1 |
On 2021-11-04 17:59, Luke Dashjr wrote: |
2 |
> From 2ca9bb266d18e35e0dd5d14149bb9aa7f9eae792 Mon Sep 17 00:00:00 2001 |
3 |
> From: Luke Dashjr <luke-jr+git@×××××××.org> |
4 |
> Date: Thu, 4 Nov 2021 21:32:55 +0000 |
5 |
> Subject: [PATCH] 2021-11-04-bitcoin-taproot: add news item |
6 |
> |
7 |
> Signed-off-by: Luke Dashjr <luke-jr+git@×××××××.org> |
8 |
> --- |
9 |
> |
10 |
> Due to the sensitive nature of changes to the Bitcoin consensus |
11 |
> protocol[1], |
12 |
> Bitcoin node software[2] implementing such a proposed change has been |
13 |
> masked[3][4] since release and should remain such until it becomes |
14 |
> clear that |
15 |
> the upgrade has been accepted, activated, and is being enforced by |
16 |
> users |
17 |
> without any contentious disagreeing faction. |
18 |
> |
19 |
> This news item should ensure that users are aware of the change, and |
20 |
> how to |
21 |
> upgrade when/if they consent to it. |
22 |
> |
23 |
> Luke |
24 |
> |
25 |
> |
26 |
> [1] users must actively act to change what they enforce; potentially |
27 |
> significant financial risk; etc |
28 |
> |
29 |
> [2] net-p2p/bitcoind, net-p2p/bitcoin-qt, and |
30 |
> net-libs/libbitcoinconsensus |
31 |
> |
32 |
> [3] the mask was erroneously removed a few weeks ago; this will |
33 |
> hopefully be |
34 |
> corrected ASAP, perhaps even before the news item gets posted. |
35 |
> |
36 |
> [4] Yes, there are probably better ways to handle things like this (and |
37 |
> quite |
38 |
> a few good suggestions at https://github.com/gentoo/gentoo/pull/21490), |
39 |
> but |
40 |
> using a mask is what we got stuck with this time. |
41 |
> |
42 |
> diff --git |
43 |
> a/2021-11-04-bitcoin-taproot/2021-11-04-bitcoin-taproot.en.txt |
44 |
> b/2021-11-04-bitcoin-taproot/2021-11-04-bitcoin-taproot.en.txt |
45 |
> new file mode 100644 |
46 |
> index 0000000..2136ec4 |
47 |
> --- /dev/null |
48 |
> +++ b/2021-11-04-bitcoin-taproot/2021-11-04-bitcoin-taproot.en.txt |
49 |
> @@ -0,0 +1,30 @@ |
50 |
> +Title: Bitcoin protocol change Taproot |
51 |
> +Author: Luke Dashjr <luke-jr+gentoobugs@×××××××.org> |
52 |
> +Posted: 2021-11-04 |
53 |
> +Revision: 1 |
54 |
> +News-Item-Format: 2.0 |
55 |
> +Display-If-Installed: || ( net-libs/libbitcoinconsensus |
56 |
> net-p2p/bitcoin-qt net-p2p/bitcoind ) |
57 |
> + |
58 |
> +In a few weeks, the Bitcoin community will be attempting a change to |
59 |
> the |
60 |
> +consensus protocol, called "Taproot". Protocol changes to Bitcoin |
61 |
> activate |
62 |
> +contingent on the users of the network all agreeing together and |
63 |
> enforcing |
64 |
> +the new rules on each other. Failure to enforce new rules, or |
65 |
> enforcing them |
66 |
> +when others do not, compromises your security and may lead to using a |
67 |
> +different currency than the rest of Bitcoin. Bitcoin users must each |
68 |
> decide |
69 |
> +if they will enforce the new Taproot changes, or reject them. |
70 |
> + |
71 |
> +To learn more about Taproot, see https://bitcointaproot.cc |
72 |
> + |
73 |
> +If you wish to enforce Taproot, you should unmask version 0.21.1 |
74 |
> and/or 22.0. |
75 |
> +For example: echo '~net-p2p/bitcoin-qt-0.21.1' |
76 |
> >>/etc/portage/package.unmask |
77 |
> + |
78 |
> +If you wish to reject Taproot, neither Bitcoin Core or Knots intends |
79 |
> to |
80 |
> +support this, so you will need to create an upgrade path or find |
81 |
> likeminded |
82 |
> +developers who have already done so. Note that simply using an older |
83 |
> version |
84 |
> +is not a safe alternative: that will be insecure under all scenarios. |
85 |
> + |
86 |
> +When it becomes clear that Taproot has activated successfully and |
87 |
> there is no |
88 |
> +alternative, older versions will be removed and Taproot-enforcing |
89 |
> versions |
90 |
> +will be unmasked for all Gentoo users. If you wish to continue without |
91 |
> +enforcing Taproot for whatever reason (but, again, this is NOT a |
92 |
> secure way |
93 |
> +to reject Taproot), ensure you have explicitly masked >=0.21.1 |
94 |
> yourself. |
95 |
|
96 |
As previously discussed at https://github.com/gentoo/gentoo/pull/21490 |
97 |
we agreed that users would be kept informed via logs in the ebuilds and |
98 |
a package mask that would be lifted before the November 16 taproot |
99 |
activation date so users have time to upgrade. That mask was lifted as |
100 |
agreed in commit ae7251a476 on October 13, giving users just over a |
101 |
month to upgrade their bitcoin nodes. |
102 |
|
103 |
This news item is, in my opinion, useless, and should not be added. It |
104 |
basically says, "you must upgrade, as not upgrading is insecure and you |
105 |
have no other options to be secure. However, we made it hard for you to |
106 |
upgrade, so now you have to jump through these hoops." |
107 |
|
108 |
Also, the mask was just re-added ~10 minutes ago: |
109 |
https://github.com/gentoo/gentoo/pull/22818 |
110 |
|
111 |
I find the re-addition of the mask to be very frustrating. Now users who |
112 |
upgraded since October 13 may now be _downgraded_ and unexpectedly find |
113 |
themselves in an insecure state. |
114 |
|
115 |
Taproot is happening on November 16. The bitcoin project followed its |
116 |
defined process that took over a year to get this point. And yet, Luke |
117 |
is apparently now proposing that we have a package mask, a news item, |
118 |
and ebuild logs, all for a bitcoin version upgrade that the user must do |
119 |
to remain secure. Having this debate now, in Gentoo, 12 days before a |
120 |
cut-over that has been in the works - coordinated and approved by |
121 |
upstream for a year - is purely FUD and a disservice to our users. |
122 |
|
123 |
I say we remove the just re-added package mask immediately and not |
124 |
publish this news item. |
125 |
|
126 |
Thank you, |
127 |
~Craig |