summaryrefslogtreecommitdiff
path: root/27/cf91bc8dcb4394b1937081e865edc11d5d725c
blob: 1e6f4cfe4276c4ea2d1c958421d84676b1e23580 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
Return-Path: <jtimon@jtimon.cc>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id 9C055720
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Wed, 29 Jul 2015 21:46:52 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-wi0-f171.google.com (mail-wi0-f171.google.com
	[209.85.212.171])
	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 05649228
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Wed, 29 Jul 2015 21:46:50 +0000 (UTC)
Received: by wicmv11 with SMTP id mv11so235348233wic.0
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Wed, 29 Jul 2015 14:46:49 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:mime-version:in-reply-to:references:date
	:message-id:subject:from:to:cc:content-type
	:content-transfer-encoding;
	bh=jcjuA9Dr5Ac+p/jUNYUc/exHNqySGOxOw6T6OejpWtQ=;
	b=jZrxYGAzfDav+X58sYZ/qyg2U0Zlpa3gYyv/4vfkz0bb3SwV8KCzgJL4UGFB1TmYta
	pyXMENH1jJRkrIBRFRG0oWvXbTZ07EikcCL9H+d4okP9QsfN2fpJEDvmXjr5DswR6kzA
	g74TXNCnNThiOyTVF98JfE2sMc2udj5GMMGw7EwsA1Tu9VAxnUapj/ZM576syT30+fem
	81Ic/vRJVe4OrTR+dLdO5O5Hwn6yQqbLknglCgXGakkow0DAbRnQuL+awIelsk/Os8zZ
	mqm9tO6shgoPaOT5yR62n4cMW+0Orrvp7OVb4YS7Cxnuqg70XZE/gq3ZUCfl8zlv7Vve
	9VrQ==
X-Gm-Message-State: ALoCoQncod0jzKoP1rkKt2KW9NB1/ub5EOqnMN8t2ozzaZarQuBscARq1+vU2Uu8ok1hCHbt09Cu
MIME-Version: 1.0
X-Received: by 10.194.187.170 with SMTP id ft10mr80418370wjc.26.1438206409615; 
	Wed, 29 Jul 2015 14:46:49 -0700 (PDT)
Received: by 10.194.95.168 with HTTP; Wed, 29 Jul 2015 14:46:49 -0700 (PDT)
In-Reply-To: <55B939CF.1080903@voskuil.org>
References: <CABm2gDrApVuxF8DFf32V=pQhDKvvVfcDK=LeCXJ9h9o8CY+wNQ@mail.gmail.com>
	<55B723EA.7010700@voskuil.org>
	<CABm2gDok2gH2R8=x3a8PmPiM56WFg3TKzCum_WS=uV9-T1Ss3g@mail.gmail.com>
	<55B939CF.1080903@voskuil.org>
Date: Wed, 29 Jul 2015 23:46:49 +0200
Message-ID: <CABm2gDq1wHP01Tncw3hu=SCWQHaAOMjWOVYQWdQsOZ+E7zp9Yw@mail.gmail.com>
From: =?UTF-8?B?Sm9yZ2UgVGltw7Nu?= <jtimon@jtimon.cc>
To: Eric Voskuil <eric@voskuil.org>
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW
	autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
Cc: Bitcoin Dev <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] Libconsensus separated repository (was Bitcoin
	Core and hard forks)
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Development Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Wed, 29 Jul 2015 21:46:52 -0000

On Wed, Jul 29, 2015 at 10:38 PM, Eric Voskuil <eric@voskuil.org> wrote:
> On 07/28/2015 02:58 AM, Jorge Tim=C3=B3n wrote:
> Oh, I misunderstood your ask then. I don't have a preference on
> prioritizing VerifyTx vs VerifyHeader.

Ok, let's assume we want to expose verifyHeader first (which I think
will be easier).

>> would this be an acceptable way to expose
>> VerifyHeader?
>
> I'm not sure how you mean to expose it, could you clarify?

