BIP-110 update: v0.4.1 release and implementation submitted to Bitcoin Core

From the mailing list.

> as for anyone who is following the work of the Electronic Frontier Foundation from times to times, there is a pending case in front of the US Supreme Court, Cox Communications, Inc vs. Sony Music Entertainment specifically on the liability of Internet service providers.

For the one who are following this kind of topic, in Cox vs Sony the decision has been yield over the last weeks, where the USC has withheld a lack of liability for internet service providers in the context of copyright infringement (“This Court has repeatedly made clear that mere knowledge that a service will be used to infringe is insufficient to establish the required intent to infringe”). I’ll leave the details to the US constitutional law specialists, of which I’m not as a I never clerked for a justice, but the concurrent opinion is also interesting as it’s analyzing distributed peer-to-peer software and for a wider scope.

In my view, in the light of this novel jurisprudence, I think the legal worries of the BIP110 proponent have been far overblown. In its current state, the current BIP110 text is still indirectly mentioning those legal worries half-word (i.e “The problem becomes even worse when the data is objectionable to node operators”). Might I suggest to edit the BIP in a sense to completely remove this mention, as with now there is more legal clarity on the matter (“objectionable” is a terminology directly coming from US administrative law doctrine on communication broadcast).

In my opinion, in some measure, we shouldn’t as protocol developers consider “exogenous” reasons in the design and development of consensus rules. Notably, among others reasons, to avoid introducing security bugs in the network due to ill-written legal texts.

I do not wish to sound too much dismissive of the BIP110 legal concerns (anyone is free to go to read the USC’s latest decision to make its own opinion, or the equivalent EU’s jurisprudence fwiw). Indeed zero legal risk can never be a thing, though here I can only share the measured and considered take of the EFF on running Tor nodes.

Excerpt:

“Can EFF promise that I won’t get in trouble for running a Tor relay?”

”No. All new technologies create legal uncertainties, and Tor is no exception. We cannot guarantee that you will never face any legal liability as a result of running a Tor relay”.

In my opinion, in some measure, we shouldn’t as protocol developers consider “exogenous” reasons in the design and development of consensus rules. Notably, among others reasons, to avoid introducing security bugs in the network due to ill-written legal texts.

In my since belief, the public debate among the community on the adoption or not of BIP110 would be of a far higher intellectual quality if wasn’t repeatedly poisoned by ungrounded legal claims on factual elements that said BIP110 proponents wish to be take in account for the evolution of technical consensus rules. Such attitude, in my personal opinion, can only lead any reasonable observer to doubt if they have real technical arguments after all or if it’s not an attempt to influence the public debate with deceptive tactics.

For clarity, I do not support BIP110, less for the technical issues it aims to address, and more because I think the peer-to-peer network stability is a valuable end goal in itself. We are not building a stronger ecosystem by bothering and burdening the wallet developers to have to adapt their stuff, or even forcing them to have to go through the myriad of BIP110 restrictions just to be sure that their wallets softwares, even if there are wallets only for simple funds transfers, do not have to be changed.

Discussing the categories of use-cases, the chain ressources consumptions, if we should favor or deprioritize some with weight penalties, etc all sounds legit technical discussions to have in my belief. After all, there are some unanswered real technical problems, e.g what we do if in the future the “vaults” off-chain transactions are over-bidding the blockspace at the very same time there is a massive closure of lightning chans.

The discussions can only be better if they are made on qualitative and quantitative arguments on adequate public forums where not only developers and maintainers are respected in the exercise of their (difficult) janitorial roles, but also where “exogenous” considerations like half-baked legal worries have been structurally ruled out.

Those considerations, if followed, in my humble view, can only favor a more serene and courteous public conversation.

Before supporting changes to Bitcoin - especially at consensus level - I would like to get some clarification about the “desirable effects” of BIP-110.

What gain to users is achieved whether blocks are full or not? The current rules allow for only a maximum growth of the blockchain at a linear rate.

Who decides which policies to uphold? This should be the decision of each node by its own mempool policy, no?

Can you define the unneccessary costs and risks of running a node in this scenario? We should be clearly informed of these issues.

Can you demonstrate an example of payments being unfairly disadvantaged?

Thank you for your time.

Even disregarding all the deficiencies with BIP110 which have been thoroughly elaborated upon elsewhere, I have no faith whatsoever in those numbers being representative of anything but a handful of people spinning up nodes to pad the numbers.

