing to > do with the actual details > of the fork itself. > > Matt > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > --00000000000011510505dd42b14e Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable

If none of the alternative proposals have been de= veloped as much as CTV, it seems reasonable=C2=A0to interpret that as a lac= k of interest in those alternative proposals themselves.
That sho= uld not be interpreted as lack of interest in covenants. Perhaps if CTV did= n't exist, we would have seen more progress on the alternatives. It'= ;s entirely reasonable to assume that people who are interested=C2=A0in cov= enants have put their energy and attention primarily behind CTV, and that i= s why it is the furthest along. It shouldn't be a requisite=C2=A0to imp= roving Bitcoin that we have multiple, competing=C2=A0proposals for a simila= r=C2=A0use case that have all been debated, implemented and tested before w= e will be okay with integrating one of them. That may be the ideal, but it = shouldn't be a requirement.

If we can find con= sensus of moving forward with one of the proposals, and there are concrete = commitments to develop the alternatives over the next few months, I would s= uggest that would=C2=A0be something worth=C2=A0waiting for. In the absence = of such consensus and commitments, the ask=C2=A0here is that CTV be set asi= de in favor of an unlikely hypothetical.

Corey

On Fri, Apr 22, 2022 at 2:40 PM Matt Corallo via bitcoin-dev <bitcoin-dev@lists.linuxfo= undation.org> wrote:


On 4/21/22 6:20 PM, David A. Harding wrote:
> [Rearranging Matt's text in my reply so my nitpicks come last.] >
> On 21.04.2022 13:02, Matt Corallo wrote:
>> I agree, there is no universal best, probably. But is there a conc= rete
>> listing of a number of use-cases and the different weights of thin= gs,
>> plus flexibility especially around forward-looking designs?
>
> I'm sure we could make a nice list of covenant usecases, but I don= 't know how we would assign
> reasonable objective weights to the different things purely through gr= oup foresight.=C2=A0 I know I'm
> skeptical about congestion control and enthusiastic about joinpools---= but I've talked to developers
> I respect who've had the opposite opinions from me about those thi= ngs.=C2=A0 The best way I know of to
> reconcile our differing opinions is to see what real Bitcoin users act= ually pay for.=C2=A0 But to do
> that, I think they must have a way to use covenants in something like = the production environment.

To get good data for this kind of question you'd need much longer than = five years, sadly. As we've
seen over and over again in Bitcoin deploying very nontrivial things takes = at least five years,
often more. While vaults may be deployed relatively more quickly, the fact = that we haven't seen
(AFAIK) *anyone* deploy some of the key-deletion-based vault designs that h= ave been floating around
for some time is indication that even that probably wouldn't be deploye= d quickly.

>> You're also writing off [...] a community of
>> independent contributors who care about Bitcoin working together t= o
>> make decisions on what is or isn't the "right way to go&q= uot; [...]. Why are you
>> suggesting its something that you "don't know how to do&q= uot;?
>
> You said we should use the best design.=C2=A0 I said the different des= igns optimize for different things,
> so it's unlikely that there's an objective best.=C2=A0 That im= plies to me that we either need to choose a
> winner (yuck) or we need to implement more than one of the designs.=C2= =A0 In either of those cases,
> choosing what to implement would benefit from data about how much the = thing will be used and how
> much users will pay for it in fees.

I agree, there is no objective "best" design. But we can sill exp= lore design tradeoffs and utility
for different classes of covenants. I've seen relatively little of this= so far, and from what I have
seen its not been clear that CTV is really a good option, sadly.


>> Again, you're writing off the real and nontrivial risk of doin= g a fork
>> to begin with.
>
> I agree this risk exists and it isn't my intention to write it off= ---my OP did say "we [must be]
> absolutely convinced CTV will have no negative effects on the holders = or receivers of non-CTV
> coins."=C2=A0 I haven't been focusing on this in my replies b= ecause I think the other issues we've been
> discussing are more significant.=C2=A0 If we were to get everyone to a= gree to do a transitory soft fork,
> I think the safety concerns related to a CTV soft fork could be mitiga= ted the same way we've
> mitigated them for previous soft forks: heaps of code review/testing a= nd making sure a large part of
> the active community supports the change.

I'm not sure I made my point here clear - the nontrivial and real risk = I was referring to was not
avoidable with "moar code review" or "careful analysis to ma= ke sure the proposed fork doesn't cause
damage". I mean issues that keep cropping up in many changes like &quo= t;people start threatening to run a
fork-causing client" or "some miners aren't validating blocks= and end up creating a fork" or "some
people forget to upgrade and follow such a fork" or..... there's l= ots and lots of risks to a doing a
fork that come from the process and nature of forks, that have nothing to d= o with the actual details
of the fork itself.

Matt
_______________________________________________
bitcoin-dev mailing list
= bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org/mail= man/listinfo/bitcoin-dev
--00000000000011510505dd42b14e--