Topic: Segwit Pros and Cons (Read 1706 times)

I'm pretty sure that it comes from jl777 not understanding what the wtxid was for.

This is the reference implementation: https://github.com/sipa/bitcoin/tree/segwit. You can also read the BIPs for segwit: 141 (https://github.com/bitcoin/bips/blob/master/bip-0141.mediawiki), 143 (https://github.com/bitcoin/bips/blob/master/bip-0143.mediawiki), and 144 (https://github.com/bitcoin/bips/blob/master/bip-0144.mediawiki)

I have a segnet (segwit test network) node running so if you want some raw block and transaction examples I can provide them.

interesting...
i wonder where the misconception of wasted space to accommodate backward compatibility comes from.
its been stated several times by different sources.
I'm not ready to remove it as a con just yet...
it would be nice if someone that has the code available to them to confrim these finer points of temporal mechanics.
I am attempting to compile BitcoinUnlimited on my VS2010, but it will take me months to be able to properly read and mod the code.

The first few pages of that thread include some fairly incorrect statements, especially the ones by jl777 (not his fault, he was trying to learn). I myself said a few incorrect things but they were corrected later in the thread. Around page 3 or 4 is where the correct info mostly starts. The posts that you should be quoting are mine and gmaxwell's as we did most of the explaining of segwit.

The wtxids are never relayed. The txid is only relayed some of the time currently and that is not changing as the txid is still how nodes will refer to transactions. As was explained by gmaxwell, if this was done as a hard fork, the witness root hash (merkle root of the wtxids) and the merkle root would still be required to be in the block header. Doing it as a soft fork just moves that witness root hash from the block header to the coinbase to keep segwit as a soft fork.

this is all rather complex, let's try to keep in mind this is an incomplete set of pros and cons bound to have mistakes in it.

I should include sources...
this is where i got the idea https://bitcointalksearch.org/topic/m.14211197

i think the idea is that the wtxid and txid and the dupped merkle tree, all have to be there to accommodate the softfork, had it been a hardfork there wouldn't any duplicated data structures in order to allow for backward compatibility

the fact that these data structs are or are not saved to the blockchain is insignificant, they have to be relayed, this is the most costly part. 

thank you knightdk

i will study your post and attempt to correct OP.

The benefits are listed and explained in more detail at https://bitcoincore.org/en/2016/01/26/segwit-benefits/

You of course forgot one of the biggest things this fixes which is the O(n^2) hashing problem. With segwit it is incredibly difficult to produce a large transaction which would require several seconds to a few minutes to verify.

This is not true. The wtxid is never stored anywhere in the blockchain, nor is the regular txid. It does not waste space.

Users do not need to upgrade. They can simply continue to spend and use Bitcoin as they do now to no ill effect.

How is it technically superior as a hard fork? The only difference that would have been made if it was a hard fork is that committing the witness root hash would have occurred in the block header instead of an OP_RETURN output in the coinbase. The amount of data needed to be stored would have been the same except if it was hard forked everyone would have to upgrade but as a soft fork there is no mandatory upgrade.

I have no idea what you mean by "witness proofs would be about 50% or 1,000 Byes larger". The witnesses would have been the same no matter what.   

That is true, but the core devs have helped with that by creating a document to explain all of the segwit changes and help developers implement segwit into their code. See https://bitcoincore.org/en/segwit_wallet_dev/

You still explain it in the same way. Functionality has not changed, and neither have most of the abstractions that people use to describe Bitcoin. The only thing that changes is a little bit of the technical stuff which, to the average person, is already extremely complex because on a technical level Bitcoin doesn't use the command abstractions of an address or balances.

Future block size increases need not be in 1 Mb increments. They can be in 0.25 Mb increments or something else so that the intended effective block size can be achieved.

No, not possible. Nodes will request from that miner the block with the witness serialization by using the inv type MSG_WITNESS_BLOCK. The miner must send the block with the transactions with the witness serialization otherwise the block will be invalid. If the witnesses are not there, the node doesn't know that and will calculate the witness root hash. If that doesn't match what is committed in the coinbase, then the block is invalid and subsequently rejected. They will not be requesting the witness data for each and every transaction in the block.

