Pages:
Author

Topic: BIP 16 switchover date pushed to April 1 (Read 6788 times)

donator
Activity: 532
Merit: 501
We have cookies
March 13, 2012, 04:55:01 PM
#31
I can vote for it or not vote at all.

Your original post states your annoyance at the 591, which I'm part of, that are not voting for or against.  Since I'm not a programmer and you programmers have not built in the option for me to choose, I cannot vote against.  And since the current client also is voting for P2SH with NO NOTIFICATION to the end user you have force people to vote for it that have no idea they are.
1. This is NOT a voting.
2. Not putting /P2SH/ in your coinsbase is the same as "voting against".

I've heard you say that many times.  But how does D&T come up with this statement?

Quote
377 Support vs 32 Oppose  (and 591 who can't be bothered to include a couple bits in the coinbase to indicate an opinion one way or the other).

Did he just make up the 32 that oppose?
Sam
Those 32 blocks were generated by Eligius, but they won't be accounted for.
He is just saying "I'm against it", without any consequences for the "voting" because only "Support" blocks are counted.
legendary
Activity: 3583
Merit: 1094
Think for yourself
I can vote for it or not vote at all.

Your original post states your annoyance at the 591, which I'm part of, that are not voting for or against.  Since I'm not a programmer and you programmers have not built in the option for me to choose, I cannot vote against.  And since the current client also is voting for P2SH with NO NOTIFICATION to the end user you have force people to vote for it that have no idea they are.
1. This is NOT a voting.
2. Not putting /P2SH/ in your coinsbase is the same as "voting against".

I've heard you say that many times.  But how does D&T come up with this statement?

"377 Support vs 32 Oppose  (and 591 who can't be bothered to include a couple bits in the coinbase to indicate an opinion one way or the other)."

Did he just make up the 32 that oppose?
Sam
donator
Activity: 532
Merit: 501
We have cookies
I can vote for it or not vote at all.

Your original post states your annoyance at the 591, which I'm part of, that are not voting for or against.  Since I'm not a programmer and you programmers have not built in the option for me to choose, I cannot vote against.  And since the current client also is voting for P2SH with NO NOTIFICATION to the end user you have force people to vote for it that have no idea they are.
1. This is NOT a voting.
2. Not putting /P2SH/ in your coinsbase is the same as "voting against".
legendary
Activity: 3583
Merit: 1094
Think for yourself
377 Support vs 32 Oppose  (and 591 who can't be bothered to include a couple bits in the coinbase to indicate an opinion one way or the other).
And how, exactly, does one bother themselves "to include a couple bits in the coinbase"?  I have seen no options in any of my Bitcoin Clients to "vote" one way or another on any BIP!
Sam

Edit: sarcasm removed, for now Smiley
It's NOT a voting and just adding a couple of bytes will make things worse.
Those who include /P2SH/ in their coinbase aren't  just saying that they like BIP16, it means that their software is ready to support it.

That's all well and good and informative.

But my point is that this "voting" can only be done by developers/programmers and not by ordinary mortals like myself since it requires a code change and recompilation.

So that gives developers free reign to do whatever they want, no matter what anyone else may think.
Sam

Really you are that helpless?  You can use choose to either use a p2sh capable bitcoind OR NOT.  You can choose to mine at a p2sh capable pool OR NOT.  Hence you can "vote" by your actions.


I can vote for it or not vote at all.

Your original post states your annoyance at the 591, which I'm part of, that are not voting for or against.  Since I'm not a programmer and you programmers have not built in the option for me to choose, I cannot vote against.  And since the current client also is voting for P2SH with NO NOTIFICATION to the end user you have force people to vote for it that have no idea they are.
Sam
donator
Activity: 1218
Merit: 1079
Gerald Davis
377 Support vs 32 Oppose  (and 591 who can't be bothered to include a couple bits in the coinbase to indicate an opinion one way or the other).
And how, exactly, does one bother themselves "to include a couple bits in the coinbase"?  I have seen no options in any of my Bitcoin Clients to "vote" one way or another on any BIP!
Sam

Edit: sarcasm removed, for now Smiley
It's NOT a voting and just adding a couple of bytes will make things worse.
Those who include /P2SH/ in their coinbase aren't  just saying that they like BIP16, it means that their software is ready to support it.

