Ways to tackle bloat in the Bitcoin blockchain

5 replies 481 views
ape_gasMember
Posts: 2 · Reputation: 106
#1Dec 24, 2019, 11:47 PM
I'm just getting started with Bitcoin development but really eager to learn and share ideas. Let’s chat about how we can tackle blockchain bloat. Like many of you, I want Bitcoin to stay decentralized, which means we need to make it easier for full nodes to operate without needing tons of storage ideally not more than 800 GB over the years. I've heard people say that a problem in the Bitcoin network is some miners take on harmful or non-monetary transactions just for the cash, especially when they stand to gain big bucks. Efforts to persuade miners to stop this haven't worked out so well. So I’m thinking, maybe a software tweak could help curb this issue. Do you think we could change Bitcoin Core and related software to require a consensus from node operators before miners can process certain transactions? It seems like node operators might be more trustworthy since they’re not as easily tempted by financial gain to mess with the blockchain. Can we spot transactions that have huge UTXOs, a lot of public keys (some of which could be bogus, and we can't tell which ones), or other signs that might indicate a harmful transaction? I’ve got this idea, but I’m not sure if it’s doable: what if a transaction that meets certain criteria updates a temporary approval count before it gets distributed across the network? Then all the other nodes could see that approval count.
6 Reply Quote Share
ryan_nodeSenior Member
Posts: 204 · Reputation: 859
#2Dec 25, 2019, 02:06 AM
No good, easy to sybil attack. If someone wants it badly enough, they can spin up enough nodes to be 70% of the network. Mining is already a consensus mechanism, what you want is to change the consensus rules that everyone follows. There were a few ideas mentioned on the mailing list on this topic, but ultimately what it comes down to is trading the flexibility of script for rigidity in ensuring that all UTXOs can be spent. Essentially, the mechanism for doing this would be to require that every output also carry a proof that the output is spendable, i.e. a signature. However, this severely limits what script can do, to the point that script wouldn't really exist. I think there would be a lot of additional logistical nightmares as well (e.g. senders and receivers now need to coordinate in order for the sender to make a transaction). Furthermore, this wouldn't even stop data storage in Bitcoin. Sure it would make it harder, but steganography is an entire field dedicated to hiding data in things that are not meant to store such data. It would still be fairly easy to shove data in bits and pieces into pubkeys and hashes, it just takes a little bit of work to grind a couple bytes of a hash or pubkey to be the data that you want to embed. And since this is extra inefficient, the instances of this data would result in massive/lots of transactions. Lastly, just because a UTXO is spendable by someone doesn't necessarily mean that it will be spent. So even with such a scheme, we could have tons of UTXOs that encode some data inefficiently, and someone is able to spend them, but ... maybe they just don't, and they still have polluted the UTXO set.
4 Reply Quote Share
byte2019Senior Member
Posts: 270 · Reputation: 1836
#3Dec 25, 2019, 06:17 AM
Even in that case, it is quite likely, that people would still be able to make public keys, where they don't know the private key, but can produce a valid signature. A good example is this public key: https://mempool.space/testnet/address/032baf163f5e27261ab3228e61fb86dc98054abd514751fce93d7444e8fbc6a293 As you can easily check, the size of the signature is only 9 bytes, and it is crafted in a way, where knowing the private key would mean, that you would also know the private key to 020000000000000000000000000000000000000000000000000000000000000001, which would probably mean, that ECDSA is broken (or you found some hidden secret behind secp256k1 generator). Because making a single signature can be sometimes faked. And even if validation would be bulletproof, then still, signing things, and throwing away private keys, would still be possible.
2 Reply Quote Share
hash_bossLegendary
Posts: 1166 · Reputation: 5261
#4Dec 26, 2019, 05:18 AM
FWIW, cost to run Bitcoin full node is much lower than cost to run node for current top 100 altcoin by market cap. While it's theoretically possible to propose extreme fork which do these, 1. Treat script OP_FALSE OP_IF ... OP_FALSE as invalid. 2. Add size limit to script size. 3. Treat OP_RETURN with data bigger than X bytes as invalid. 4. Treat new UTXO that contain less than X satoshi as invalid. Such fork is very unlikely to be accepted. And if it does, some spammer will continue to add arbitrary data using fake address at higher cost. AFAIK no. Although i recall there were few discussions here that talks about theoretical address format which make fake public key/address become more expensive.
