New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Add a -permitbarepubkey
option
#29309
base: master
Are you sure you want to change the base?
Conversation
The following sections might be updated with supplementary metadata relevant to reviewers and maintainers. Code CoverageFor detailed information about the code coverage, see the test coverage report. ReviewsSee the guideline for information on the review process.
If your review is incorrectly listed, please react with 👎 to this comment and the bot will ignore it on the next update. ConflictsReviewers, this pull request conflicts with the following ones:
If you consider this pull request important, please also help to review the conflicting pull requests. Ideally, start with the one that should be merged first. |
Concept ACK. For me it's a good idea to already have code to do it, once merged we can discuss a default activation. |
Concept ACK.
There is, it gives node runners choice. |
Concept ACK, it's great to give users the option of filtering out potentially abusive txs 👍 |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
tACK vostrnad@8c1114a
Steps to test:
- Build vostrnad branch
- Start a regtest with
-chain=regtest
- Create a wallet with
bitcoin-cli createwallet
- Get address with
bitcoin-cli getnewaddress
- Generate blocks to get bitcoins
generatetoaddress 500 <address obtained previously>
- Create a P2PK tx, this repository can be useful to you.
- Test if the tx is accepted with
bitcoin-cli testmempoolaccept '["<RAW tx>"]'
Result obtained in my case with -permitbarepubkey=0
:
[
{
"txid": "03c1140befa500e1809f5fa6950a45516f651a2e88fe252ac6c9fec393c68f11",
"wtxid": "03c1140befa500e1809f5fa6950a45516f651a2e88fe252ac6c9fec393c68f11",
"allowed": false,
"reject-reason": "bare-pubkey"
}
]
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Concept ACK
Problems of P2PK:
Security Risk: Directly exposing the public key poses a risk if cryptographic standards change or are compromised.Pubkey is invariably exposed at the spent time for all the transaction types. This is not a problem limited to P2PK.Larger Transaction Size: P2PK transactions are larger due to the inclusion of full public keys, leading to higher transaction fees.The difference becomes insignificant after the usage of compressed Pubkey as the standard.Privacy Concerns: Exposing public keys can compromise user privacy by allowing easier linkage of transactions.
Considering the flaws of P2PK and the fact that it has almost been phased out from usage (https://transactionfee.info/charts/inputs-and-outputs-p2pk/?start=2019-01-01) I think it's a good idea to default to not relaying P2PK transaction. And I believe this PR is a good first step in doing that.
Code-wise, the PR looks great, and I think it’s a good idea to go forth with test implementation for it.
Edit: Removed the Problems with the P2PK section in light of the following discussion. 1, 2, 3
@@ -635,6 +635,8 @@ void SetupServerArgs(ArgsManager& argsman) | |||
MAX_OP_RETURN_RELAY), | |||
ArgsManager::ALLOW_ANY, OptionsCategory::NODE_RELAY); | |||
argsman.AddArg("-mempoolfullrbf", strprintf("Accept transaction replace-by-fee without requiring replaceability signaling (default: %u)", DEFAULT_MEMPOOL_FULL_RBF), ArgsManager::ALLOW_ANY, OptionsCategory::NODE_RELAY); | |||
argsman.AddArg("-permitbarepubkey", strprintf("Relay legacy pubkey outputs (default: %u)", DEFAULT_PERMIT_BAREPUBKEY), ArgsManager::ALLOW_ANY, |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
nit: Should we mention P2PK here?
argsman.AddArg("-permitbarepubkey", strprintf("Relay legacy pubkey outputs (default: %u)", DEFAULT_PERMIT_BAREPUBKEY), ArgsManager::ALLOW_ANY, | |
argsman.AddArg("-permitbarepubkey", strprintf("Relay legacy pubkey (P2PK) outputs (default: %u)", DEFAULT_PERMIT_BAREPUBKEY), ArgsManager::ALLOW_ANY, |
@shaavan The section "Problems of P2PK" seems completely wrong to me:
There are problems with P2PK, just not these ones. Did you perhaps use ChatGPT to generate this section? |
Thanks, @vostrnad, for pointing out the potential flaws in my review. Yes, I did use ChatGPT to structure my thoughts on the “problems with P2PK” in a coherent fashion, but I don’t believe the points are wrong. Taking references from, Programming Bitcoin, Jimmy Song https://github.com/jimmysong/programmingbitcoin/blob/master/ch06.asciidoc#problems-with-p2pk
Reference:
Reference:
I would love to hear your thoughts on it. Any points of correction on my understanding of the problem are very appreciated. |
If you have any other questions, please post them to Bitcoin Stack Exchange (where I'll gladly respond). GitHub comments are meant for discussing the code change at hand, not for asking general Bitcoin questions. Lastly, I would like to ask you not to use ChatGPT for writing pull request reviews. If I want to know what it'll hallucinate when asked for a review, I can ask it myself. |
Thanks, @vostrnad, for helping me bring clarity to my understanding. I understand that my points were made based on my limited knowledge surrounding the discussions around P2TR. And also, I made an incorrect point in my explanation. I have struck the “Problems of P2PK” section to avoid confusion for future reviewers. Lastly, though I might sometimes use ChatGPT to get better clarity on concepts or coherently express my thoughts, I will make sure to properly fact-check it before using any information when writing a review to ensure its quality. Thank you again. |
/** Default for -permitbarepubkey */ | ||
static constexpr bool DEFAULT_PERMIT_BAREPUBKEY{true}; |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Concept ACK because default policy is unchanged.
I don't care if this gets merged, personally I don't see any benefit of having this option (or -permitbaremultisig) and I would object to changing the default policy in this regard (similar to my objections to #28217).
It might be useful for testing and a few other use cases.
Concept ACK, it's great to give users the option of filtering out potentially abusive txs
The only potential abuse I foresee in the future is trying to make it default in another pull request without rationale, agreement from reviewers, etc.
@shaavan Also note ChatGPT output is not necessary clear of copyright issues, so should never be included directly. |
Github-Pull: bitcoin#29309 Rebased-From: 8c1114a
ffc6c0b
to
1dfe27e
Compare
Partially fixes #29285 (adds the option but leaves the default policy unchanged)
No tests so far, if there's consensus to move forward with this I'll look into adding them.
Disclaimer: I don't care if this gets merged, personally I don't see any benefit of having this option (or
-permitbaremultisig
) and I would object to changing the default policy in this regard (similar to my objections to #28217). However, as I think someone would inevitably open a PR for this, I thought this might be a good opportunity to dip my toes into Bitcoin Core development.