Bitcoin Cash. Was there a fork?

Today, the Bitcoin and Blockchain theme attracts an incredible amount of attention. Unfortunately, the news does not allow to understand the full scope of what is happening, as the authors are confused in terminology and in haste produce unprepared articles. Which again leads a wave of discussion from the technical side of the question to the question of speculation on the subject of a Bitcoin course.

Let us try to move emotions away and study together what is happening and what the consequences are.
')

Summary

• Bitcoin - a society of mathematics lovers
• What is fork? Why not so terrible attack 51%
• Segwit How it all began
• Bitcoin Cash - how to make money and how to give others money
• Perspectives

Bitcoin - a society of mathematics lovers

Many people represent bitcoin as an extremely simplified system. Sometimes it is convenient, and sometimes it makes it impossible to explain the current problem. For example, Bitcoin is presented as a huge ledger, where the miners try to write another page in the ledger every 5 minutes, where it will be recorded, from whom and to whom the funds were transferred. This analogy is convenient and in 99% it is so, it’s just hard to understand how you can get into this ledger, why you can create an address and account offline without ever contacting the Internet and other issues.

I offer another analogy, Bitcoin is a community of mathematics lovers. In the beginning, there was one mathematician Satoshi, who wrote the 1st problem and offered 50 coins (conventional units) for its solution. Satoshi was very cunning, he proposed such a task, to which only he knew the answer. But Satoshi was not only clever, but also clever, he drew attention and realized that the system would only be alive if there were other “mathematics” in it. Then, Satoshi announced the rules, everyone who solves the published task can publish their tasks and the number of coins from the solved task to distribute between new tasks. In confirmation, Satoshi showed the answer to his task and proposed 2 more tasks, one very simple for 20 coins, and the other again very difficult for 30 coins. Another mathematician immediately picked up this idea and solved a simple task for 20 coins and again created one very difficult one - for 15 coins, and another simple one - for 5 coins. In total, there were 3 unsolved problems in the system (1 from Satoshi, and two from another math) and 2 solved problems. Many mathematicians rushed to solve simple and complex problems and in a week there were 100-1000 open problems. At that time, the complexity of the problem was completely independent of the number of coins, but even then mathematicians intuitively collected more coins for their tasks.

The system revealed a significant flaw, it was necessary to maintain it online, so that mathematicians at any time could easily exchange solutions and post new problems. Naturally, mathematicians decided to attract other "mathematicians" (programmers) so that they could solve simpler problems, and for that, who would decide faster, they would receive 50 coins and the opportunity to publish their problem. So that computers (programmers programmed to solve simple tasks) did not solve problems too quickly and did not receive a lot of coins, the complexity of tasks varies dynamically, after every N blocks. Since then, all began to live in harmony or almost amicably.

Let's translate this story into understandable language Blockchain:

1. Each published task is a part of a transaction that contains the answer to the previously set task (previous transaction and scriptSig / signature) and new tasks (rough approximation of the output list), as well as the distribution of input coins to output coins.
2. Each simple task is the task of the mining block, namely, finding the key for the hash with the specified properties. It adapts so that the solution is approximately every 10 minutes.
3. Each block includes the answer to the solution of the mining problem and the list of transactions that the miner optionally included (important!)

- How close is this analogy to the real state of affairs in Bitcoin?
- Pretty much close, here are some judgments:

• Really. In Bitcoin, input, output (task description language) is a special Bitcoin script stack language. In which there are up to 80 op-code, including multiplication, addition, hashing, encryption, but no cycles!
• A typical output transaction looks like

  OP_DUP OP_HASH160 a4b4c5245e00d758c4364085d60375b8e22cf482 OP_EQUALVERIFY OP_CHECKSIG
  

  That in Russian means, try to pick up such a number that OP_HASH160 will be equal to a4b4c5245e00d758c4364085d60375b8e22cf482. Of course, this is a question with a trick, a person who publishes such a task knows the answer in advance, but he does not want to tell it to others, even if they are tormented, as he says, and he will do it when he wants new tasks.
• Bitcoin doesn’t have the notion of addresses at the bottom level! Roughly speaking, you can write an absolutely cosmic (from the point of view of UX) application that will specifically ask you to solve a mathematical problem and interact absolutely normally with bitcoin blockchain. In practice, the address is Base56 of the number a4b4c5245e00d758c4364085d60375b8e22cf482, but this is true only for transactions of the type

  OP_DUP OP_HASH160 a4b4c5245e00d758c4364085d60375b8e22cf482 OP_EQUALVERIFY OP_CHECKSIG
  

• In the output, you can write OP_RETURN. That will mean that your task is extremely easy to solve. And with a probability of 99% in the next, and maybe in the current block, your coin will be led away (to a new task) and this will be done by the miner of the block.
• One of the easiest ways to burn bitcoin is to set the problem x ^ 3 = y ^ 3 + z ^ 3. Naturally, the problem has no solution in positive integers and it will never be solved.
• A transaction can specify several input tasks, but in a transaction all input coins must be spent (a positive balance is considered a fee and goes to the miner).
• Transaction (TX1) Input refers to the Transaction Id (TX0) that has already been published, and represents the input parameters in the TX0 output, by substituting which the output of the previous transaction (TX0) is calculated to TRUE.
• Input parameters can also be a script, but this is rare
• In output, you can write any string. Some people write "marry me" ?

Here are a few more judgments for which a detailed analysis can be carried out (but not now):

• If output is simple (unencrypted), then the block miner will most likely take it, even if you start your transaction and it will be absolutely valid.
• So that the miner does not steal all transactions, input input is encrypted so that it can be applied only to a specific output. Thus, the miner can validate the transaction, but he cannot change the output, otherwise the transaction will become invalid.
• Important! A miner can mine a “valid” block and include non-valid transactions. Since all clients connected to Bitcoin revalidate transactions, they will not consider the block valid. Other miners can steal a block and include already correct transactions, and already they will receive a reward for the block. Roughly speaking, different miners (clients) will have a different block history, this is a hard fork

Perhaps now it is clear why the ledger is too simplistic analogy, because the blockchain does not even have the concept of addresses.

What is fork? Why is not so terrible attack 51%.

Even today there was an article that the attack of 51% is terrible and more than 80% of the mining capacities are in China and it’s time for us to be afraid. Again, if we present an analogy that there is a book of records and someone has 51% or more and he begins to write in it what he wants. That, yes, attack of 51% already becomes simply irresistible. In practice, this is not the case.

Let us return to the analogy of the community with mathematicians, suppose that miners have captured 100% of their capacity and publish problems with incorrect answers in various scientific journals at a breakneck pace. Naturally, the community of mathematicians will become despondent, but they will never admit the wrong answers and will not write in their personal journal. In the blockchain, everyone (!) Keeps a journal. How would an adequate scientific community behave? It would make a list of good scientific journals or establish another communication channel and start from the moment of the last “valid” transaction. Yes, it would take a certain amount of time and effort, but this attack would not affect the "truth" of the magazine. This phenomenon is called hard fork . There were 2 chains and each with its own right.

There are unique relations between miners and mathematicians (users), some cannot be without others and vice versa. And this balance is respected. Like any system, bitcoin needs improvement. Bitcoin Core is a group of people who used and developed bitcoin from the very beginning. And from the very beginning they faced the first difficulty of development. How to release updates? If you even carry out an attack of 100% and upgrade all miners, you can get a broken blockchain and the likelihood of a hard fork (if clients do not upgrade), which is absolutely undesirable. Therefore, the concept of soft fork was developed: all miners are updated, but they continue to send backward compatibility blocks and transactions to clients. Clients are updated as needed. Some changes were fairly easy to implement. For example, in the Bitcoin language there were NO_OP1-10 operations that meant nothing, they began to be used for new validation.

Any update process is a complicated procedure and after a while was highlighted
Formal update process via soft fork (using the following agreement):

1. All miners who smiled the block include information in the block that they are ready to be updated and include some functions.

2. After a certain period of time, when the blocks become 95% in a row (agreed on this number, although not necessarily), the miners begin to carry out a majority attack. Those. They refuse to accept blocks that do not support the new function (BIP - bitcoin internal proposal). This is a signal that it is time to update all miners, otherwise they will not see their mining fee.

3. Activation of a feature may occur late, i.e. NO_OP1 -> DIG_SIG_OP can start working through 100 blocks, which gives time to be updated to clients who already know when the feature will be enabled by markers in the blocks.

PS All this should work in backward compatible mode, i.e. those who are not updated will continue to receive updates and work correctly.

The update algorithm is an arrangement, not a formal algorithm! And the arrangements fail. The most famous incident occurred with the update block_version = 3, when the 95% signal went through to activate the majority attack, but AntPool continued mining blocks with version (3) and unfortunately between them still included blocks from other miners with version 2. It was the a real hard fork, because AntPool with other miners had a lot of power and was able to build the longest chain (by default, bitcoin clients take the longest chain). The problem was with other miners who could not validate this chain (as there were blocks 2 and 3) and refused to accept it. After 6 hours, the fork was contacted by the AntPool administrators and they abandoned their blocks. Notice hard fork occurred on the same transactions, i.e. transactions fell at once into 2 forks, albeit in different blocks.

As you can see, the update mechanism was invented not by mathematicians, but by programmers-politicians, therefore it sometimes gives failures (joke).

Segwit How it all began

Segwit is an extremely interesting update for Bitcoin that allows you to make Transaction ID stable for changes by the miners. Today, there are techniques when the miner, or the owner can change the interior of the transaction, that the essence will remain the same, but the id will change. About Segwit should be told separately and in detail, but the main difference between Segwit updates from other updates is that it is extremely voluminous.

For Segwit updates, updated systems should hold as many as two blockchain (!), One that they will show to all the nodes before SegWit, and the other nodes after SegWit. The essence of transactions and output, of course, will be the same, but the input is slightly different. The fact is that the transactionId calculation mechanism has changed, and this is a necessary parameter for input. The change of the blockchain segwit is irreversible, since the new blocks cannot mix with the old ones and must pass strictly according to the agreements, which just caused a big delay and a lot of negotiations.

On August 1, locked-in for Segwit occurred, i.e. Blocks that do not declare segwit support are not included in the blockchain. On August 22, the final activation of Segwit will take place and it will be possible to store witness data in transactions.

1 byte of Witness data is counted as 0.25 bytes, and 1 byte of the rest of the data remains one 1 byte. The block size without witness data has not increased and is still 1 MB, but with segwit there can be 4 MB! Segwit is a soft fork and cannot increase the block size, otherwise previous versions will not be able to validate new blocks. The irony is that the miners are adapting new units for old customers so that they can be validated. The new transaction format is also different and also requires adaptation between versions.

Perhaps there is still some way to increase the block size, while maintaining backward compatibility. For example, reduce the complexity of the mining task and generate blocks more often.

Bitcoin Cash - how to make money and how to give others money

What did you expect on August 1? What happens hard fork and we will see those who disagree. What happened?
Something strange happened ... Since the hard fork was expected in all plans on August 1, all the websites wrote on August 2 that Bitcoin was divided and all the commentators caught the idea and the situation became confusing.

Consider + and - whether Bitcoin Cash is a fork or not:
- Bitcoin Cash really took the whole history of Bitcoin before August 1st as it is (+ hard fork)
- Bitcoin Cash instantly stopped processing valid transactions spreading over the Bitcoin network (- not fork)
- Has Bitcoin Cash disconnected from the Bitcoin network? (-typical fork)
- Bitcoin Cash began to reject new Bitcoin blocks (+ hard fork, new blocks are not compatible with validation)
- Bitcoin Cash made an incompatible change with Bitcoin - increased the block to 8 MB (+ hard fork)
- Bitcoin Cash refused to include SegWit (+ hard fork)

In principle, it can be called out with reservations that Bitcoin Cash is a fork. But 2 factors still say that it is a bitcoin history fork, and not a bitcoin fork.
- stopped processing valid transactions (requires verification)
- it looked like a very planned action by the organizers of BCH, and not an attack or defense of their interests in Bitcoin (a new wallet, new mining tools, new blockchain explorer immediately appeared ..)

Who benefits?
- In principle, everyone who had Bitcoins now has 20-30% more of them.
- We have a new blockchain-structure already popular with 8MB per transaction, which is 8 times more and, accordingly, cheaper.
- To those who purchased a lot of Bitcoin before the split, and immediately sold them after the split. Fee from sales was 0.2-0.5% of X, and income for 10 minutes was 30% of X. If you set X = 10,000,000, then calculate it yourself.

Prospects and what's next

The most interesting thing is that Bitcoin spent only soft fork and is just preparing to hard fork in November 20th. Already in November, a real hard fork will occur and it will be inevitable (probably). Miners decided to increase the block to 2MB, this automatically makes incompatible old versions of Bitcoin wallet, which will lead to the fact that people either upgrade and accept 2 MB or continue to litter the network with an alternative version of blockchain, and maybe someone will continue to mine blocks of 1 MB . I really hope that this does not happen.

After segwit2x, perhaps the bitcoin core group will reconvene and return to the development of new BIPs, as well as update the official bitcoin core client to support the 2MB block. At the very least, all existing BIPs have been developed with its support.

PS I admit a large number of technical inaccuracies, please comment - we will correct.

PPS What could not tell, but maybe succeed the next time, unsubscribe if interested

• What is transaction malleability and how did Segwit solve it
• How does transaction encryption occur and why miners fail to steal it
• How to make primitive and complex Bitcoin contracts (create an account for 3 people and allow payments only with the consent of two)
• What is the lightning network and why the ready idea waits for segwit