Return-Path: Received: from smtp1.osuosl.org (smtp1.osuosl.org [IPv6:2605:bc80:3010::138]) by lists.linuxfoundation.org (Postfix) with ESMTP id 5CDB0C000D for ; Wed, 8 Sep 2021 07:59:14 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id 46D6180F55 for ; Wed, 8 Sep 2021 07:59:14 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org X-Spam-Flag: NO X-Spam-Score: -0.099 X-Spam-Level: X-Spam-Status: No, score=-0.099 tagged_above=-999 required=5 tests=[BAYES_05=-0.5, KHOP_HELO_FCRDNS=0.398, SPF_HELO_NONE=0.001, SPF_NONE=0.001, UNPARSEABLE_RELAY=0.001] autolearn=no autolearn_force=no Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 7MBIpYUgcAVR for ; Wed, 8 Sep 2021 07:59:13 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.8.0 Received: from azure.erisian.com.au (cerulean.erisian.com.au [139.162.42.226]) by smtp1.osuosl.org (Postfix) with ESMTPS id 390A180F51 for ; Wed, 8 Sep 2021 07:59:13 +0000 (UTC) Received: from aj@azure.erisian.com.au (helo=sapphire.erisian.com.au) by azure.erisian.com.au with esmtpsa (Exim 4.92 #3 (Debian)) id 1mNsU7-0001lj-S0; Wed, 08 Sep 2021 17:59:10 +1000 Received: by sapphire.erisian.com.au (sSMTP sendmail emulation); Wed, 08 Sep 2021 17:59:04 +1000 Date: Wed, 8 Sep 2021 17:59:04 +1000 From: Anthony Towns To: 0xB10C <0xb10c@gmail.com>, Bitcoin Protocol Discussion Message-ID: <20210908075903.GA21644@erisian.com.au> References: <83272afb-ed87-15b6-e02c-16bb1102beb4@gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <83272afb-ed87-15b6-e02c-16bb1102beb4@gmail.com> User-Agent: Mutt/1.10.1 (2018-07-13) X-Spam-Score-int: -18 X-Spam-Bar: - Subject: Re: [bitcoin-dev] Reorgs on SigNet - Looking for feedback on approach and parameters X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 08 Sep 2021 07:59:14 -0000 On Tue, Sep 07, 2021 at 06:07:47PM +0200, 0xB10C via bitcoin-dev wrote: > The reorg-interval X very much depends on the user's needs. One could > argue that there should be, for example, three reorgs per day, each 48 > blocks apart. Oh, wow, I think the last suggestion was every 100 blocks (every ~16h40m). Once every ~8h sounds very convenient. > Such a short reorg interval allows developers in all time > zones to be awake during one or two reorgs per day. And also for there to reliably be reorgs when they're not awake, which might be a useful thing to be able to handle, too :) > Developers don't > need to wait for, for example, a week until they can test their reorgs > next. However, too frequent reorgs could hinder other SigNet users. Being able to run `bitcoind -signet -signetacceptreorg=0` and never seeing any reorgs should presumably make this not a problem? For people who do see reorgs, having an average of 2 or 3 additional blocks every 48 blocks is perhaps a 6% increase in storage/traffic. > # Scenario 1: Race between two chains > > For this scenario, at least two nodes and miner scripts need to be > running. An always-miner A continuously produces blocks and rejects > blocks with the to-be-reorged version bit flag set. And a race-miner R > that only mines D blocks at the start of each interval and then waits X > blocks. A and R both have the same hash rate. Assuming both are well > connected to the network, it's random which miner will first mine and > propagate a block. In the end, the A miner chain will always win the race. I think this description is missing that all the blocks R mines have the to-be-reorged flag set. > 3. How deep should the reorgs be on average? Do you want to test > deeper reorgs (10+ blocks) too? Super interested in input on this -- perhaps we should get optech to send a survey out to their members, or so? My feeling is: - 1 block reorgs: these are a regular feature on mainnet, everyone should cope with them; having them happen multiple times a day to make testing easier should be great - 2-3 block reorgs: good for testing the "your tx didn't get enough confirms to be credited to your account" case, even though it barely ever happens on mainnet - 4-6 block reorgs: likely to violate business assumptions, but completely technically plausible, especially if there's an attack against the network - 7-100 block reorgs: for this to happen on mainnet, it would probably mean there was a bug and pools/miners agree the chain has to be immediately reverted -- eg, someone discovers and exploits an inflation bug, minting themselves free bitcoins and breaking the 21M limit (eg, the 51 block reorg in Aug 2010); or someone discovers a bug that splits the chain, and the less compatible chain is reverted (eg, the 24 block reorg due to the bdb lock limit in Mar 2013); or something similar. Obviously the bug would have to have been discovered pretty quickly after it was exploited for the reorg to be under a day's worth of blocks. - 100-2000+ block reorgs: severe bug that wasn't found quickly, or where getting >50% of miners organised took more than a few hours. This will start breaking protocol assumptions, like pool payouts, lightning's relative locktimes, or liquid's peg-in confirmation requirements, and result in hundres of MBs of changes to the utxo set Maybe it would be good to do reorgs of 15, 150 or 1500 blocks as a special fire-drill event, perhaps once a month/quarter/year or so, in some pre-announced window? I think sticking to 1-6 block reorgs initially is a fine way to start though. > After enough testing, the default SigNet can start to do periodical > reorgs, too. FWIW, the only thing that concerns me about doing this on the default signet is making sure that nodes that set -signetacceptreorg=0 don't end up partitioning the p2p network due to either rejecting a higher work chain or rejecting txs due to double-spends across the two chains. A quick draft of code for -signetacceptreorg=0 is available at https://github.com/ajtowns/bitcoin/commits/202108-signetreorg Cheers, aj