3 Reply Quote Share
fox100Senior Member
Posts: 165 · Reputation: 1050
#5Dec 26, 2019, 09:30 AM
If that worked bitcoin never would have had mining in the first place.  Mining exists because it doesn't work, for the reasons highlited by Ava.  Aside, the term is miner not minor-- the confusion is understanble, both are known to play with blocks. In addition to the excellent points as to why these sorts of schemes don't work anyone proposing these schemes should explain why, if their scheme actually worked, wouldn't just be a way for some rogue government actor to impose a blockaid on donating to their political opponents or what not. The whole reason preventing 'spam' in Bitcoin is hard is because Bitcoin was designed to be censorship resistant and to depend itself on censorship resistance to work, to take advantage of the nature of information being easy to spread and hard to stifle.  You don't need to settle the perennial debate on if filtering data stuffing nft shitcoin nonsense constitutes censorship itself to recognize that from a technical perspective the same *means* are used, and have similar effectiveness. If anything ordinary transactions are more vulnerable than bullshit:  Bullshit doesn't care much about how it's encoded.  Ground into TXIDs? Stuffed into 'fake addresses', twiddling bits of signatures?  There is no end to the flexibility of bullshit encoding because the network doesn't do anything with the bullshit data.  The honest user can't so easily freely change what they're doing to avoid some filter targeting them, and they may be much less well funded than a spammer.  It's easy for a spammer to e.g. get a relationship with a miner because while although what they're doing may be unpopular and repugnant to many, it isn't *illegal* anywhere, it's not going to get some powerful state actor mad at you, the worst it does is outrage a largely impotent social media mob. And even the angry mob can be avoided because miners can produce blocks anonymously too (and should be more often). Now I don't fear for Bitcoin's censorship resistance, these filtering methods ultimately don't work all that well.  But their advocates argue that not working well doesn't necessarily mean doing nothing at all-- maybe pushing hard and constantly issuing updates that stamp out each use as it's discovered could at least reduce the total volume of spam.  Yes, it probably could.   But at what cost?   You've just appointed or empowered a self appointed dictator[1] over what transactions are good or not, who will now waste lots of energy squishing stuff and you'll inevitable disagree with some of their decisions.  Even if there is some kind of *vote* someone is deciding how it works or setting its default behaviors.  You'll have sent a clear message to powerful actors that there exists tools to suppress transactions they don't like (or just haven't approved of) if only they apply enough pressure to node operators, developers, and/or miners.  And sure while the censorship may not be complete, they may not care just like people constantly demanding 'spam' filtering are fine with it being incomplete at best. I've grown wary of calling this traffic spam because it result in the wrong way of thinking about it.  Spam is messages directed to you that you don't want, filtering it is largely effective because all the filtering need to do is keep it from showing up in front of you-- it's still 'effective' when your (ISPs) computer had to process the spam, it's still effective if someone *else* got the spam. It just has to keep you from seeing it.   But this traffic in bitcoin involves a consenting sender, one or more consenting receivers, and a consenting miner who happily got paid for their facilitation.  To block it effectively, it has to be blocked by pretty much everyone.  Because-- short of using a block explorer or something-- you would never even see the 'spam' at all, the criteria for success is stuff like your computer not spending time processing it (or at least not storing it in the chain)... and that is an infinitely higher bar than applies for email spam. So I think you could fairly say that if you define spam the same way we do for email Bitcoin is already has almost perfect spam filtering,  that the only spam that remains is varrious kinds of 'dusting'.   People seldom complain about dusting though for that there are lot of additional things that could be done, because like email spam you wouldn't have to block it everywhere for everyone for it to have an impact, and because there is an involuntary receiver that doesn't want it. I think people too easily fall into the trap of thinking some obnoxious shitcoin stuff is "the enemy" and forgetting what Bitcoin is for in the first place. Shitcoin nft stuff isn't the enemy, the enemy is systems of money that are capriciously controlled by third parties, inflated out from under us, surveilled, seized, and wielded as a weapon against the political opponents of whomever has power over it. The embedded data stuff an annoyance, an impediment, occasionally a bit of a threat.. no doubt but it's not the enemy.  If it were it would have an easy solution: set the block size to zero and head home. No more spam!   When you run a node you take on varrious costs in doing so,  such as processing the 99.999999% of transactions that have nothing to do with you.  It's a cost of Bitcoin's existence and a well justified one.  Junk traffic is just part of that.  It's critical that nothing is able to flood you off the chain, junk traffic or not, aided by miners or not, but that's part of why the Bitcoin consensus rules have limits on the amount of resources the system can take up. [1] And inevitably the person who wants this job most is the person who on no accounts should be allowed to have it... that is even clear already in Bitcoin where the most outspoken anti-spam person is basically infamous for their fringe judgemental views.
0 Reply Quote Share
ape_gasMember
Posts: 2 · Reputation: 106
#6Dec 26, 2019, 10:29 AM
I'm thankful you shared that.  Such a solution would need to be paired with extra code for resistance to sybil attack, which might not be worth adding to get such a feature. It is good that mining already has a consensus mechanism, making sybil attacks cost more.  It sounds like the solutions mentioned so far would not be worth adding due to creating more problems than they solve.  Thank you for sharing. Bitcoin rocks!  I was distracted by altcoins when first finding out about bitcoin, and had to learn over time that bitcoin is still the best for many things. In my opinion, that's a great feature of bitcoin.  It prevents a lot of bad code changes from getting introduced. I'll have to look for some of those discussions.  It sounds interesting.   Excellent catch!  I went back and edited just the spelling of miner in my original post. I'll read through and ponder the rest of your post as soon as I can.  There are great points in there!  I am grateful to you and the others for discussing these ideas with me. [moderator's note: consecutive posts merged]
1 Reply Quote Share

Related topics