Bitcoin Cash. Was there a fork?

    image

    Today, the subject of Bitcoin and Blockchain attracts an incredible amount of attention. Unfortunately, the news does not allow us to understand the full extent of what is happening, since the authors are confused in terminology and in a hurry to publish unprepared articles. Which again leads away a wave of discussion from the technical side of the issue to the issue of speculation on the subject of the Bitcoin exchange rate.

    Let’s try to push back emotions and study together what is happening and what are the consequences.

    Summary


    • Bitcoin - A Maths Society
    • What is a fork? Why the attack is not so terrible 51%
    • Segwit. How it all started
    • Bitcoin Cash - how to make money and how to give others money
    • Prospects

    Bitcoin - A Maths Society


    Many people present bitcoin as an extremely simplified system. Sometimes it’s convenient, and sometimes it makes it impossible to explain the current problem. For example, Bitcoin is presented as a huge ledger, where miners every 5 minutes try to write another page in the ledger, where it will be written, from whom and to whom funds were transferred. This analogy is convenient and in 99% it is, it’s only difficult to understand how you can get into this ledger, why you can create an address and an account offline, without ever having to contact the Internet and other issues.

    I propose another analogy, Bitcoin is a community of math enthusiasts. In the beginning there was one mathematician Satoshi, who wrote the first problem and proposed 50 coins (arbitrary units) for its solution. Satoshi was very cunning, he proposed a task to which only he knew the answer. But Satoshi was not only cunning, but also smart, he attracted attention and realized that the system would only be alive if there were other “mathematicians” in it. Then, Satoshi announced the rules, everyone who solves the published problem can publish their tasks and distribute the number of coins from the solved problem between new tasks. As a sign of confirmation, Satoshi showed the answer to his problem and proposed 2 more problems, one very simple for 20 coins, and the other again very difficult for 30 coins. Another mathematician, I immediately picked up this idea and solved a simple problem for 20 coins and again created one very complex one - for 15 coins, and another simple one - for 5 coins. In total, the system turned out 3 unsolved problems (1 from Satoshi, and two from another mathematician) and 2 solved problems. Many mathematicians rushed to solve simple and complex problems, and within a week there were 100-1000 open problems. At that time, the complexity of the task was absolutely independent of the number of coins, but even then mathematicians collected more intuitively more coins for their tasks.

    The system revealed a significant flaw, it was necessary to maintain it online so that mathematicians could easily exchange solutions and lay out new tasks at any time. Naturally, mathematicians decided to attract other “mathematicians” (programmers) so that they would solve simpler problems, and for this, those who would solve it faster, they would receive 50 coins and the opportunity to publish their problem. So that computers (programmers programmed solutions to simple problems) do not solve problems too quickly and do not receive a lot of coins, the complexity of the tasks varies dynamically, every N blocks. Since then, everyone began to live in peace or almost in peace.

    Let's translate this story into the understandable language of Blockchain:

    1. Each published task is a part of a transaction that contains an answer to a previously set task (previous transaction and scriptSig / signature) and new tasks (rough approximation of the output list), as well as the distribution of input coins to output coins.
    2. Each simple task is a mining block task, namely finding a key for a hash with the specified properties. It adapts so that the solution is found approximately every 10 minutes.
    3. Each block includes an answer to the solution of the mining problem and a list of transactions that the miner optionally included (important!)

    - How close is this analogy to the real state of affairs in Bitcoin?
    - Close enough, here are some judgments:

    • Really. In Bitcoin input, output (task description language) is a special stacked language of the Bitcoin script . Which has up to 80 op-codes, including multiplication, addition, hashing, encryption, but no loops!
    • A typical transaction output looks like
      OP_DUP OP_HASH160 a4b4c5245e00d758c4364085d60375b8e22cf482 OP_EQUALVERIFY OP_CHECKSIG
      , which in Russian means, try to pick such a number that OP_HASH160 will equal a4b4c5245e00d758c4364085d60375b8e22cf482. Of course, this is a question with a catch-up, the person who publishes such a task knows the answer in advance, but he does not want to tell it to others, let him, as they say, suffer, and when he wants new tasks, he will.
    • There are no downstream addresses in Bitcoin! Roughly speaking, you can write an absolutely space (from the point of view of UX) application that will specifically ask you to solve a mathematical problem and interact absolutely normally with bitcoin blockchain. In practice, the address is Base56 from the number a4b4c5245e00d758c4364085d60375b8e22cf482, but this is only true for transactions of the form
      OP_DUP OP_HASH160 a4b4c5245e00d758c4364085d60375b8e22cf482 OP_EQUALVERIFY OP_CHECKSIG
    • You can write OP_RETURN in output. Which will mean that solving your problem is extremely simple. And with a probability of 99% in the next, or maybe in the current block, your coins will be taken away (in a new task) and this will be done by the block miner.
    • One of the simplest ways to burn bitcoin is to set the task x ^ 3 = y ^ 3 + z ^ 3. Naturally, the problem has no solution in positive integers and it will never be solved.
    • A transaction can specify several input tasks, but in the transaction all input coins must be spent (a positive balance is considered fee and goes to the miner).
    • Transaction (TX1) Input refers to the Transaction Id (TX0), which has already been published, and represents the input parameters to TX0 output, when substituted, the output of the previous transaction (TX0) is calculated in TRUE.
    • Input parameters can also be a script, but this is a rare occurrence.
    • In output, you can write any line. Do some people write marry me ?

