diff options
| author | Rusty Russell <rusty@rustcorp.com.au> | 2015-09-27 15:22:45 +0930 |
|---|---|---|
| committer | Rusty Russell <rusty@rustcorp.com.au> | 2015-09-27 15:22:45 +0930 |
| commit | 602e72125637ed90b75009e10fb5ba8a9cab3198 (patch) | |
| tree | 5897e9335cd3de6b3df7bfb4186006b22b3ff57e | |
| parent | f278c02cbcc18b20d7eb1c68653e4368f3852f5c (diff) | |
| download | bips-602e72125637ed90b75009e10fb5ba8a9cab3198.tar.xz | |
More btcdrak feedback.
Signed-off-by: Rusty Russell <rusty@rustcorp.com.au>
| -rw-r--r-- | bip-0009.mediawiki | 10 |
1 files changed, 5 insertions, 5 deletions
diff --git a/bip-0009.mediawiki b/bip-0009.mediawiki index abbcdaf..c17ca15 100644 --- a/bip-0009.mediawiki +++ b/bip-0009.mediawiki @@ -9,11 +9,11 @@ ==Abstract== -This document specifies a proposed change to the semantics of the 'version' field in Bitcoin blocks, allowing multiple backward-compatible changes (further called called "soft forks") being deployed in parallel. It relies on interpreting the version field as a bit vector, where each bit can be used to track an independent change. These are tallied each retarget period. Once the consensus change succeeds or times out, there is a "fallow" pause after which the bit can be reused for later changes. +This document specifies a proposed change to the semantics of the 'version' field in Bitcoin blocks, allowing multiple backward-compatible changes (further called "soft forks") to be deployed in parallel. It relies on interpreting the version field as a bit vector, where each bit can be used to track an independent change. These are tallied each retarget period. Once the consensus change succeeds or times out, there is a "fallow" pause after which the bit can be reused for later changes. ==Motivation== -BIP 34 introduced a mechanism for doing soft-forking changes without predefined flag timestamp (or flag block height), instead relying on measuring miner support indicated by a higher version number in block headers. As it relies on comparing version numbers as integers however, it only supports one single change being rolled out at once, requiring coordination between proposals, and does not allow for permanent rejection: as long as one soft fork is not fully rolled out, no future one can be scheduled. +BIP 34 introduced a mechanism for doing soft-forking changes without a predefined flag timestamp (or flag block height), instead relying on measuring miner support indicated by a higher version number in block headers. As it relies on comparing version numbers as integers however, it only supports one single change being rolled out at once, requiring coordination between proposals, and does not allow for permanent rejection: as long as one soft fork is not fully rolled out, no future one can be scheduled. In addition, BIP 34 made the integer comparison (nVersion >= 2) a consensus rule after its 95% threshold was reached, removing 2<sup>31</sup>+2 values from the set of valid version numbers (all negative numbers, as nVersion is interpreted as a signed integer, as well as 0 and 1). This indicates another downside this approach: every upgrade permanently restricts the set of allowed nVersion field values. This approach was later reused in BIP 66, which further removed nVersion = 2 as valid option. As will be shown further, this is unnecessary. @@ -67,8 +67,8 @@ after, the bit B may be reused for a different soft fork. '''Failure: Timeout''' A soft fork proposal should include a ''timeout''. This is measured -as the beginning of a calendar year as per this table (suggested -three years from drafting the soft fork proposal): +as the beginning of a calendar year as per this table (suggest +adding three to the current calendar year when drafting the soft fork proposal): {| ! Timeout Year @@ -145,7 +145,7 @@ The mechanism described above is very generic, and variations are possible for f The 95% threshold (based on in BIP 34) does not have to be maintained for eternity, but changes should take the effect on the warning system into account. In particular, having a lock-in threshold that is incompatible with the one used for the warning system may have long-term effects, as the warning system cannot rely on a permanently detectable condition anymore. '''Conflicting soft forks''' -At some point, two mutually exclusive soft forks may be proposed. The naive way to deal with this is to never create software that implements both, but that is a making a bet that at least one side is guaranteed to lose. Better would be to encode "soft fork X cannot be locked-in" as consensus rule for the conflicting soft fork - allowing software that supports both, but can never trigger conflicting changes. +At some point, two mutually exclusive soft forks may be proposed. The naive way to deal with this is to never create software that implements both, but that is making a bet that at least one side is guaranteed to lose. Better would be to encode "soft fork X cannot be locked-in" as consensus rule for the conflicting soft fork - allowing software that supports both, but can never trigger conflicting changes. '''Multi-stage soft forks''' Soft forks right now are typically treated as booleans: they go from an inactive to an active state in blocks. Perhaps at some point there is demand for a change that has a larger number of stages, with additional validation rules that get enabled one by one. The above mechanism can be adapted to support this, by interpreting a combination of bits as an integer, rather than as isolated bits. The warning system is compatible with this, as (nVersion & ~nExpectedVersion) will always be non-zero for increasing integers. |