That's all well and good and informative.

But my point is that this "voting" can only be done by developers/programmers and not by ordinary mortals like myself since it requires a code change and recompilation.

So that gives developers free reign to do whatever they want, no matter what anyone else may think.
Sam

Really you are that helpless?  You can use choose to either use a p2sh capable bitcoind OR NOT.  You can choose to mine at a p2sh capable pool OR NOT.  Hence you can "vote" by your actions.
legendary
Activity: 3583
Merit: 1094
Think for yourself
377 Support vs 32 Oppose  (and 591 who can't be bothered to include a couple bits in the coinbase to indicate an opinion one way or the other).
And how, exactly, does one bother themselves "to include a couple bits in the coinbase"?  I have seen no options in any of my Bitcoin Clients to "vote" one way or another on any BIP!
Sam

Edit: sarcasm removed, for now Smiley
It's NOT a voting and just adding a couple of bytes will make things worse.
Those who include /P2SH/ in their coinbase aren't  just saying that they like BIP16, it means that their software is ready to support it.

That's all well and good and informative.

But my point is that this "voting" can only be done by developers/programmers and not by ordinary mortals like myself since it requires a code change and recompilation.

So that gives developers free reign to do whatever they want, no matter what anyone else may think.
Sam
donator
Activity: 532
Merit: 501
We have cookies
377 Support vs 32 Oppose  (and 591 who can't be bothered to include a couple bits in the coinbase to indicate an opinion one way or the other).
And how, exactly, does one bother themselves "to include a couple bits in the coinbase"?  I have seen no options in any of my Bitcoin Clients to "vote" one way or another on any BIP!
Sam

Edit: sarcasm removed, for now :)
It's NOT a voting and just adding a couple of bytes will make things worse.
Those who include /P2SH/ in their coinbase aren't  just saying that they like BIP16, it means that their software is ready to support it.
donator
Activity: 1218
Merit: 1079
Gerald Davis
I have just checked out http://blockchain.info/p2sh and I have verified Deepbit has started voting for P2SH.

Great!  I just hope everything goes smoothly and multisig is a success!

An update:  It looks like Deepbit isn't supporting p2sh yet.  The "mystery miner" from Spain has modified his bitcoind to only send blocks to other major pools in an attempt to hide where they are coming from.  Since bitcoind uses the first IP it sees a block from to determine the owner it is thinking some of the mystery miner's blocks are from Deepbit.

WRONG.  Er wait I am talking to myself.  Looks like Tycho has turned on p2sh support in some blocks to test it out so likely those blocks are really Deepbit's blocks.
legendary
Activity: 3583
Merit: 1094
Think for yourself
377 Support vs 32 Oppose  (and 591 who can't be bothered to include a couple bits in the coinbase to indicate an opinion one way or the other).

And how, exactly, does one bother themselves "to include a couple bits in the coinbase"?  I have seen no options in any of my Bitcoin Clients to "vote" one way or another on any BIP!
Sam

Edit: sarcasm removed, for now Smiley
donator
Activity: 1218
Merit: 1079
Gerald Davis
377 Support vs 32 Oppose  (and 591 who can't be bothered to include a couple bits in the coinbase to indicate an opinion one way or the other).
legendary
Activity: 1623
Merit: 1608
I have just checked out http://blockchain.info/p2sh and I have verified Deepbit has started voting for P2SH.

Great!  I just hope everything goes smoothly and multisig is a success!
sr. member
Activity: 407
Merit: 250
Response from forrestv at: https://bitcointalksearch.org/topic/1500-th-p2pool-decentralized-dos-resistant-hop-proof-pool-18313

Since P2Pool is Peer to Peer, if say half the miners have updated clients, and half are using older clients. I assume that the client who ultimately finds the block is the one that submits it to the network and handles validation of transactions? If so, 50% of the time would we be vulnerable to this flaw with BIP16?