First of all, of the 1905 nodes registered on Bitnodes that advertise BIP110, more than 1300 are onion nodes. Creating an unlimited amount of onion addresses and pointing them at a node, then submitting that address to Bitnodes, is effectively free. As such, if anyone were to accept use Bitnodes stats for arguments of node distribution - and that’s a big if - the only meaningful number would be counting the nodes that have some semblance of cost, which would limit it to IPv4 nodes. Which would bring the number down to ~420 out of 7242, or 5.7%

Secondly, even those numbers do not at all match the distribution of subver strings that connect to my four public listening nodes. As of right now, I’m seeing:

• 1026 nodes running Core
• 141 nodes running Knots without BIP110
• 16 nodes running Knots with BIP110

So 16 out of 1167 nodes are advertising BIP110 in the subver, or 1.4%. Assuming that all nodes have an equal number of outgoing connections and an equal chance to connect to any of my nodes, this statistically gives a greater than 99% confidence that the real number is between 0.5% and 2.3%.

I put a raw data dump on pastebin for anyone interested. I filtered out all subvers without “Satoshi” in the string, which mostly limits it to Core and Knots nodes.

There is a reason soft forks are activated by mining power alone; node listen counts will always be suspect, and unlike node sockpuppeting, mining power cannot be falsified.

Greetings @ArmchairCryptologist.

Even disregarding all the deficiencies with BIP110 which have been thoroughly elaborated upon elsewhere

No one has yet brought up a reasonable technical objection to BIP-110.

I have no faith whatsoever in those numbers being representative of anything but a handful of people spinning up nodes to pad the numbers.

While it is true that support is difficult to gauge only from node counts, it would be foolish to claim that node counts don’t matter at all, especially given BIP-110’s overwhelming popularity among node operators, who have taken to social media in droves to post claims, and often screenshots, of their operation of the activation client. The fact that 4 BIP110-signaling blocks were mined in March alone is also a strong indicator that BIP-110 is rapidly gaining support.

So 16 out of 1167 nodes are advertising BIP110 in the subver, or 1.4%. Assuming that all nodes have an equal number of outgoing connections and an equal chance to connect to any of my nodes, this statistically gives a greater than 99% confidence that the real number is between 0.5% and 2.3%.

All of the services I know of that count different node software have much higher estimates than this. Forgive me if I am skeptical of your statistics here, especially since you are openly opposed to BIP-110.

There is a reason soft forks are activated by mining power alone; node listen counts will always be suspect, and unlike node sockpuppeting, mining power cannot be falsified.

Miners are not in charge of Bitcoin, as was demonstrated during the 2017 block size war. The nodes are in charge, and node operators are speaking in favor of BIP-110. I expect BIP-110 to activate early via the threshold, following Segwit’s 2017 example.

There is a whole thread of technical objections on the mailing list, and even more on your pull request, which you are well aware of. But to sum it up for new readers, the BIP does not accomplish its stated objective since the restrictions are easily bypassed by people who are looking to insert data, so it ends up doing nothing but cause disruption and uncertainty for legitimate usage - i.e., people who actually program their money.

Which no one has claimed. But fact remains that nodes can be easily spun up in large numbers at little cost, especially in the case of onion nodes, so all claims of community support that are backed by node counts must be taken with a massive dump truck of salt. Again, there are very good reasons for why Bitcoin operates on Proof-of-Work as opposed to Proof-of-Nodes or Proof-of-Tweets.

Accusing people of forging data to dispute a claim is not a reasonable way to garner buy-in for your proposal.

Widespread community consensus is required for sure, but if a small minority of nodes insist on following rules that are not enforced by a majority of miners, the best they can hope for is that they’ll end up on a minority chain, as opposed to a dead one.

I asked about blocks; the UTXO set is another matter.

utxo1600×500 44.5 KB

Above is a 3 year chart of the UTXO count, which is currently at 165,086,123 (verified by my own node at block height 944021), down from a high of over 180 million. It appears that the “rapid expansion” has already ended. If we take a conservative estimate of each user controlling just 2 UTXOs, we have at best ~80 million users in the Bitcoin network. Are we to propose changes to Bitcoin once we reach 100 million users? Or 200 million users? Is having many UTXOs harming Bitcoin?

The Bitcoin network has faced this many times in the past and will again in the future. Part of a permissionless system is allowing users to waste their money on whatever transactions they choose. Pricing out payments does not make sense - this implies you have the right to confirmed transactions at any time for any fee rate. It is nonsensical to ignore a dynamic fee market for transactions.

Transaction fees are currently low, which can only mean the “spam waves” have ended long before BIP-110. I don’t see a reason for change based on the lack of evidence.

Hi @dathonohm

Thanks for your respectful answer.

