Getting the inside scoop on the Segregated Witness. The truth shall set you free.
Segregated Witness: A Fork Too Far
This paper first examines Segregated Witness (SW), then demonstrates how it can only fail to realize its designed purpose, how it encumbers Bitcoin with irreversible technical debt, and how it threatens the fungibility of the currency.
Bitcoin is Being Hot-Wired for Settlement
SW avoids an ecosystem-wide hard fork through ecosystem-wide upgrades to bitcoin transactions, blocks, addresses, scripts, full nodes, miners, wallets, explorers, libraries, and APIs. All to provide partial relief to core block pressure assuming users upgrade — 1.6M if 100% upgrade, based on current usage.
SW roll-out requires extensive software modifications just to maintain current functionality in the face of rising transaction volume. SW complicates bitcoin economics by splitting a “block” into a basket of two economic resources — core block and extended block — each with unique price incentives and (heavily intersecting) sets of actors.
Bitcoin Upgrade Governance, Hard Forks and Segregated Witness
In terms of updates to production software, Segregated Witness pushes complexity up-layer, with a ripple-out impact of changes, from one team (bitcoin core) to many teams out in the ecosystem.
Core Segwit — Thinking of upgrading? You need to read this!
Segwit cannot be rolled back because to unupgraded clients, a segwit txn looks to pay ANYONE (technically, anyone can spend the outputs). After activation, if segwit is rolled back via voluntary downgrade of a majority of miners software, then all funds locked in segwit outputs can be taken by unscrupulous miners. As more funds gets locked up in segwit outputs, the incentive for miners to collude to claim them grows. Compare this to a block limit increase hardfork, which can be rolled back by a block limit decreasing softfork.
Segwit doesn’t actually increase the blocksize, it just counts blocksize differently giving a discount for the segregated witness data.
Segwit doesn’t actually fix malleability bug or quadratic hashing, for outputs which are not segwit outputs. Yes, this means that as long as there are non-segwit outputs in the blockchain (for instance, long untouched coins like Satoshi Nakamoto’s) these problems will still be exploitable on the network.
Presently the danger of a 51% miner collusion is just the danger that txn can be censored, or that a miner can double spend their own txn. There is nothing that a 51% cartel can do to steal your bitcoins. But if everyone was using segwit, then that [stealing] actually becomes a reality.
Segwit grows technical debt. The idea of shoehorning the merkel root of the signatures into the coinbase message is a cludge made just so that segwit could be deployed as a soft-fork. How many kludges do we want to put into the Bitcoin base layer? Are we going to make soft-forks (and thus kludges) the normal practice?
SegWit is not great
On the other hand, SegWit is essentially a hard fork disguised as a soft fork. It strips the regular block out of most meaningful information and moves it to the extension block. While software that isn’t updated to support SegWit will still accept the blockchain, it has lost all ability to actually understand and validate it.
An old wallet won’t understand if its owner is being sent money. It won’t be able able to spend it. A node is unable to validate the transactions in the blockchain as they all look valid no matter what. Overall, while SegWit can be technically qualified as a soft fork, it puts anyone who does not upgrade at risk.
How Software Gets Bloated: From Telephony to Bitcoin
Some Bitcoin devs are considering a trick where they repurpose “anyone can spend” transactions into supporting something called segregated witnesses.
To older versions of Bitcoin software deployed in the wild, it looks like someone is throwing cash, literally, into the air in a way where anyone can grab it and make it theirs.
Except newer versions of software make sure that only the intended people catch it, if they have the right kind of signature, separated appropriately from the transaction so it can be transmitted, validated and stored, or discarded, independently.
Amazingly, the old legacy software that is difficult to change sees that money got thrown into the air and got picked up by someone, while new software knew all along that it could only have been picked up by its intended recipient.
How do SegWit and FlexTrans compare?
People that receive a payment from a SegWit user will not have any progress reports of that payment unless they have a SegWit wallet. Users pay more to users that don’t have a SegWit wallet. The networked basis of money makes it a certainty that practically all people need to upgrade. And that begs the question if there really is a benefit to the SegWit solution.
Why We Must Oppose Core’s Segwit Soft Fork, Bitcoin Miner Jiang Zhuo’er Tells You Why!
Bitcoin Core plans to implement Segwit as a soft fork, and then to forever limit the block size to a piddling 1MB, turning the blockchain into a settlement network that is hard to distinguish from SWIFT.
Scaling Bitcoin: Reflections from the DCG Portfolio
One company notes, “Last year we got on the Bitcoin Classic bandwagon out of desperation. Our stance was: Segwit sounds complex and Classic seems easy and buys us time.
Segwit has “only been tested by core devs on testnet… the main worry would be that this testing may not match what enterprises actually need on a production level”.
Bitcoin company CTO here. Why I oppose Segwit.
Largely out of technical objections, and political ones also. I see Segwit as a crudely-designed kludge, and an unnecessary complication to the protocol. Open Transactions was working on a sidechain implementation years ago that didn’t require Segwit, it only required deterministic ordering of UTXOs when creating new tx, which still doesn’t have a BIP and it’s a damn shame because that was a great idea.
Segwit: The Poison Pill for Bitcoin
Direct scaling has a 1.0 marginal scaling impact. Segwit has a 0.42 marginal scaling impact. I think the miners realize this. In addition to scaling more efficiently, direct scaling also is projected to yield more fees per block, a better user experience at lower TX fees, and a higher price creating larger block reward.
Why soft fork is a very bad idea and should be avoided at all costs
I was surprised by the latest announcement of Pieter that a SegWit implementation which changes pretty much everything in bitcoin can be implemented via a soft fork, where it does not require all the nodes to upgrade to be compatible.
After a bit research, this is possible because you can always give old data new meaning in a new implementation, while the old nodes simply do not know how to parse that data.
As a result, a new block will be accepted by the old nodes because they appear to be valid. But in the new implementation, they are just a small subset of the new data structure, all the transaction data is in another related block.
Translation Of Chinese Miner Consensus Meeting
First, assuming Seg Wit is used by all one-signature tx, the effectiveness of it is only equivalent to a 1.6MB block size. Because of the complexity and development needed for Seg Wit, some may refuse to employ the update. Assuming 50% of tx use Seg Wit in 12 months, this is equivalent to a 1.3MB block size, which is pretty useless.
Second, Seg Wit requires a lot of manipulation of core components of Bitcoin, which carries a lot of risk. Bitmain CEO: “Currently Core devs are working overtime to catch up with the development schedule. We all know what will happen if we can’t get enough sleep and code on…”
SegWit and technologies built on it are grossly oversold
Like all good lies, there is a kernel of truth behind them. However, like all good lie, they omit or distort some specific information which are key. Like all good lie, they get repeated so often that they may end up looking like truth. Let’s go over some of them.
An Open Letter to Bitcoin Miners
Since miners are unwilling to accept segwit on its own, and since Core will not compromise, the only logical alternative is bigger blocks, which is the best option regardless.
The SegWit 15% Attack
The nature of the protocol change is in some ways insidious, in dividing the scenario technical ‘experts’ have again ignored economic incentives. They have used the technical format known as AnyoneCanSpend to capture the existing protocol and redirect selected transactions into a new divided protocol.
Segregated Witness or Separated Legality
My first concern started with possible patent infringements that people had been attributing to segregated witness. That in itself is an issue, however, there are larger legal concerns. My biggest problem having studied law is this ill-founded conception that has been promulgated by several of the most prominent people within the bitcoin community.