    Here are a few more judgments for which a detailed analysis can be made (but not now):

    • If the output is simple (unencrypted), then the block miner will probably pick it up, even if you run your transaction and it will be absolutely valid.
    • So that the miner does not steal all transactions, the input input is encrypted in such a way that it can be applied only to a specific output. Thus, the miner can validate the transaction, but it cannot change the output, otherwise the transaction will become invalid.
    • Important! A miner can mine a “valid” block and include invalid transactions. Since all clients connected to Bitcoin revalidate transactions, they will not consider the block to be valid. Other miners can steal a block and include already correct transactions and they will already receive a reward for the block. Roughly speaking, different miners (clients) will have a different block history, this is hard fork

    Perhaps now it’s clear why the ledger is too simplistic an analogy, because in blockchain there is not even a concept of addresses.

    Opinion
    In this rather simple difference, the Bitcoin Core group conflict arose with everyone else. Roughly speaking, what used to be a community of mathematicians for you, first became a fintech, then a dictate of miners, and then a dictate of bankers and speculators, who are most concerned about the BTC / USD rate.

    What is a fork? Why the attack is not so terrible 51%.


    Even today there was an article that the 51% attack is terrible and more than 80% of the mining capacities are in China and it is time for us to be afraid. Again, if we present an analogy that there is a book of records and someone has 51% or more and he begins to write in it what he wants. That, yes, the 51% attack is already becoming simply irresistible. In practice, this is not so.

    Let's return to the community analogy with mathematicians, suppose miners have captured 100% of the power and publish problems with incorrect answers in various scientific journals at a frantic speed. Naturally, the community of mathematicians will be discouraged, but they will never recognize the wrong answers and will not write to their personal journal. In blockchain, each (!) Stores its own log. How would an adequate scientific community behave? It would make a list of good scientific journals or establish a different communication channel and start from the moment of the last “valid” transaction. Yes, it would take a certain amount of time and energy, but this attack would not affect the "truth" of the magazine. This phenomenon is called hard fork . 2 chains appeared and each with its own rightness.

    Between miners and mathematicians (users), a unique relationship has developed, some do not exist without others and vice versa. And this balance is respected. Like any system, bitcoin requires improvements. Bitcoin Core is a group of people who used and developed bitcoin almost from the very beginning. And from the very beginning they faced the first difficulty of development. How to release updates? Even if you conduct a 100% attack and update all the miners, you can get a broken blockchain and the probability of a hard fork (if the clients do not update), which is absolutely undesirable. Therefore, the concept of soft fork was developed: all miners are updated, but valid blocks (backward compatibility) blocks and transactions continue to be sent to customers. Customers are updated as needed. Some changes were quite simple to implement. For instance,

    Any update process is a complicated procedure, and after a while the
    formal update process through the soft fork was selected (using the following conventions):

    1. All miners who mined the block include information in the block that they are ready to update and enable some functions.

    2. After a certain period of time, when the blocks become 95% in a row (agreed on this number, although not necessarily), the miners begin to attack the majority. Those. refuse to accept blocks that do not support the new function (BIP - bitcoin internal proposal). This is a signal that it is time for all miners to update, otherwise they will not see their mining fee.

    3. Feature activation may occur late, ie NO_OP1 -> DIG_SIG_OP can start working after 100 blocks, which gives time to update clients who already know when the feature will be enabled by tokens in blocks.

    PS All this should work in backward compatible mode, i.e. those who have not updated will continue to receive updates and work correctly.

    The update algorithm is an agreement, not a formal algorithm! And the arrangement is failing. The most famous case occurred with the update block_version = 3, when a 95% signal passed to turn on the majority attack, but AntPool continued to mine blocks with version (3) and unfortunately between them it still included blocks from other miners with version 2. This was the most a real hard fork, because AntPool with other miners was very powerful and was able to build the longest chain (by default, bitcoin clients take the longest chain). The problem was with other miners who could not validate this chain (since there were blocks 2 and 3) and refused to accept it. After 6 hours of fork, AntPool administrators contacted and they abandoned their blocks. Note the hard fork occurred on the same transactions, i.e.

    As you can see, the update mechanism was invented not by mathematicians, but by programmers-politicians, so it sometimes crashes (just kidding).

    Segwit. How it all started


    Opinion
    Bitcoin Core developers were and are romantics. They develop a complex mathematical system that does not take into account that most users and even miners do not understand and do not use the complexity of this system. Bitcoin is used only at 1% of its complexity, while the Bitcoin Core group moved quite fast and offered all new technologies. Some developers understood this and created altcoin, although most agreed that it would be nice to have everything in Bitcoin. All this developed relatively well until the Bitcoin exchange rate began to take off. Each change (soft fork) cost more and more and required more coordination. Bitcoin literally ceased to be used for smart contract, the fee began to increase and all this caused a debate between miners, which depend on course jumps, and developers. Users remained on the sidelines until the fee grew so much and until there were so many transactions that they had to wait hours. Then the miners decided to remove the developers and cooperate with large users (owners of exchanges, sites - coinbase, blockchain, etc). In fact, the developers remained on the sidelines, but the stock of the work that they had already done and used by the miners, users for new updates.