For example, the researchers who actually studied the topic concluded that “We thus believe that future blockchain designs must proactively cope with objectionable content. Peers can, e.g., filter incoming transactions or revert content-holding transactions, but this must be scalable > and transparent.

I had a cursory read on the linked paper. One has to observe it’s a paper that has been published by computer scientists at a computer science conference, where it most likely has been reviewed by a committee made of computer scientists, which are very likely competent in cryptography and security topics, albeit one can have a reasonable doubt on their competence and authority in matters of law, and if their acceptance review of the paper was really grounded. One can observe that the institution of origin of the authors is Aachen University. I believe it’s not Yale, Cambridge or the Humboldt, which have more a standing tradition for law. I won’t go through the whole paper and I’m going to circumvent my comments on one excerpt, as I think it’s what it’s interesting.

"Furthermore, users can be assumed to knowingly maintain control over such illegal content w.r.t. German law if sufficient media coverage causes the content’s existence to become public knowledge among Bitcoin users” (reference 61).

The source pointed by this sentence is an article of comparative law apparently made in a law journal. There is no excerpt of the quoted source in itself, the article is not widely available on the web, and there is no indication of the primary sources in German on which this article of doctrine is making its argumentation (be it jurisprudence, legal texts, penal practice, etc). Nor, afaict, the author herself or himself sounds to be a recognized name in the field of comparative law.

So without having the legal texts or jurisprudences under the eyes (and in German to be sure there is no a misleading in the translation by the English author when he wrote the article), this is hard to see on what the claim is based on. Further on, the article is dated of 2004, i.e at a time where all the special law and jurisprudence Internet was in its infancy and when distributed systems like Tor, Bittorent or Bitcoin were barely existent or even non-existent at all.

Now, few points of German and European law on the issue you’re mentioning.

In my understanding, you’re pointing out the worry of objectionable content on the bitcoin blockchain. The Karlsruhe’s Court has withheld in a landmark decision the right to informational self determination (excerpt: “Einschränkungen dieses Rechts auf “informationelle Selbstbestimmung” sind nur im überwiegenden Allgemeininteresse zulässig”). While it’s concerning primarly one’s own data, that right to informational self determination is often intersecting with the freedom of expression.

With in mind this right to informational self determination (which is a specificity of German constitutional law afaik), one can have a wonder weighting on one’s mind. Namely, that an illegal content can be encompassed as a religious blasphemy in let’s say some random jurisdiction and at the very same time this content be perfectly fine under German law. Filtering out this even could be even considered as a characterized encroachment of a German user’s right to informational self-determination.

That your linked article is not very weighting this kind of conflict of interests, that court of justice are used to daily adjudicate and balance wisely, sounds in my view a reasonable hint, that it’s not been primarily written by legal minds. One can think about this difficultly of conflicts of interests, due to the fact that those laws have been inspired by different corpus of morale rules, when you raising concerns about morality.

A second point of European law, here. The author to hold the claim that a media coverage might alter the validity of a legal text, or even introduce some kind of “presumption”. While there are indeed existent legal texts in some jurisdictions introducing presumptions for the possession of some class of forbidden materials, those texts are strictly bounded by superior legal norms (e.g to control their proportionate application). Going even further, in European jurisprudence there is a general principle that’s criminal law must be of strict interpretation, explicitly disparaging reasoning by analogy (what in my understanding the authors of your papers are doing). See CEDH, 8 july. 1999, Başkaya and Okçuoğluc. Turkey. So a very imprecise allegation, which do not sounds to be grounded not specialized texts, is in my view, not a real legal concern.

Even more, those concerns of illegal content are scoped under European law for Internet intermediaries or complementarily by national laws for which there is available jurisprudence (to be noted: in this precise context, i’m aiming to do a value-free judgement on the intrinsic quality of those texts w.r.t the Internet). Under those frameworks, media or news organizations have no special role, nor there is even legal meaning specially attached to their actions. Every time, if there is an action to be taken it’s the role of a formal public authority.

May I say, respectfully, that you’re argumentation would be grounded in my eyes, if the research you’re citing would come from an established interdisciplinary studies center (e.g the Harvard’s Berkman Klein Center on Technology & Law). Here the linked paper, I fear it’s more a paper written by computer scientists in distributed systems, who were just seeking about a sophisticated justification to write more papers on technical modifications and proposed blockchains change.

