Idelto

Cryptocurrency news website

Bitcoin Core

Bitcoin Optech #144: Taproot, Bitcoin Core Meetings And More

by

This week’s newsletter covers progress on Taproot activation, a Bitcoin Core PR Review Club meeting and more.

The Bitcoin Optech newsletter provides readers with a top-level summary of the most important technical news happening in Bitcoin, along with resources that help them learn more. To help our readers stay up-to-date with Bitcoin, we’re republishing the latest issue of this newsletter below. Remember to subscribe to receive this content straight to your inbox.

This week’s newsletter summarizes recent progress on code to activate taproot and contains our regular sections with descriptions of a recent Bitcoin Core PR Review Club meeting and notable changes to popular Bitcoin infrastructure software.

News

  • Taproot activation discussion: since our last update on discussion about activation methods for the taproot soft fork in Newsletter #139, the Speedy Trial proposal became the focus of attention among those interested in activation. PRs were opened for two variants of it: PR#21377, using a variation on BIP9, and PR#21392, using a modification that became part of BIP8. The main technical difference between these PRs is how their start and stop points were specified. PR#21377 uses Median Time Past (MTP); PR#21392 uses the height of the current block.
    MTP is normally roughly consistent between Bitcoin’s main network (mainnet) and its various test networks, such as testnet, the default signet, and various independent signets. This allows multiple networks to share a single set of activation parameters even if they have vastly different block heights, minimizing the work of keeping those networks’ users in sync with mainnet’s consensus changes.
    Unfortunately, MTP can be easily manipulated in small ways by a small number of miners and in large ways by a majority of hash rate. It can also revert to an earlier time even by accident during a block chain reorganization. By comparison, heights can only decrease in extraordinary reorgs.1 That generally allows reviewers to make the simplifying assumption that height will only ever increase, making it easier to analyze height-based activation mechanisms than MTP mechanisms.
    These tradeoffs between the two proposals, among other concerns, created an impasse that some developers thought was preventing either PR from receiving additional review and, ultimately, getting one of them merged into Bitcoin Core. That impasse was resolved to the satisfaction of some participants in the activation discussion when the authors of the two PRs agreed to a compromise:
  1. To use MTP for the time when nodes begin counting blocks signaling for the soft fork, with counting starting at the beginning of the next 2,016-block retarget period after the start time. This is identical to the way BIP9 versionbits and BIP148 UASF started counting blocks for the soft forks they helped activate.
  2. To also use MTP for the time when nodes stop counting block signaling for a soft fork that hasn’t locked in yet. However, in a difference from BIP9, the MTP stop time is only checked at the end of retarget periods where counting was performed. This removes the ability for an activation attempt to go directly from started to failed, simplifying analysis and guaranteeing that there will be at least one complete 2,016 block period where miners can signal for activation.
  3. To use height for the minimum activation parameter. This further simplifies analysis and also remains compatible with the goal of allowing multiple test networks to share activation parameters. Even though height may differ on those networks, they can all use a minimum activation height of 0 to activate within the window defined by MTP.
  • Although some discussion participants expressed their displeasure with the compromise proposal, its implementation has now received reviews or expressions of support from over a dozen active contributors to Bitcoin Core and the maintainers of two other full node implementations (btcd and libbitcoin). We hope this momentum to activate taproot continues and we’ll be able to report additional progress in a future newsletter.

    • Bitcoin Core PR Review Club

    In this monthly section, we summarize a recent Bitcoin Core PR Review Club meeting, highlighting some of the important questions and answers. Click on a question below to see a summary of the answer from the meeting.

    Introduce deploymentstatus is a PR (#19438) by Anthony Towns that proposes three helper functions to make it easier to bury future deployments without changing all the code paths that check a soft fork’s activation status: DeploymentEnabled to test if a deployment can be active, DeploymentActiveAt to check if a deployment should be enforced in the given block, and DeploymentActiveAfter to know if a deployment should be enforced in the following block. All three work with both buried deployments and version bits deployments.

    The review club discussion focused on understanding the change and its potential benefits.

    • What are the advantages of a BIP90 buried deployment over a BIP9 version bits deployment?
        • A buried deployment simplifies the deployment logic by replacing the test that governs enforcement with simple height checks, thereby reducing the technical debt associated with deployment of those consensus changes.
    • How many buried deployments are enumerated by this PR?
        • Five: height in coinbase, CLTV (CHECKLOCKTIMEVERIFY), strict DER signatures, CSV (OP_CHECKSEQUENCEVERIFY), and segwit. They are listed in the BuriedDeployment enumerator proposed by the PR in src/consensus/params.h#L14-22. One could argue that the Satoshi-era soft forks are also buried.
    • How many version bits deployments are currently defined?
        • Two: testdummy and schnorr/taproot (BIPs 340-342), enumerated in the codebase in src/consensus/params.h#L25-31.
    • If the taproot soft fork is activated and we later want to bury that activation method, what changes would need to be made to Bitcoin Core, if this PR is merged?
        • The main change would be greatly simplified compared to the current code: move the DEPLOYMENT_TAPROOT line from the DeploymentPos enumerator to the BuriedDeployment one. Most importantly, no validation logic would need to be changed.

    Notable code and documentation changes

    Notable changes this week in Bitcoin Core, C-Lightning, Eclair, LND, Rust-Lightning, libsecp256k1, Hardware Wallet Interface (HWI), Rust Bitcoin, BTCPay Server, Bitcoin Improvement Proposals (BIPs), and Lightning BOLTs.

    • Bitcoin Core #21594 adds a network field to the getnodeaddresses RPC to help identify nodes on various networks (i.e. IPv4, IPv6, I2P, onion). The author has also proposed that this lays the groundwork for a future patch for getnodeaddresses that takes an argument of a specific network and returns only addresses in that network.
    • Bitcoin Core #21166 improves the signrawtransactionwithwallet RPC, allowing it to sign inputs in transactions which have other signed inputs that are not owned by the wallet. Previously, if the RPC was passed a transaction that had signed inputs not owned by the wallet, the witnesses to those inputs would be broken in the returned transaction. Signing inputs in transactions with other signed inputs can be useful in a variety of situations, including adding inputs/outputs to bump the transaction fee.
    • LND #5108 adds support for making spontaneous Atomic Multipath Payments (also called Original AMPs) using the low-level sendtoroute RPC. Original AMPs are non-interactive (or spontaneous) by nature as the spender selects all preimages. Spender preimage selection is also a part of keysend-style spontaneous payments, which have been used for singlepath spontaneous payments. Follow-up PRs are expected to make spontaneous multipath payments available to the higher-level sendpayment RPC.
    • LND #5047 allows the wallet to import BIP32 extended public keys (xpubs) and use them for receiving payments to LND’s onchain wallet. In combination with LND’s recently updated support for PSBTs (see Newsletter #118), this allows LND to operate as a watch-only wallet for its non-channel funds. For example, Alice can import the xpub from her cold wallet, deposit funds into that wallet using an address LND gives her, request LND open a channel, sign a PSBT opening that channel with her cold wallet, and then have LND automatically deposit funds back to her cold wallet when the channel is closed. That last part—depositing closed channel funds back to a cold wallet—may require extra steps, particularly in the case of non-cooperatively closed channels, but this change brings LND most of the way towards being fully interoperable with PSBT-compatible cold wallets and hardware wallets.

    Footnotes

    1. If every block on the block chain had the same individual Proof of Work (PoW), the valid chain with the most aggregate PoW would also be the longest chain—the chain whose latest block had the greatest height yet seen. However, every 2,016 blocks, the Bitcoin protocol adjusts the amount of PoW that new blocks need to contain, increasing or decreasing the work needing to be proved in an attempt to keep the average time between blocks around 10 minutes. That means it’s possible for a chain with fewer blocks to have more PoW than a chain with more blocks.
      Bitcoin users use the chain with the most PoW—not the most blocks—to determine whether they’ve received money. When users see a valid variation on that chain where some of the blocks on the end have been replaced by different blocks, they use that reorganized chain if it contains more PoW than their current chain. Because the reorg chain may contain fewer blocks, despite having more cumulative PoW, it’s possible for the height of the chain to decrease.
      Although this is a theoretical concern, it’s usually not a practical problem. Decreasing height is only possible when a reorg crosses at least one of the retarget boundaries between one set of 2,016 blocks and another set of 2,016 blocks. It also requires a reorg involving a large number of blocks or a recent major change in the amount of PoW required (indicating either a recent major increase or decrease of hash rate, or an observable manipulation by miners). In the context of BIP8, we don’t believe a reorg that decreased height would have any more impact on users during an activation than a more typical reorg. ↩

    Find the original post here.

    Please subscribe to the Bitcoin Optech newsletter directly to receive this content straight to your inbox every month.

    Bitcoin Optech Newsletter #143: LN Node Software

    by

    This week’s Bitcoin Optech newsletter includes a release for LN node software and notable changes to Bitcoin Core.

    The Bitcoin Optech newsletter provides readers with a top-level summary of the most important technical news happening in Bitcoin, along with resources that help them learn more. To help our readers stay up-to-date with Bitcoin, we’re republishing the latest issue of this newsletter below. Remember to subscribe to receive this content straight to your inbox.

    News

    No noteworthy news to report this week.

    Releases and release candidates

    New releases and release candidates for popular Bitcoin infrastructure projects. Please consider upgrading to new releases or helping to test release candidates.

    • C-Lightning 0.10.0 is the newest major release of this LN node software. It contains a number of enhancements to its API and includes experimental support for dual funding.
    • BTCPay 1.0.7.2 fixes minor issues discovered after last week’s security release.

    Notable code and documentation changes

    Notable changes this week in Bitcoin Core, C-Lightning, Eclair, LND, Rust-Lightning, libsecp256k1, Hardware Wallet Interface (HWI), Rust Bitcoin, BTCPay Server, Bitcoin Improvement Proposals (BIPs), and Lightning BOLTs.

    • Bitcoin Core #20286 removes the fields addresses and reqSigs from the responses of the RPCs gettxout, getrawtransaction, decoderawtransaction, decodescript, gettransaction, and the REST endpoints /rest/tx, /rest/getutxos, /rest/block. When a well-defined address exists, the responses now include the optional field address instead. The deprecated fields had been used in the context of bare multisig which has no substantial use on the network today. The deprecated fields can be output via the configuration option -deprecatedrpc=addresses until the option is removed in Bitcoin Core 23.0.
    • Bitcoin Core #20197 improves the diversity of peer connections by updating the inbound peer eviction logic to protect the longest-running onion peers. It also adds unit test coverage for the current eviction protection logic. Onion peers have historically been disadvantaged by the eviction criteria due to their higher latency relative to IPv4 and IPv6 peers, leading to users filing multiple issues. An initial response to the issue began reserving slots for localhost peers as a proxy for onion peers. Later, explicit detection of inbound onion connections was added.
      With the updated logic, half of the protected slots are allocated to any onion and localhost peers, with onion peers receiving precedence over localhost peers. Now that support for the I2P privacy network has been added to Bitcoin Core (see Newsletter #139), a next step will be to extend eviction protection to I2P peers, as they generally have higher latency than onion peers.
    • Eclair #1750 removes support for Electrum and the corresponding 10,000 lines of code. Electrum was previously used by Eclair for mobile wallets. However, a new implementation, Eclair-kmp, is now recommended for use by mobile wallets, making Electrum support for Eclair unnecessary.
    • Eclair #1751 adds a blocking option to the payinvoice command which causes calls to payinvoice to block until the payment is completed. Previously, inefficiently polling the getsentinfo API was required for users to know when payments completed.

    Find the original post here.

    Please subscribe to the Bitcoin Optech newsletter directly to receive this content straight to your inbox every month.

    Optimizing Bitcoin With Gloria Zhao

    by

    This time on the “Bitcoin Magazine Podcast” host Christian Keroles talks with developer Gloria Zhao about her contributions to Bitcoin Core.

    Watch This Episode On YouTube

    Listen To This Episode:

    • Apple
    • Spotify
    • Google
    • Libsyn
    • Overcast

    This week on the “Bitcoin Magazine Podcast,” host Christian Keroles sat down with young Bitcoin developer Gloria Zhao to discuss her story and contributions to Bitcoin Core. Zhao grew up in the bay area and led the elite “Blockchain at Berkeley” group at UC Berkeley. Zhao discussed the misaligned incentives for top college developers pulling them toward altcoin and defi projects. She stated that she needed to be in tune with herself and her motivations in order to see Bitcoin Core as a viable and exciting career path.

    Zhao’s talent was quickly discovered by top Bitcoin contributors and she started as the first fellow of a nonprofit Bitcoin development organization, Brink Bitcoin. Zhao is currently working on the very important and thankless work improving the peer to peer layer between nodes. Her specific projects are called Packet Accept and Packet Relay. P2P development is incredibly stressful because it is how nodes talk to each other, and there is massive opportunity for an attack on Bitcoin.

    In the podcast we covered the following topics:

    • Gloria’s Bitcoin story
    • Experience at Cal and Blockchain at Berkeley
    • Bitcoin vs. blockchain in education
    • What is it like learning the technical side of Bitcoin
    • Advice to young aspiring bitcoin devs
    • What is “package accept” or “package relay”
    • Gloria’s most profound lesson from learning the technical side of Bitcoin

    You can follow Gloria on Twitter here, and LinkedIn here.

    Discussing Bitcoin Core 0.21.0

    by

    YouTube Video

    Listen To This Episode:

    • Apple
    • Spotify
    • Google
    • Libsyn
    • Overcast

    In this episode of “The Van Wirdum Sjorsnado,” hosts Aaron van Wirdum and Sjors Provoost discussed the newly released Bitcoin Core 0.21.0.

    Bitcoin Core 0.21.0 is the 21st and latest major release of the Bitcoin Core software, the oldest and most important Bitcoin node implementation, which is often also regarded as the reference implementation for the Bitcoin protocol.

    Guided by the Bitcoin Core 0.21.0 release notes, van Wirdum and Provoost discussed this release’s most important changes. These include the new mempool policy for rebroadcasting transactions, Tor v3 support, peer anchors for when the node restarts, BIP 157 (Neutrino) for light clients, the new testnet called Signet, BIP 339 (wtxid relay), Taproot code, RPC changes including a new send RPC, ZeroMQ, descriptor wallets, the new SQLite database system and the satoshi-per-byte fee denomination.

    For each of the new features, the hosts discussed what the features are, how they will change using Bitcoin (Core) and — where applicable — what the end goal is. (In Bitcoin Core development, new features are often part of a bigger process.) For any feature they discussed on a previous episode of “The Van Wirdum Sjorsnado,” they also mentioned the relevant episode number.

    Learn more about Bitcoin Core 0.21.0 release notes.

    The post Discussing Bitcoin Core 0.21.0 appeared first on Bitcoin Magazine.

    Bitcoin Core 0.21.0 Released: What’s New

    by

    Today marks the official release of Bitcoin Core 0.21.0, the 21st major release of Bitcoin’s original software client launched by Satoshi Nakamoto about 12 years ago. 

    Overseen by Bitcoin Core lead maintainer Wladimir van der Laan, this latest major release was developed by well over a hundred contributors in a span of about six months. The result of over 600 merged pull requests, Bitcoin Core 0.21.0 is one of the biggest Bitcoin Core releases in recent years, introducing various new features as well as privacy and performance improvements, while taking a big step towards the Schnorr/Taproot protocol upgrade.

    Below are some of the more notable changes.

    Descriptor Wallets

    When coins are sent to a Bitcoin address, what actually happens under the hood is that they are “locked up” in an unspent transaction output (UTXO), to only be “unlocked” (spent) in a later transaction if the conditions hidden in the UTXO are met. A typical condition is the inclusion of a valid signature corresponding to a specific public key. But conditions can for example also consist of the inclusion of a secret code, the lapse of a timelock or a combination of signatures (multisig).

    Until now, Bitcoin Core was designed to manage the UTXOs in its wallet around their corresponding private keys — even though private keys are just one of several potential conditions for spending coins. Bitcoin Core 0.21.0 instead introduces “descriptor wallets.” Descriptor wallets let users categorize their UTXOs based on the types of conditions that are required to spend them. (For example: one wallet for UTXOs that just require a valid signature, and one wallet for multisig UTXOs.)

    Descriptor wallets are especially useful for application developers who design software on top of Bitcoin Core. A particular application can now easily be designed to utilize only a specific type of UTXO, like multisig UTXOs, and ignore any non-multisig UTXOs.

    Regular users may also notice a difference now that descriptor wallets are implemented. Perhaps most notably, no default wallet will be created when a new Bitcoin Core node is started up. Instead, a new wallet is only created when a user specifically chooses to do so, allowing them to create only the specifically desired type of wallet. Descriptor wallets also better support Watch Only wallets: wallets that keep track of certain UTXOs even though the node doesn’t have the private keys needed to spend them.

    Bitcoin Core users that upgrade to Bitcoin Core 0.21.0 will still be able to use their legacy wallet for now. (Legacy wallets will eventually be deprecated, meaning users will need to migrate their legacy wallet to a descriptor wallet, but this won’t be strictly necessary until a future Bitcoin Core release.)

    Serving Compact Block Filters Over The Peer-To-Peer Network

    “Light clients” are Bitcoin wallets and applications that don’t download and validate the entire Bitcoin blockchain, but instead only download and validate parts of blocks and transactions that concern them specifically. This is not optimally secure, but is much less resource intensive.

    One popular way to do this is with Bloom Filters. In short, Bloom Filters are a cryptographic trick to request relevant data from more or less random peer nodes on the network. Unfortunately, however, it has become clear over the years that Bloom Filters are rather privacy-unfriendly: they essentially reveal all of the user’s addresses to the (more or less random) peer node, which could of course be operated by a privacy-invading snoop.

    A newer and much more privacy-preserving alternative to the Bloom Filter solution is called “compact client-side block filtering” (BIP 157/158). Compact client-side block filtering essentially turns the Bloom Filter trick on its head. Instead of light wallets creating filters to send to full nodes, full nodes create filters for each block and send these to light clients on request. Light clients then use these filters to figure out if transactions relevant to them may have been included in a block. If so, the light wallet will fetch the whole block and pick any relevant transaction data out of it. (There will be some false positives; blocks that won’t have relevant transaction data in them even though the filter suggested they might.)

    Existing Bitcoin Core releases could already create the filters locally, and make them available through a remote procedure call (RPC) for applications running on top of the node (like wallets). Bitcoin Core 0.21.0 now also includes the option to make these filters available over Bitcoin’s peer-to-peer network on request. This makes it possible to now operate standalone light clients that use bloom filters.

    Fewer Rebroadcast Attempts

    Besides Bloom Filters, snoops can also break the privacy of Bitcoin users through network analysis. If they can figure out from which node a particular transaction originated, that node’s Bitcoin address(es) can be tied to its IP address, which can in turn be associated with a real-world identity.