    Segwit is an extremely interesting update for Bitcoin, which allows you to make Transaction ID stable for changes by miners. Today, there are techniques when a miner, or the owner can change the inside of a transaction, that the essence will remain the same, but the id will change. It is worth telling about Segwit separately and in detail, but the main difference between the Segwit update and other updates is that it is extremely voluminous.

    For Segwit updates, updated systems must hold as many as two blockchain (!), One which they will show to all nodes before SegWit, and to other nodes after SegWit. The essence of transactions and output, of course, will coincide, but input is slightly different. The fact is that the mechanism for calculating transactionId has changed, and this is a necessary parameter for input. Changing the segwit of the blockchain is irreversible, since the new blocks cannot mix with the old ones and must go strictly by agreement, which just caused a big delay and a lot of negotiations.

    On August 1, a locked-in for Segwit occurred, i.e. blocks that do not claim support for segwit are not included in the blockchain. The final activation of Segwit will take place on August 22 and witness data can be stored in transactions.

    1 byte of Witness data counts as 0.25 bytes, and 1 byte of the rest of the data remains 1 byte. The block size without witness data has not increased and is still 1 MB, but with segwit it can be 4 MB! Segwit is a soft fork and cannot increase the block size; otherwise, previous versions will not be able to validate new blocks. The irony is that miners are adapting new blocks for old customers so that they can be failed. The new transaction format is also different and also requires adaptation between versions.

    Perhaps there is still some way to increase the block size while maintaining backward compatibility. For example, reduce the complexity of mining tasks and generate blocks more often.

    Bitcoin Cash - how to make money and how to give others money


    What did they expect on August 1? What will happen is hard fork and we will see dissenters. What happened?
    Something strange happened ... Since all plans for hard fork were expected on August 1, then all sites wrote on August 2 that bitcoin was divided and all commentators picked up this idea and the situation became confusing.

    Let's consider + and - whether Bitcoin Cash is fork or not:
    - Bitcoin Cash really took the whole history of Bitcoin until August 1 as it is (+ hard fork)
    - Bitcoin Cash instantly stopped processing valid transactions spread across the Bitcoin network (- not fork)
    - Is Bitcoin Cash disconnected from the Bitcoin network? (non-typical fork)
    - Bitcoin Cash began to reject new Bitcoin blocks (+ hard fork, new blocks are not compatible by validation)
    - Bitcoin Cash made an incompatible change with Bitcoin - increased the block to 8 MB (+ hard fork)
    - Bitcoin Cash refused to enable SegWit (+ hard fork)

    In principle, with reservations, it can be said that Bitcoin Cash is a fork. But 2 factors still say that this is a bitcoin history fork, not a bitcoin fork.
    - stopped processing valid transactions (requires verification)
    - it looked like an extremely planned action on the part of the BCH organizers, and not an attack or protection of their interests in Bitcoin (a new wallet, new mining tools, new blockchain explorer appeared immediately))

    Who benefits from this?
    - In principle, everyone who had bitcoins now has 20-30% more.
    - We have a new, already popular blockchain structure with 8MB per transaction, which is 8 times more, and therefore cheaper.
    - To those who bought a lot of Bitcoin before the split, and sold them immediately after the split. Fee from sales amounted to 0.2-0.5% of X, and revenue for 10 minutes 30% of X. If you put X = 10,000,000, then calculate for yourself.

    Prospects and what's next


    The most interesting thing is that Bitcoin conducted only soft fork and is only getting ready for hard fork on November 20. Already in November there will be a real hard fork and it will be inevitable (probably). Miners decided to increase the block to 2MB, this will automatically make the old versions of the Bitcoin wallet incompatible, which will cause people to either upgrade and accept 2 MB or continue to litter the network with an alternative version of blockchain, and maybe someone will continue to mine 1 MB blocks . I really hope that this does not happen.

    After segwit2x, perhaps the bitcoin core group will meet again and return to the development of new BIPs, as well as update the official bitcoin core client to support 2MB block. At least all existing BIPs have been developed with its support.

    PS I admit a large number of technical inaccuracies, please comment - we will correct it.

    PPS What could not be said, but it may succeed next time, unsubscribe if interested

    • What is transaction malleability and how did Segwit solve it
    • How transaction encryption occurs and why miners fail to steal it
    • How to make primitive and complex contracts for Bitcoin (create an account for 3 people and allow payments only with the consent of two)
    • What is a lightning network and why a ready-made idea awaits segwit

    Only registered users can participate in the survey. Please come in.

    Did I learn something new from the article

    • 43.4% Learned a lot about 89
    • 14.1% Secured, what already knew 29
    • 35.1% Article was incomprehensible 72
    • 7.3% The article was uninteresting 15

    Also popular now: