Replying to Avatar Guy Swann

*Colluding* with 51% of all hash power is a very different dynamic than BIP300.

In the LN or BitVM situation where you need the justice transaction to not be censored, the attacker has to *actively* collude - like actually plan the attack, personally contact all of the relevant miners (or the pools that are ok with destroying their pool) and bribe them to participate in the attack or convince them to commit to the crime before they even get a payout. Then they all have to actively censor the justice transaction and reorg all blocks not in their censorship group when the attack happens.

In the case of BIP300, anyone with enough hash power to create a block of withdraw and cast some votes could out in a malicious withdrawal. If 60% of the miners aren’t verifying that particular sidechain (or probably not validating any of them because we’re talking gigabytes or even terabytes every 10 minutes in a successful BIP300 scaling model), then the majority of miners would just *passively* vote for the malicious transaction. They’d have no clue whether it was honest or not. No active participation. No explicit altering of the pool/client to censor a justice transaction and reorg other blocks. No collusion. No bribes necessary. When any validators of the sidechain contested it, it may very well become a social mess figuring out what is honest and what isn’t and miners have to be contacted and to force them to setup or sync sidechain nodes to cast the proper vote, or they just blindly trust to what someone else claims and manually change their vote.

Yes, 51% of the hash power control is a problem in either scenario. But in LN or ButVM, or any other justice model like we already use, the miner **is not the counterparty.** they can’t just unilaterally pay themselves out of MY channel. The BTC goes explicitly to me, or my channel partner. And *I* decide who that partner is. My trust is another layer of defense, on top of the multiple levels of difficulty and direct, malicious collusion necessary.

In the BIP300 scenario I can’t choose which miners I want to trust. And I can’t force miners to run full nodes for my sidechain. Anybody, anywhere with hash power is suddenly “my counterparty” to the sidechain operation. They can steal if they have with *passive* hash power not doing the job necessary to *contest* their claim.

These just are not at all the same dynamic nor have anywhere near the long term risks. Longer we have BIP300 success, the more likely nothing is being validated. The more BitVM and LN we have, cost of validation continues to decline. It’s all still only on the main chain.
Avatar
Guy Swann 2y ago

Short version:

The issue in BIP300 is that the validation cost of MASSIVE blocks isn’t offloaded at all. It’s just moved. Votes are likely to be blind in the “I have no fucking clue what’s going on, but here’s a “yes” anyway” sense.

The risk in LN or BitVM is literally the exact same for any and all time locked justice model. It requires active, and explicit collusion between all active miners, to knowingly censor or even reorg, with a counterparty you choose explicitly, to get THEM the money which they then pay out to the miners by choice.

Reply to this note

Please Login to reply.

Discussion

Avatar
BTCapsule 🏴 1y ago

Okay, I have studied this topic some more.

Apparently with bitVM, we are talking about a federated model that depends on collateral. So if the amount of BTC in a sidechain is more than the collateral, we need the investor to add more collateral or we risk the funds. The 6-month timelock is not like BIP300, where there is a constant warning the miners are attempting to steal.

Any L2 that doesn’t pay the miners will eventually be controlled by the miners. The whole "miner centralization" is far more likely in this scenario than whatever Shinobi was talking about with the $10M Amazon node.

Miners will become the LSPs. If they cannot easily capture the LSPs, then it would be in their interest to censor justice transactions until everyone switches to their LSP. Same with federated sidechains. After many soft forks, this might solve scalability, but what about privacy?

The likelihood of any of this happening is very small. But BIP300, like Bitcoin, provides miners with a goose that lays golden eggs, and this is one of the oldest and most trusted incentive models in the world. And like lightning, it relies on the hope that miners want Bitcoin to succeed, because nobody has more skin in the game than them.