Recently, I had the chance to ask core developer Peter Todd a few questions about the controversial BitcoinXT hard fork and what he thinks is the best course of action for scaling the technology. His insights in this interview provide a perspective on why superior alternatives to forking bitcoin require thorough consideration.
Travis: BitcoinXT has been described as a “contentious hard fork”. Could you walk us through some of the security risks that come with adopting this proposal through such a fork?
Peter: First of all, users running SPV clients run wallets that blindly follow the longest chain that they know about. This means that if miners are not mining the longest chain considered by the economic majority to be “Bitcoin”, those miners will be creating blocks that could trick those clients into accepting invalid payments as valid – accepting fake money.
This gets even worse when combined with a fake node attack, as it’s likely that those clients will only be connected to nodes the attacker controls, which can prevent the client from learning about the longest chain.
This isn’t only specific to a contentious hard fork – any fork can cause this – but by being contentious it’s likely that a large number of miners won’t switch.
XT though is even worse, because it switches at a 75% threshold. Now suppose 26% of the hashing power is advertising XT support, but doesn’t actually support XT. The 49% of hashing power will think it has a majority, start mining XT blocks (Mike has setup XT to mine full-size 8MB blocks on day 1) and those blocks will be rejected from the network. This will create fairly large reorganizations, potentially invalidating an hour or two of transactions at a time. But the really bad case, is if a 8MB chain gets some initial consensus, and then falls behind later. For instance, if the XT supporters try to get XT passed by DoS attacking non-XT-supporting pools, you might have a few days work of transactions on the XT blockchain that get reversed when the Bitcoin blockchain catches up, destroying as much as millions of dollars worth of transactions.
FWIW the core team told Gavin ages ago to use a 95% threshold for BIP101, the margin usually used for soft-forks, but I think Gavin didn’t think he’d get consensus and decided to go for the more dangerous 75% threshold instead.
Travis: Recently, a project in strong opposition to BitcoinXT has be launched called NotBitcoinXT. How exactly would this work and why does it pose a grave threat to the health of the bitcoin ecosystem?
I wouldn’t say NotBitcoinXT poses the grave threat; XT is what poses the threat by using an insecure and dangerous switchover point that will switch over even without consensus.
Travis: Instead of forking to BitcoinXT, are there any BIPs that you are currently in favor of?
Peter: Not really. Pieter Wuilles’s BIP is probably harmless, but OTOH it raises the blocksize so slowly that it’s also IMO somewhat pointless.
What I’m in favor of is fundamental improvements to the technology that’ll allow for true scaling, such as my own CLTV BIP, and the more recent CHECKSEQUENCEVERYIFY BIP. (and associated nSequence BIP) I’m currently helping get all those BIP’s implemented, which in turn will help out things like the Lightning network use the blockchain more efficiently, by orders of magnitude.
Raising the blocksize will never give us that kind of scalability – even Gavin Andresen admits that raising the blocksize is simply ‘kicking the can down the road’
Travis: Where do you see bitcoin in 10-15 years? As something that competes with VISA and is highly convenient, a decentralized, incorruptible payment layer for the internet, or something in between?
I’ll go out on a limb a bit, and say I think we’ll solve the fundamental scaling problems blockchains have directly. We’ll likely be using things like the Lightning network when we need instant payments with good privacy. (Lightning payments have much better privacy than using Bitcoin directly as they aren’t published to a public blockchain) For things where we still need the payment to go on the blockchain directly I expect we’ll be using something like my Treechains ideas that has true scalability; the idea of a “blocksize” won’t even be relevant anymore.
Travis: From what I understand, you are attending the upcoming Scaling Bitcoin Workshops in Montreal. What do you hope to take away from the event?
Peter: I am!
You know, I’m quite dubious that we’re actually going to reach agreement between the two “camps” The problem is big-block supporters have generally been large payment companies, wallet providers, etc. Circle, Coinbase, BitPay, Xapo, Chain, etc. These are all highly centralized and regulated companies. They don’t necessarily benefit all that much from a genuinely unregulated Bitcoin – they themselves are regulated.
Larger blocks makes it harder to create decentralized versions of what they do – if your a company who can’t afford run a full node, you’re much more likely to buy the services of a payment or blockchain API provider who runs those nodes for you. Yet at the same time the regulated nature of these businesses makes it hard for them to run true scalability solutions such as Lightning hubs, which I expect to mainly be in jurisdictions free of regulation. (Tor is a good example!)
Similarly the much better privacy of scalability solutions is problematic – many of these companies have been telling regulators that Bitcoin is transparent and open to law enforcement, which it just won’t be with scalability tech.
What I do expect though is for us to build a solid and scientific approach to understanding the blocksize issue, scalability, and what kinds of attacks we’re trying to resist. If the Coinbase’s and Circle’s of the world disagree with what we’re trying to accomplish – censorship resistant sound money – then at least these ideological differences can be made clear and the community can ignore them and go in another direction.
The blueprints for scaling the bitcoin are beginning to emerge and the Lightning Network may prove to be the...
Ethereum today is where bitcoin was in 2010 – raw infrastructure, lack of developers, and plenty of skeptics.
The financial landscape in developing economies such as Africa is well positioned to leapfrog traditional banking and move directly...