In https://github.com/bitcoin/bitcoin/pull/5995 I had one (probably
stupid) proposal.
But it had so many preparations commits that I had to close it.
In the last commit
https://github.com/jtimon/bitcoin/commit/00b9b227afc8669a877984561329dde75d=
3d8942
you can see that I'm adding a new function in
script/bitcoinconsensus.cpp with the following declaration:

int bitcoinconsensus_verify_header(const unsigned char* blockHeader,
unsigned int blockHeaderLen,
 const Consensus::Params& params, int64_t nTime, CBlockIndexBase*
pindexPrev, PrevIndexGetter indexGetter,
 bitcoinconsensus_error* err)

The ugly parts that you may not like are the CBlockIndexBase struct
(or maybe it's not so unreasonable) and the function pointer
PrevIndexGetter.
To see their "ugliness" you can look at:

https://github.com/jtimon/bitcoin/commit/4528ec69617f1b6d6c8f0d73dc4091cded=
7c216c

The PrevIndexGetter function pointer that Bitcoin Core would use
internally would be:

const CBlockIndexBase* GetPrevIndex(const CBlockIndexBase* pindex)
{
    return ((CBlockIndex*)pindex)->pprev;
}

with an ugly casting. But, well, I guess that's only ugly for Bitcoin
Core, not necessarily for other libconsensus users, which can define
their own function pointer, provided that it's of the form:

typedef const CBlockIndexBase* (*PrevIndexGetter)(const CBlockIndexBase*);

The struct that I think needs more refinement (and I just used what I
considered easier to implement at the time) is the CBlockIndexBase
struct itself:

+struct CBlockIndexBase
+{
+ //! pointer to the hash of the block, if any. Memory is owned by
this CBlockIndexBase
+ const uint256* phashBlock;
+ //! block header
+ int32_t nVersion;
+ uint256 hashMerkleRoot;
+ uint32_t nTime;
+ uint32_t nBits;
+ uint32_t nNonce;
+ //! height of the entry in the chain. The genesis block has height 0
+ int nHeight;
+};

I don't like phashBlock being a pointer instead of just a ref or even an ob=
ject
Should that struct have a CBlockIndexBase* pprev; field (moving it
down from CBlockIndex)?
That's the kind of question where your feedback seems very important
from other-implementations developers (because you won't necessarily
take into account the difficulty of the refactors required in Bitcoin
Core to expose the right interface, and "libconsensus shouldn't care"
either, all we want is the best interface).

>> Which of he step-checks functions is worth exposing too (Bitcoin
>> Core is currently using some to prevent DoS attacks, for example)?
>
> I don't see any reason to expose checkpoints in this library. They are
> trivial to implement and are not part of consensus.

Agreed, and I would say all of the checkpoint check separation has
been done already.
What I mean by step functions is...look at verfyHeader internals, for examp=
le:

https://github.com/jtimon/bitcoin/commit/11ede96f59f611ede596a1335e896b1fef=
4fb5b2

It internally calls Consensus::CheckBlockHeader (quite cheap with no
context required) and Consensus::ContextualCheckBlockHeader (not so
cheap).
Bitcoin Core never calls (yet) the full verifyHeader at once. It does
the cheap tests first and the expensive later. For example,

call CheckBlockHeader, then CheckBlock (also cheap), then
ContextualCheckBlockHeader and then ContextualCheckBlock.

The question is, will other implementations want access to these
not-full-but-cheap tests?
In other words, apart from exposing VerifyHeader that fully validates
all consensus rules for a header, do we also want to expose
CheckBlockHeader and ContextualCheckBlockHeader to give more
flexibility to libconsensus' users?

I think, yes, other implementations will want this for the same DoS
reasons that Bitcoin Core currently wants them. But it would be nice
to know what a second person thinks about this.

> Nothing can eliminate all consensus risk, not even a common full node
> implementation.

In fact, one thing does: never changing the code again (but the cure
would be worse than the illness).
Agreed, any software changes in the consensus code can cause consensus
forks (and that's why you don't want to touch libconsensus that much
once it's separated).


>>> Useful specifications often have two reference implementations. It's th=
e
>>> idea that there can be only one legitimate implementation that's
>>> problematic.
>>
>> Well, this is where I fear we will never agree. I think "Bitcoin is
>> different" in this reward and you disagree.
>> Maybe Pieter's explanation is more convincing to you:
>> https://youtu.be/PxW5D9xCIsc?t=3D769
>> Otherwise, I think I'll stop trying convincing you.
>
> Maybe I wasn't sufficiently explicit. It is problematic. That is the
> core issue we are dealing with. That doesn't mean I disagree with the
> objectives of an independent community consensus library.
>
> The premise of the "one true library" idea is that there is *no way* to
> sufficiently test for consensus bugs in any software release. That of
> course means that each release of the satoshi client poses a significant
> risk to the network. This risk is presently greater than that posed by
> other implementations simply because of adoption. That is the basis of
> the red herring argument:

Well, the "one true library" will be much better than the current "one
true full node".
The "one true library" would be the specification of the consensus
rules, but that doesn't mean you can't fork and modify it however you
want.