In other words, do we require 100% of P2Pool users to upgrade their bitcoin clients to be BIP16 compliant to totally avoid this issue?

And if the answer to the above is yes, that's a huge vulnerability for P2Pool (because someone could maliciously join the pool and mine using an old client, to invalidate a percentage of blocks mined by the miners on P2Pool).

All P2Pool users will definitely need to upgrade bitcoind before April 1st because of this issue. The question is of how to prevent people from not upgrading, which can be done by changing the rules of the P2Pool protocol.

This could be as simple as a new version of P2Pool that checks bitcoind's version and refuses to work with older versions, combined with a protocol change on April 1st that requires miners to use the new client. Of course, this is vulnerable to people patching out the version check, but P2Pool (along with all other pools) is already vulnerable to malicious block invalidating attacks, so that's not a problem.


legendary
Activity: 3583
Merit: 1094
Think for yourself
Executive summary:  if you are a p2pool or solo miner you should upgrade before the switchover date (April 1, if all goes well)  or there is a good chance you'll produce nothing but orphan blocks.  I welcome suggestions on how to effectively get that message out to the community.

Quick clarification on this, Solo miners need only upgrade the bitcoin client they are mining through in order to ensure generated blocks are "clean".

But, with P2Pool, because it's peer to peer. Would not EVERY P2Pool miner need to upgrade their clients or else the entire pool could be affected? (example being I'm mining against P2Pool, I'm using an updated client, but joebob is also mining on P2Pool with an old client. If his client happens to be the one that finds the block, even though I've contributed shares towards said block, and he includes the invalid tx, the whole block, and all contributing miners to that block get screwed correct?)

If this is the case, that's a pretty big problem for P2Pool miners. Because there is no way for us to know if the rest of the pool is updated. (and it essentially opens up P2Pool to a DOS attack vector. Anyone looking to take down P2Pool can join up with bogus clients and mine to start injecting bad blocks into the mining results for the whole pool... Sure it would only be proportional to the mining power brought to the table by the "attacker" relative to the rest of P2Pool, but it's still an attack vector).

Also what classifies as "upgraded". (ie: I'm running the latest official client from bitcoin.org, but not a dev branch. Do I need a dev branch? if so which version specifically)

Thanks!

Well, I'm assuming the non-upgraded miner's shares would not be valid to the rest of P2Pool if they are not valid as a block, so they would effectively be harming only themselves. Valid shares will be paid for and potentially be a block on the Bitcoin network. Non-valid shares will not be paid for and will not be a block on the Bitcoin network. So, legitimate P2Pool miners will not be affected in the slightest.

But don't take my word for it, find someone with actual technical knowledge on the subject. I'm sure someone will see this thread eventually, but if you want a quick answer, ask it in the P2Pool thread.

If you do as Doc suggests please post the answer back here too.
Thanks,
Sam
hero member
Activity: 938
Merit: 1002
Also what classifies as "upgraded". (ie: I'm running the latest official client from bitcoin.org, but not a dev branch. Do I need a dev branch? if so which version specifically)

The main development branch (0.6.0-beta) supports the -bip16 parameter and as far as I could detect has the necessary code.
sr. member
Activity: 407
Merit: 250
Executive summary:  if you are a p2pool or solo miner you should upgrade before the switchover date (April 1, if all goes well)  or there is a good chance you'll produce nothing but orphan blocks.  I welcome suggestions on how to effectively get that message out to the community.

Quick clarification on this, Solo miners need only upgrade the bitcoin client they are mining through in order to ensure generated blocks are "clean".

But, with P2Pool, because it's peer to peer. Would not EVERY P2Pool miner need to upgrade their clients or else the entire pool could be affected? (example being I'm mining against P2Pool, I'm using an updated client, but joebob is also mining on P2Pool with an old client. If his client happens to be the one that finds the block, even though I've contributed shares towards said block, and he includes the invalid tx, the whole block, and all contributing miners to that block get screwed correct?)