Now where I agree with you, it’s reasonable to talk and think about the legal risks surrounding node operators. Though in the present situation, the viewpoint expressed by the EFF’s FAQ about Tor nodes sounds appropriate, in my humble view. It’s a novel technology, and with all novel technology associated legal risks might come with. If there are legal arguments I have underlooked, feel free to highlight them, I will have a look. From a cursory read of your linked paper, so far I’m not convinced. Of course, laws can evolve in the future (be it favorable or unfavorably), though with the current legal sources we’re discussing and in the present state of things, I believe my viewpoint is a measured and reasonable opinion.

There is a whole thread of technical objections on the mailing list, and even more on your pull request

None of these objections are technical, reasonable, and still applicable to the latest version of BIP-110.

the BIP does not accomplish its stated objective since the restrictions are easily bypassed by people who are looking to insert data

Oh? Please point me to where the BIP states that its objective is to prevent all data insertion. In fact, you will not find such a statement since BIP-110’s stated objective is explicitly not to stop all data insertion (See “Won’t spammers just spread their data over multiple fields?” https://github[.]com/bitcoin/bips/blob/master/bip-0110.mediawiki#specification-nuance (obfuscating this link since this forum does not seem to allow links to Github)).

it ends up doing nothing but cause disruption and uncertainty for legitimate usage - i.e., people who actually program their money.

It does no such thing. No active use cases are disrupted except spam use cases.

But fact remains that nodes can be easily spun up in large numbers at little cost, especially in the case of onion nodes, so all claims of community support that are backed by node counts must be taken with a massive dump truck of salt.

I have not claimed otherwise. I merely stated that node counts should not count for nothing, which I believe we agree on. Miner signaling is ramping up as well, so it seems wise for the ecosystem to prepare for activation now.

Accusing people of forging data to dispute a claim is not a reasonable way to garner buy-in for your proposal.

Criticizing Bitcoiners for expressing skepticism rather than just taking your word for it, especially when your word goes against all credible sources, is a surefire way to increase their skepticism.

Widespread community consensus is required for sure, but if a small minority of nodes insist on following rules that are not enforced by a majority of miners, the best they can hope for is that they’ll end up on a minority chain, as opposed to a dead one.

If this were true, BIP-148 would have failed. We can assume that since it succeeded, the same will happen with BIP-110.

It appears that the “rapid expansion” has already ended.

The attack could be 50x worse next time. If your roof was damaged by a storm 50x less severe than the worst case, and it stopped raining, would you take the opportunity to reinforce your roof to prepare it for the worst case, or would you say “it’s not raining now, so there’s no need to do anything”?

Are we to propose changes to Bitcoin once we reach 100 million users? Or 200 million users?

If it causes nodes to become harder to sync, then… obviously yes. Since the recent UTXO bloat has come from data spam, however, the low-hanging fruit is to filter data spam, as this “use case” artificially bloats the UTXO set much faster than normal usage. If and when there are enough monetary users that node sync times or decentralization start to become significantly impacted, then other scaling methods will need to be employed, since filtering spam would do nothing in that case.

The Bitcoin network has faced this many times in the past and will again in the future.

Yes, and all previous times, node operators rose up to oppose data spam, which eventually succeeded at driving it away.

Pricing out payments does not make sense - this implies you have the right to confirmed transactions at any time for any fee rate. It is nonsensical to ignore a dynamic fee market for transactions.

On the contrary; what is indeed nonsensical is to allow data spam to outcompete payments on a payment network.

Transaction fees are currently low, which can only mean the “spam waves” have ended long before BIP-110. I don’t see a reason for change based on the lack of evidence.

Again, we should take this opportunity to repair the damage caused by the storm; it would be very foolish to assume that the storm cannot return.

Thanks for your respectful answer.

Likewise.

Now where I agree with you, it’s reasonable to talk and think about the legal risks surrounding node operators. Though in the present situation, the viewpoint expressed by the EFF’s FAQ about Tor nodes sounds appropriate, in my humble view.

Operating a Tor node is nowhere close to operating a Bitcoin node. I have already expounded upon my reasoning for this stance. I don’t think it is reasonable to ignore it as you have done.

Anyway, it was not acceptable in 2017 to argue that big blocks might not be harmful, and it should not be acceptable in 2026 to argue that embracing toxic data storage as an official use case of the Bitcoin network might not be harmful. It is basic common sense that if we limit candidate node operators only to those users who have no moral scruples, then we are dooming Bitcoin’s node network to a much higher degree of centralization than would otherwise occur (since such users are only a small single-digit percentage of all possible users).

Given that BIP-110 handily avoids all risks from embracing arbitrary data storage (since it is an explicit rejection of arbitrary data storage), while preserving all known monetary use cases, activating BIP-110 is basic common sense.