> The bottom line is that nobody has control over this process. There are,
> and will always be, a multitude of consensus implementations that intend
> to target the same coin. Presently there are multiple versions of the
> satoshi client, and this has produced forks, and will continue to do so.

I get this point, even if the current satoshi client contains the
consensus rules specification (and many other things, obviously), that
doesn't mean is somehow protected from forking with itself if the
consensus code is changed in the wrong way accidentally. But the more
separated libconsensus and Bitcoin Core (satoshi client) are, the less
likely that changes in Bitcoin Core that weren't supposed to change
consensus rules actually do it by accident (like last time with the
migration out of bdb).

> Isolating the satoshi consensus checks to an independent library serves
> not to eliminate that risk, but can reduce it somewhat. Importantly it
> will allow various implementations to overcome a perception problem,
> which will improve implementation diversity and developer participation.

I think alternative implementations using a full libconsensus can
increase their adoption a lot, since they become just as vulnerable to
consensus forks as Bitcoin Core (instead of more vulnerable like now).

>>>> I believe that's the only point where we fundamentally disagree, but
>>>> it shouldn't be a barrier in our common goal of taking "power" away
>>>> from Bitcoin Core development. If we're successful Bitcoin Core won't
>>>> have any privileged position with regards to, say, libbitcoin when it
>>>> comes to deciding consensus rules changes.
>>>
>>> I don't think we disagree on anything fundamental. My issues with the
>>> library were (1) the lack of isolation, (2) the fact that the satoshi
>>> client wouldn't actually use the library, and (3) backtracking to use
>>> OpenSSL, which we had recently removed from libbitcoin.
>>
>> 1) Working on it
>
> For the sake of clarity, this is now a non-issue for us.

You mean libbitcoin's code is better organized than Bitcoin Core's?
I don't doubt it. Maybe we can create a full-libbitcoin-libconsensus
first and work on the API there.

>> 2) The Satoshi client has been using all along and it will use it
>> forever (maybe not through the API, but I don't get what the problem
>> with that is).
>
> Again, I consider this a requirement for us to link directly to it as a
> library. If the sources are isolated into an independent repo, but the
> satoshi client is embedding its own copies, one must continue to diff
> the client sources against the library sources. We are doing this
> already, so the benefit to having the independent repo is in no longer
> having to do this.

Oh, I see, you don't like that libsecp256k1 is currently a subtree of
Bitcoin Core either for the same reasons, right?
To not need to know when the changes in libconsensus are applied in
Bitcoin Core.
Mhmm, once libconsensus is complete, why would you care about it?
You just care about the libconsensus version (which doesn't have to
coincide with Bitcoin Core versions anymore).

> There are also differences in the build system that can affect outcome.
> Comparing those differences across repos can be more challenging. For
> this reason I consider it important to your objective that the satoshi
> client actually use the library - as I assume it will at some point.

For the sake of clarity, please say "use the library's API". It's
going to use the library one way or another.

> If the satoshi client folks are to maintain a consensus library for the
> community it's also important to show a commitment to its independence.
> Dogfooding is of course a software engineering best practice. But there
> is also the cynical perspective - the independent library in some ways
> works against an advantage of the satoshi client.
>
> I personally don't think the committers are parochial enough to let this
> become an issue. We are all after something bigger. But if there was
> push-back against using the library it would be a red flag. So until
> that point passes I would just maintain our independent library, cloning
> the sources from the satoshi client.

To be clear, I don't oppose to "dogfooding", it's just clear to me
that it will take even longer.
So what I don't understand is "once libbitcoin is complete and ready
for us to use, we will keep using our reimplementation of consensus
until Bitcoin Core uses the API as well. If Bitcoin core doesn't use
the API, we prefer not to use the library at all and keep having the
same consensus risk. We will do what we think it's worse for us until
Bitcoin Core uses the library through the API".

>> 3) There will be an announce about this soon.
>
> Yes, I've seen this as a temporary setback.

And we will hopefully migrate the current libconsensus from openSSL to
libsecp256k1 soon. So we will be able to enjoy libsecp256k1's
performance improvements without risking consensus. One problem less.

>>> Always willing to work with you on it, although we're all busy, and thi=
s
>>> isn't my top priority presently.
>>
>> Is it because "fear of consensus bugs is what keeps people on the
>> satoshi client" and you want to keep things this way?
>
> No, I see it as less significant to the adoption of libbitcoin-server
> than other issues we are working on, especially given the existence of
> libbitcoin-consensus. I also trust you will make progress regardless.

This was just a joke because you said something similar earlier.
Don't take it seriously.