Comment explained why one 10-minute block doesn't give more security
than ten 1-minute blocks but didn't also warn about the problems with
1-minute blocks.
Previous example used python to describe how PoW works. Replace
the first example with a bash one-liner and remove the unnecessary
details.
Inspired by review comments from Jorge Lesmes
- Remove appendix dedicated to `bx`. They had already been slated for
deletion, as I wrote to a reviewer on 2023-07-27: "I'm also probably
going to delete the library/tool focused appendixes as I don't think
they add anything". After the disclosure of CVE-2023-39910 on August
8th, it's clear that this appendix was worse than useless: it was
harmful.
- Remove other mentions of `bx` in the book. I had not previously
intended this because it looked like a pain, but mentions of a tool
often come across as endorsements to readers and no tool created by
the team behind Libbitcoin is one I would ever want to endorse. I
regret that I didn't remove the mentions earlier in the process of
updating the book.
- Remove appendix dedicated to pycoin. I'm now aware of any problems
with pycoin, but I don't think these sort of short detached tutorials
add anything. Programming Bitcoin is an entire book built on pycoin,
and all of these tools have their own webpages that get updated more
frequently than the book.
- Describe topological order to help readers understand how that solves
the double spend problem
- Mention that transactions can be safely relayed one block before their
locktime allows them to be included in a block because they'll be
valid next block.
- Be a bit clearer about when subsidy becomes zero due to rounding and
when BIP42 makes it zero unconditionally.
- Describe the creation of the witness merkle root before the block
header merkle root
- Move up note about the retarget off-by-one bug
- Make "best blockchain" an inherent property and not an alias for a
current chain. When a new block arrives that triggers a reorg, we
don't switch best blockchains---the new chain is the best blockchain
and we switch to using it.
- Combine two sections about forks that were repetitive
- Mention that pool miners also need to prove they paid the pool's
preferred coinbase transaction template
- Add a todo to clarify terminology around the 51% attack. The existing
text used this in a way that's consistent with how it was used in
early Bitcoin history, but it's potentially confusing because it
doesn't actually require a majority of hashrate to make the attack and
it confuses it with a censorship attack that does require a majority
(or at least a selfishing mining minority) to maintain.
- Reduce the situations we describe as "double spends". Consensus
prevents double spending within a valid chain; the other situations
are about unconfirmed transactions, which might better be described
using other terms that won't confuse readers into thinking Bitcoin's
double spend protection doesn't work.
- Add warning about backing up more than your seed when multisig or
complex contracts are in use.
- Add a todo to fix "millibits" situation, which might involve image
changes.
- Note that the first commitment transaction (the refund) needs to be
signed before the funding transaction in LN channels.
- Pluralize "bitcoin" as necessary (somehow missed this before).
- Drop mention of tumblebit and teechan, which nobody is working on
AFAIK.
The description of SPV in the original paper assumed full nodes would
warn SPV clients about invalid blocks. Such fraud proofs are not used
in production, so lightweight clients are (arguably) not SPV clients.
- Drop soon-to-be-outdated mention of current block reward amount
- Aezeed: mention internal and external version sumbers. Instead of
saying "global word list", clarify that both the backup and the
recovery software need to support the same word list.
- Mention that compact block filters are something that blocks might
commit to in the future in a consensus-enforced way.
- Add links to both RGB and Taproot Assets documentation.
- Mention that taproot assets can also support native forwarding.
- Minor edits and add some FIXMEs for later changes.
- Remove redundancy in description of the prevBlockHash field in
creating a chain of blocks.
- Upsize numbers to segwit block limits
- Use "target" instead of "difficulty" when appropriate.
- Drop paragraph that repeats following table about block header fields
- Correct multiple parts of table about block header fields
- The genesis block is not the first block ever created: there were
almost certainly test blocks created before it
- Use "||" for concatenation. Left FIXMEs to update images later.
- Add short note about duplicating internal merkle tree nodes before
hashing when an odd number are present. Add long quote from Bitcoin
Core source about why Bitcoin's merkle tree design should not be
replicated by other projects.
- Drop table for illustrating what log2(N) looks like. Add FIXME to add
a plot.
- Drop details about previous testnet resets.
- Mention that testnets use different address prefixes.
- Mention an example of Bitcoin Core sending a BIP151 transacation in
advance, alas it's the only case implemented.
- Mention that FIBRE is software (since Matt's main network for it was
shut down)
- Add fRelay to the node announcement message. We've only had it for 11
years.
- Clarify descriptions mention the genesis block as part of the block
chain
- Mention that BIP157/8 is not able to relay unconfirmed transactions
- Update assertion that the mempool is only stored in memory (on Bitcoin
Core, it is now written to disk on shutdown; on libbitcoin, it's
always written to disk)
- HUGE FIX: correct inverted enumerator and denominator on feerates. So
embarrasing!
These were absurdly hard to write and, as often happens when something
is that hard to write, they don't appear to be helpful, as judged by
Murch. The last time I tried to explain the theory[1], it also sucked,
so maybe this isn't what I'm meant to do. :-)
The removed text introduces the term "mempool" for this chapter, so a
small edit is made later on to compensate.
[1] https://en.bitcoin.it/wiki/Miner_fees#The_market_for_block_space
- Drop box with Wikipedia definition of digital signatures. It didn't
add anything and its accuracy was debatable.
- Use "commitment hash" earlier and more often.
- Fix some variable-name errors in the math
- Correct info about worst-case signature verification cost
During his review, Mark "Murch" Erhardt discovered that the appendix
contained several errors and many entries that were confusing. When I
looked at the upstream source on the wiki, I discover that it had extra
information that eliminated those problems. Since we only reference the
appendix twice, don't really go into detail about writing your own
scripts, and since all the information is easily accessible online for
free, we drop the appendix and replace references to it with a link to
the wiki.
- Describe OP_CMS pubkey limits for consensus, relay policy, and P2SH.
- Mention that OP_CLTV and OP_CSV leave elements on the stack, unlike
other VERIFY opcodes.
- Explicitly describe what BIPs are before we start dropping references
to them.
- Mention that addresses don't encode a message, so using a unique
address that the receiver has privately associated with a spender is
the only guaranteed way to identify payments from that spender.
- Correct how many blocks need to elapse before an output can be spent
by an input with a relative lock time.
- Many other small edits.
- Mention the reason for the long validation time is the verification of
transactions. We previously implied it was download time, but some
people have really fast internet.
- Better describe bitcoind cookie authentication and provide an example
to make it even more clear.
- Add a link to bitcoin-s
- Make the long sidebar on collision attacks even longer by descripting
a pre-image attack in addition to the previous descriptions of second
pre-image and collision. That way we don't conflate pre-image and
second pre-image.
- Remove redundant tip box about an oddity in language about compressed
and uncompressed private keys.
- Link to information about vanity address "mining" (brute forcing)
- Fix bitcoin-overview image (P2PKH address was used as "private key")
- Use receiving and sending images from Bitcoin Design Guide
(https://bitcoin.design) under CC-BY license
(https://github.com/BitcoinDesign/Guide/blob/master/LICENSE)
- Mention changeless outputs, especially as used in transaction-chain
image
- Include brief mention of best blockchain in paragraph about the cost
to miners for confirming conflicting transactions
- Drop unnecessary mentions of people from CH01
- FIXMEs: add notes for image corrections and best blockchain change
- Drop unnecessary mention of debits and credits
- Remove mention about asking block explorer for UTXOs to construct a
transaction. This is unnecessary detail and it can never entirely
work for our example if we later use it to spend the output (because
then the output won't be unspent)
- Instead of "new block" use "candidate block"
- Drop unnecessary mention of payment consolidation. We already
adequetely introduce this concept earlier in the chapter.
- Provide rough block and year when 99% of all BTC will have been mined
- Remove user-stories section. I think this section frontloaded too
much irrelevant detail. In new sections of this edition, I've
exclusively used the convential Alice, Bob, Carol, etc.---without
trying to maintain a consistent backstory. This is simpler on the
writer and, I think, simpler on the reader---if they jump into a
section of the book, they don't need to worry that there's some
important context in a previous section.
- This also necessitated a few changes chapter 2.
- Mostly remove the phrase "custody". Instead use the phares "control
the key". I think this is clearer to non-specialists and a quick grep
shows that we don't use any version of the word "custody" elsewhere in
the book.
- Drop localbitcoins.com. This service was terminated after this
chapter was updated.
- Add 'feerate' to the script for catching forbidden words. :-( This
required a change to a comment in an image source.
- Other minor changes and typo fixes
- BIPs: it's silly to repeat all BIPs in the book, especially when an
increasing number have never been used or are just silly. Instead,
use the list of implemented BIPs from the Bitcoin Core project, which
represents a list of mostly interesting BIPs.
- Add OP_CHECKSIGADD from tapscript to the Script copypasta.
- Bitcore removed per outline
- s/bitcoin/Bitcoin/ when appropriate
- Proof of work is only part of security
- Mining is separate from verificatino
- Kill BIP38 encrypted private keys section (mention seeds instead)