While the Bitcoin (BTC) collaborator community has discussed changes to the Bitcoin Core client and elimination of restrictions on the OP_Return transaction, developer Ruben Somsen shows a potential obstacle to the protocol.
This issue has been detected and linked to proposed Bitcoin 30 (BIP-30) improvements on duplicate transaction rules, which could generate risk in unlikely scenarios of network reorganization.
According to Somsen, a suspicious failure
Ruben Somsen is known for his contributions to proposals such as silent payments. BIP-30 failure has been identifieda proposal created by Pieter Wuille and implemented in 2012 to prevent duplicate transactions in Bitcoin.
Possibility of possible failures is low, but possible Causes branching within the network If there is a 2010 block reorganization, the current control focuses on scenarios (Checkpoint) Reduce. This branch means a change in the rule that requires all nodes to update the software.Hard fork”.
Meanwhile, reorganization occurs when Bitcoin nodes replace the blockchain with a longer one.
The BIP-30, which was activated from the Genesis block until March 2013 (BIP-34 block 227,931), is trying to avoid it. Two transactions with the same identifier (TXID) coexist In the file if no output is used. In Bitcoin, each transaction generates a non-penetrating exit (UTXO). This is the funds that can be used to spend on future transactions. BIP-30 checks for new transactions I don’t believe in existing exits In UTXO sets, it can cause “confusion” to the nodes and allow double expenses.
Somsen explains that the issue lies in two historical exceptions to the 2010 Coinbase transaction (which generates new Bitcoin in each block).
In block 91880, Coinbase transactions overcome the transaction in block 91722 and eliminated it from the UTXO set. If a reorganization between these blocks occurs, the nodes that handle the reorganization will eliminate the overall output, but nodes that do not witness it will retain it. If this exit is spent later, The node has an inconsistent utxo set, causing branching.
«The problem arises when reorganizing the blockchain to a point between blocks 91880 and 91722. The entire output will completely disappear from the UTXO set. However, the node that did not witness the reorganization still has its entire UTXO. If that UTXO is spent, it leads to a fork,” says Somsen.
How real is the risk?
The risks that Somsen presents are theoretical. This is something as there is a need to reorganize the Bitcoin network until 2010. It’s virtually impossible Due to the vast amount of work accumulated in the chain and the control points that would hinder its reorganization until 2013. However, the community is considering eliminating these Checkpointaccording to the developer, “theoretically exploitable” failure is not practical, but it’s about what to do.
Somsen does not advocate for immediate action because “the status quo appears to be very sustainable.” However, he proposes two solutions to alleviate the problem. The first is to prohibit any partial reorganization between blocks 91722 and 91880 and force 160 full blocks or none nodes to be reorganized. “This isn’t a major limitation, given that only 160 blocks of mining are less difficult in 2010,” he explains.
The second solution proposed after discussion with developer Sjors Provoost takes advantage of possible eliminations Checkpointconsider A Hard fork (Changes that are not compatible with previous versions). this You can change the consensus rules before 2013 The failure is fixed to prevent Coinbase transactions from blocks 91880 and 91842 from being eliminated during reorganization.
BIP-30 Inefficiency: Somsen Analysis
Beyond the failure of the consensus, Somsen highlights the inefficiency of the BIP-30. Check the entire UTXO set for each transactionexpensive processes in calculation terms. This validation complicates alternative verification methods exposed by Somsen, such as Utreeexo, which reduces the size of the utxo set, and the size of the utxo set to accelerate node synchronization (Zerosync based on Zero Knowledge Test)Zero knowledge).
Developers suggest replacing this validation with a cache of Coinbase (TXIDS) transactions. This takes up about 7 MB and blocks 227931 and check it out. There are no replicas. Furthermore, Coinbase transactions suggest that even in the case of reorganizations, they do not conflict with the BIP-34 rules that guarantee the uniqueness of these transactions. “Inefficient verification of the BIP-30 UTXO set can be replaced with Coinbase uniqueness verification,” says Somsen.
Luke Daschle’s answer
Developer Luke Dashul, CTO and CO Founder of Bitcoin Ocean’s Mining Pool, responded to Somsen’s proposal with two additional solutions.
The first is to treat transaction overrides as an expense and restore the original UTXO. The second suggests not to create UTXO which is overwritten when it is first detected.
However, DashJR questioned Somse’s suggestion to use a TXID cache, claiming it would validate 7 MB of data from transactions It’s less efficient Rather than comparing 64 bytes. “It sounds strictly worse than how we handle it today,” he said.
In Bitcoin, the current way of identifying transactions is based on a comparison of the TXID, which is a transaction hash. That hash is generated using SHA-256 and its size is 32 bytes.
DashJR might be thinking of a context (one TXID and another identifier) where two 32-byte hashes are compared, and adds 64 bytes. However, in BIP-30 verification, only a 32-byte TXID is used per transaction.
Discussion for the future of Bitcoin
Supported by discussions with experts such as Antoine Poinsot, Pieter Wuille and Sjors Provoost, Somsen’s analysis stands out its failure to highlight the importance of reviewing Bitcoin’s consensus rules, although remote.
The BIP-30 failure does not represent an immediate threat to Bitcoin users, but its identification reflects the developer’s commitment to network security created by Nakamoto Atoshi.