Not sure what that means and where you got that info from. Could you explain this?

Same can be said about other scalability proposals. Block size increase will require more capacity, bandwidth, and processing power to handle more and larger blocks.

the discussion about these pros and cons can be found here https://bitco.in/forum/threads/segregated-witness-sotf-fork-segwit-pros-and-cons.986/

i thought i would post this here for more exposure

Pros
________________________________________________________

Effective block size increase
this increase would be about 1.6 MB to 2.0 MB.
as far as relay speeds and network load is considered segwit blocks or 2MB traditional blocks, would cost the same.

Segwit is a softfork
- it hardly qualifies as a soft fork; users & wallets that do not implement segwit and receive funds from a segwit TX will end up with TX they cannot validate.
they should be able to spend the funds even if they dont upgrade they simply see the TX as anyone-can-spend, when infact noly they can spend...
- Segwit allows a softfork by requiring a significant wast of space in the wtxid, it should be implmented as a hardfork.
its only 1kb wasted, softforks are favorable.
- calling segwit a softfork might lead people to believe they do not need to upgrade, confidence in the dev team will drop as these users figure out that it was indeed a mandatory upgrade.
-SegWit is technically superior as a hard fork. Witness proofs would be about 50% or 1,000 Bytes larger, and code would be more complex, as a soft fork.  


Fixes third-party transaction malleability allowing LN and sidechains to be developed .
Possible 66% additional improvement in bi-directional channel efficiency by consolidating channel open and close operations.

Allows the ability to more easily upgrade Bitcoin’s Script language.


Includes fraud proofs.
enables sidechain type contracts.
it does not currently include fraud proof validations and it won't include it even in the first deployment.

fixes which is the O(n^2) hashing problem.
With segwit it is incredibly difficult to produce a large transaction which would require several seconds to a few minutes to verify.

Cons
________________________________________________________

The implementation of segwit is complex and multifaceted
- all the different wallets will need to implement segwit themselves, its unlikely they will all get it right the first time, could lead to some serious loses.
core devs have helped with that by creating a document to explain all of the segwit changes and help developers implement segwit into their code. See https://bitcoincore.org/en/segwit_wallet_dev/

Bitcoin is fairly simply to explain, poeple can trust it because they understand it,  segwit makes understanding bitcoin an order of mangure more complex, which could lead to poeple not trusting bitcoin.


Upon adoption, segwit creates a 4X adversarial attack surface.
miners and network engineers have to design their systems to be able to handle 4 MB blocks without bogging down, but we only get to actually use about 40% of that capacity. This 4x adversarial case will make it very difficult to increase the blocksize limit in the future. With a 1 MB base block size, it's 4 MB, but with a 2 MB base block size, the adversarial case would be 8 MB.


Makes use of an existing feature (anyonecanspend) that was never meant to be used this way.

Introduces a new type of DOS attack (go-fish-wit-ddos)
An attacker mines a segwit-block with 1000 transactions the network has not yet seen (The attacker creates these TX herself )The attacker has the witness data readily available. When other miners try to validate this block they will go through every single one of these TX and say "I don't have the witness data for this TX_ID, I have to call TCP::GetWitnessData( TX_ID ) aw yes this is valid"


Subsidizes signature data in complex/large multisig transactions.
Weights signature data at 1/4 the level of transaction/UTXO data. Signatures are more expensive to validate than UTXO, so this is not justifiable in terms of computational cost.

Increased resource usage (capacity, bandwidth, processing power)


***
Black Text Is a Pro or Con related to segwit .
Green Text Is used to highlight key points which give the Pro or Con more validity
Red Text Is used to highlight key points which debunk or lessen the validity of the Pro or Con



We are compiling a list of some basic pros and cons for segwit softfork. please post below some Pros or Cons for segwit, and discuss them. Feel free to try and debunk the pros / cons i will try and follow the discussion and summarize / post links to these posts with more information. Free feel to ask me to reword a Pro or Con listed in OP for added clarity, please provide full text as you believe it should appear.

In a few month Core will be looking push segwit out onto the network, Its is my hope that this Pro & Con List will help users and miners understand all the specific issues related to segwit. so they can be confident about their decision to accept it or not.

Thank you for your input!