If this is the case, that's a pretty big problem for P2Pool miners. Because there is no way for us to know if the rest of the pool is updated. (and it essentially opens up P2Pool to a DOS attack vector. Anyone looking to take down P2Pool can join up with bogus clients and mine to start injecting bad blocks into the mining results for the whole pool... Sure it would only be proportional to the mining power brought to the table by the "attacker" relative to the rest of P2Pool, but it's still an attack vector).

Also what classifies as "upgraded". (ie: I'm running the latest official client from bitcoin.org, but not a dev branch. Do I need a dev branch? if so which version specifically)

Thanks!
hero member
Activity: 714
Merit: 500
Hope this time we'll get through.
staff
Activity: 4284
Merit: 8808
February 29, 2012, 12:42:32 PM
#15
Let me summarize:

Your summary is not very accurate or useful.

Quote
The information didn't get to me for example, although I specifically asked for it.  Nobody bothered to update my thread.  I had to ask again and nail you down to get this piece of information.

None of the development is going on in secret. The discussions are out in the public and are fairly transparent. If you don't have the time to follow and understand all of it, then thats a tradeoff you're choosing to make.  If there are reasonable ways to improve the transparency then I'm sure offers to help improve communications would be appreciated by all.

Or what do you expect? Certified mail on every commit?  You don't get to demand personal service.

(and frankly— a bit of unsolicited advice: the screeching bold faced text from an account with 25 posts just screams sockpuppet/troll — you might want to consider moderating your tone before you get written off as someone who's just trying to create controversy for fun)
legendary
Activity: 3583
Merit: 1094
Think for yourself
February 29, 2012, 10:07:07 AM
#14
If another large change is required in the future, I'm not at all certain if it can be done. This will leave Bitcoin vulnerable to competition from newer cryptocurrencies that have no such problem.

When a change is *required* I'm sure the Bitcoin community will be behind it.  I'm also sure there will probably be allot of debate on how to implement a required change as well, but that is a good thing.
Sam
hero member
Activity: 938
Merit: 1002
February 29, 2012, 07:16:06 AM
#13
They need to fucking wake up because we're part of a technology in development, not something that will just stay the way it is for forever and ever.

I know of a few solo/p2p miners whom I think I need to wake up, but it doesn't seem very straightforward to do so switch. Does the main branch now support BIP 16?
legendary
Activity: 2184
Merit: 1056
Affordable Physical Bitcoins - Denarium.com
February 29, 2012, 06:48:22 AM
#12
Let me summarize:

  • In the last ~4 weeks you learned that the change (that was scheduled for tomorrow) will open up older clients to a major security hole (DoS).

  • Instead of modifying or dropping the change, somebody decided that it should still be deployed as is.

  • The community has not been informed about this problem.  The information didn't get to me for example, although I specifically asked for it.  Nobody bothered to update my thread.  I had to ask again and nail you down to get this piece of information.


Don't you think that more time is needed, for the community to adjust to the upcoming changes, to come up with better variants (that have less sideeffects), and to further analyse the security implications?  If such a big problem was identified just a few days ago, what else could surface tomorrow?

Also keep in mind, that on some systems it is very difficult to compile the latest client. It's easier to modify the old client to not process any transactions. This might not be good for the community, but it successfully dodges the threat created by the change.  Not processing transactions can be considered a "hot fix" for old clients.
Let me summarize for you:

The issue that was found was NOT a big problem. Backwards compatability for miners was never a requirement for P2SH. Regular users do not need to upgrade but miners do, that is not a problem. Miners need to get used to the fact they might need to upgrade from time to time. Even users do but for them it should be different, slower. For example the 3.x Bitcoin clients don't work anymore. I expect that the 4.x clients will work for a while yet.

There is plenty of time for miners to upgrade, in best case there is still over a month to the switchover date. This is a good amount of time to do more testing with BIP 16 as well.
Pages:
Jump to: