Knots has code to turn itself off at a set expiry date. Unnecessary, stupid, and outright dangerous.
Did you know? Was it discussed in a team of experts? How can such a dangerous "feature" even make it into a release?
By trusting a single guy who lives in his own reality.
Is knots even intented to be ran other people other then just luke himself (or i suppose the pool he manages)
why would a dated kill switch controlled by the owner of something be a bad idea? i dont have enough context to understand why this would be a bad thing
Here’s some context that you may find useful:
It’s not exactly a kill switch, though it could be viewed as similar.
If the node runner does not update the Knots software for a number of years (five years, I believe) it displays a dialogue that asks the user if they would like to continue running the old software. If the user answers no or does not respond, Knots automatically shuts down.
This timer resets when the node runner updates the software. So most people never see it.
The reason this is in the Knots software is because—at some point—outdated software becomes a security issue (to be clear: not a security issue for the Bitcoin network, but for the node operator).
Additionally, if the user has not updated their node software in a number of years, it’s probably a node they left running in their basement or something and forgot about.
So Knots turns off once it becomes outdated, unless the node runner explicitly tells it to keep running.
Not making an argument for or against any node implementation or telling anyone what to do. Just a better explanation of how the function works in practice and my understanding of why it’s in the Knots software.
huh.
sounds…. weird. like the explanation makes sense in theory, but it feels weird.
Fair enough.
For more context, it’s estimated that outdated software is responsible for about 60% of data breaches (https://www.ninjaone.com/blog/it-horror-stories-why-unpatched-software-hurts-business/), because it’s relatively easy to target known vulnerabilities once they are discovered.
The Knots approach may or may not be the best solution, but—to me—it seems fair to at least make an effort to add an automated way to close the security hole caused by outdated software.
interesting. so there are really some sound reasons behind whats being tried. and the trying something different is what has all the culty bros mad?
Took a quick look through the code and I didn't find anything regarding user input (y/n keep running): https://github.com/bitcoinknots/bitcoin/blob/5f8256608fc41c7b72a01a54e9a06ba509a61c8f/src/validation.cpp#L4458
Related issue: https://github.com/bitcoinknots/bitcoin/issues/29
Looks like it does stop validating blocks if it's expired, which probably seems odd, but might be useful to a clueless node runner?
nostr:npub1xtscya34g58tk0z605fvr788k263gsu6cy9x0mhnm87echrgufzsevkk5s has expired iOS software so he understands it well!
You are correct.
The override is manually applied to the configuration. The dialogue only states the software is out of date. Good correction.
You lost me at "dangerous" then again at "experts". Both bullshit