    Until now, when Bitcoin Core nodes broadcasted a transaction to the Bitcoin network, they’d try to re-broadcast the transaction every fifteen minutes, until the transaction was included in a block. This meant that if these Bitcoin Core nodes were connected to a snooping peer, it would be obvious for the snoop that the Bitcoin Core node trying to re-broadcast a certain transaction every 15 minutes was also the node where that transaction originated.

    Bitcoin Core 0.21.0 greatly diminishes the frequency with which it tries to re-broadcast transactions: only once every 12 to 36 hours. Having to re-broadcast less frequently makes it much more likely that the transaction has been confirmed since the initial broadcast, so the node is less likely to have to re-broadcast at all.

    In future Bitcoin Core releases, this privacy leak will be fixed entirely. A Bitcoin Core node will then only re-broadcast transactions that should have been confirmed based on its own mempool and fee calculations. Furthermore, it will re-broadcast other transactions as well, not just its own.

    Tor V3 Support

    Due to a recent upgrade to the privacy-preserving Tor protocol, new V3 (version 3) Tor-addresses are longer than the V2 (version 2) addresses that came before them. V2 addresses are still in use, but will be deprecated in about a year from now.

    Deprecation of V2 addresses would have posed a problem for Bitcoin Core users who want to use Bitcoin over the privacy network. Bitcoin Core nodes find peers by sharing with each other Tor addresses of known Tor-using Bitcoin nodes. They shared this through the same message they use to share other nodes’ regular IP addresses. While Tor V2 addresses could be “hidden” in the regular IP address format (IPV6), Tor V3 addresses are too long for that; in other words, the current messages are too limited to be compatible with the Tor upgrade.

    Bitcoin Core 0.21.0 therefore introduces a new format to share IP/Tor addresses with peers. These messages can be big enough to share the Tor V3 addresses.

    Schnorr/Taproot Code and Signet/Regtest Deployment

    Schnorr/Taproot is poised to be Bitcoin’s first protocol upgrade since Segregated Witness (SegWit) in August 2017. Having been in development for well over two years, the Schnorr signature algorithm is considered an all-round improvement over Bitcoin’s current ECDSA signature algorithm. In combination with Taproot — a clever trick to hide various conditions to spend coins in a cryptographic hash tree — the upgrade promises to offer more smart contract flexibility in a scalable and privacy-preserving manner.

    The Schnorr/Taproot code is now included in Bitcoin Core 0.21.0. Barring unexpected developments, this means it will not be subject to any more change, which for example means that application developers could start designing software around the upgrade. In addition, Schnorr/Taproot is now available on Signet (a newer and more reliable variant of testnet, used by developers to test new Bitcoin software) and potentially also on Regtests (additional local testnet variants).

    Schnorr/Taproot will not, however, be available on Bitcoin’s mainnet just yet. For this, the upgrade will first need to activate, which requires activation logic that isn’t yet included in this Bitcoin Core release. Activation logic is expected to be included in a minor Bitcoin Core release, possibly somewhere in the next months.

    Other…

    On top of the changes above, Bitcoin Core 0.21.0 includes various bug fixes and performance improvements that won’t be as apparent for regular users. The Bitcoin Core wallet will for example switch from using the Berkeley DB to the SQLite database, which is better suited as an application data file and offers several guarantees in regards of compatibility, support and testing. Of interest is also that Bitcoin Core 0.21.0 includes a transaction request overhaul: the new message protocol that Bitcoin nodes use to learn about new transactions is better tested, better specified and easier to maintain and review.

    For a more extensive list of upgrades, also see the Bitcoin Core 0.21.0 release notes, or see this blog post by Bitcoin Core contributor Andrew Chow for a more extensive explanation of descriptor wallets (as well as legacy wallets) and SQLite (as well as Berkeley DB).

    Thanks to John Newbery for information and feedback.

    The post Bitcoin Core 0.21.0 Released: What’s New appeared first on Bitcoin Magazine.