📅 Original date posted:2016-02-01
📝 Original message:On Monday, February 01, 2016 9:43:33 PM Cory Fields wrote:
> On Mon, Feb 1, 2016 at 2:46 PM, Luke Dashjr <luke at dashjr.org> wrote:
> > Allowing for simpler cases both encourages the lazy case, and enables
> > pools to require miners use it. It also complicates the server-side
> > implementation somewhat, and could in some cases make it more vulnerable
> > to DoS attacks. Keep in mind that GBT is not merely a bitcoind protocol,
> > but is used between pool<->miner as well... For now, it makes sense to
> > leave
> > "default_witness_commitment" as a bitcoind-specific extension to
> > encourage adoption, but it seems better to leave it out of the standard
> > protocol. Let me know if this makes sense or if I'm overlooking
> > something.
>
> I think that's a bit of a loaded answer. What's to keep a pool from
> building its own commitment and requiring miners to use that? I don't
> see how providing the known-working commitment for the
> passed-in-hashes allows the pool/miner to do anything they couldn't
> already, with the exception of skipping some complexity. Please don't
> confuse encouraging with enabling.
Making it simpler to do a centralised implementation than a decentralised one,
is both enabling and encouraging. GBT has always been designed to make it
difficult to do in a centralised manner.
> What's the DoS vector here?
It's more work for the pool to provide it, similar to the "midstate" field was
with getwork. Someone performing a DoS needs to do less work to force the pool
to do complex calculations (unless the same transaction tree / commitment is
used for all miners, which would be an unfortunate limitation).
> >> The issue in particular here is that a non-trivial burden is thrust
> >> upon mining software, increasing the odds of bugs in the process.
> >
> > It can always use libblkmaker to handle the "heavy lifting"... In any
> > case, the calculation for the commitment isn't significantly more than
> > what it must already do for the stripped merkle tree.
>
> Agreed. However for the sake of initial adoption, it's much easier to
> have a known-correct value to use. Even if it's just for the sake of
> checking against.
Sure, I'm not suggesting we remove this from bitcoind (probably the only place
that makes initial adoption easier).
> >> [4]:
> >> https://github.com/theuni/ckpool/commit/7d84b1d76b39591cc1c1ef495ebec513
> >> cb 19a08e
> >
> > I'm pretty sure this commit is actually /introducing/ a bug in working
> > (albeit ugly) code. The height, while always positive, is serialised as
> > a signed number, so 0x80 needs to be two bytes: 80 00.
>
> You're right, thanks. The current code breaks on heights of (for ex)
> 16513. I'll fix up my changes to take the sign bit into account.
I'm curious what bug it was fixing? Was it overwriting data beyond the number?
Luke
Luke Dashjr [ARCHIVE] /
npub1tf…rfq0n
2023-06-07 17:48:20
in reply to nevent1q…ytz2
Author Public Key
npub1tfk373zg9dnmtvxnpnq7s2dkdgj37rwfj3yrwld7830qltmv8qps8rfq0nSeen on
wss://relay.noswhere.comPublished at
2023-06-07 17:48:20Event JSON
{
"id": "2e27a5b78efdf4b6b613d19a94f3fded71e842b82648c8d80c74bd8d8a9500cb",
"pubkey": "5a6d1f44482b67b5b0d30cc1e829b66a251f0dc99448377dbe3c5e0faf6c3803",
"created_at": 1686160100,
"kind": 1,
"tags": [
[
"e",
"d1f8e12cb560f51e30f188d7bc5ff5d0f6f33791d2e90d0bdd13cdcbe911293b",
"",
"root"
],
[
"e",
"34de4dfd442f238766a2b1ac04c06866efb64f8a0a900ffbb89ee6128401cef1",
"",
"reply"
],
[
"p",
"28e91e249bc93012b85689043e5284a72bacd58ceabf2f4fb6a8873d12e39f7c"
]
],
"content": "📅 Original date posted:2016-02-01\n📝 Original message:On Monday, February 01, 2016 9:43:33 PM Cory Fields wrote:\n\u003e On Mon, Feb 1, 2016 at 2:46 PM, Luke Dashjr \u003cluke at dashjr.org\u003e wrote:\n\u003e \u003e Allowing for simpler cases both encourages the lazy case, and enables\n\u003e \u003e pools to require miners use it. It also complicates the server-side\n\u003e \u003e implementation somewhat, and could in some cases make it more vulnerable\n\u003e \u003e to DoS attacks. Keep in mind that GBT is not merely a bitcoind protocol,\n\u003e \u003e but is used between pool\u003c-\u003eminer as well... For now, it makes sense to\n\u003e \u003e leave\n\u003e \u003e \"default_witness_commitment\" as a bitcoind-specific extension to\n\u003e \u003e encourage adoption, but it seems better to leave it out of the standard\n\u003e \u003e protocol. Let me know if this makes sense or if I'm overlooking\n\u003e \u003e something.\n\u003e \n\u003e I think that's a bit of a loaded answer. What's to keep a pool from\n\u003e building its own commitment and requiring miners to use that? I don't\n\u003e see how providing the known-working commitment for the\n\u003e passed-in-hashes allows the pool/miner to do anything they couldn't\n\u003e already, with the exception of skipping some complexity. Please don't\n\u003e confuse encouraging with enabling.\n\nMaking it simpler to do a centralised implementation than a decentralised one, \nis both enabling and encouraging. GBT has always been designed to make it \ndifficult to do in a centralised manner.\n\n\u003e What's the DoS vector here?\n\nIt's more work for the pool to provide it, similar to the \"midstate\" field was \nwith getwork. Someone performing a DoS needs to do less work to force the pool \nto do complex calculations (unless the same transaction tree / commitment is \nused for all miners, which would be an unfortunate limitation).\n\n\u003e \u003e\u003e The issue in particular here is that a non-trivial burden is thrust\n\u003e \u003e\u003e upon mining software, increasing the odds of bugs in the process.\n\u003e \u003e \n\u003e \u003e It can always use libblkmaker to handle the \"heavy lifting\"... In any\n\u003e \u003e case, the calculation for the commitment isn't significantly more than\n\u003e \u003e what it must already do for the stripped merkle tree.\n\u003e \n\u003e Agreed. However for the sake of initial adoption, it's much easier to\n\u003e have a known-correct value to use. Even if it's just for the sake of\n\u003e checking against.\n\nSure, I'm not suggesting we remove this from bitcoind (probably the only place \nthat makes initial adoption easier).\n\n\u003e \u003e\u003e [4]:\n\u003e \u003e\u003e https://github.com/theuni/ckpool/commit/7d84b1d76b39591cc1c1ef495ebec513\n\u003e \u003e\u003e cb 19a08e\n\u003e \u003e \n\u003e \u003e I'm pretty sure this commit is actually /introducing/ a bug in working\n\u003e \u003e (albeit ugly) code. The height, while always positive, is serialised as\n\u003e \u003e a signed number, so 0x80 needs to be two bytes: 80 00.\n\u003e \n\u003e You're right, thanks. The current code breaks on heights of (for ex)\n\u003e 16513. I'll fix up my changes to take the sign bit into account.\n\nI'm curious what bug it was fixing? Was it overwriting data beyond the number?\n\nLuke",
"sig": "853722828b2b806a0dff20334f5d34f873eb5769b9a686b8488f4bd03c639e8f42962aeb954e3a1e786599adba0342f11878d15fc3c844f5243642a745c6890f"
}