I appreciate your questions, ZmnSCPxj. I will answer your second question first: Mainchain nodes do not ever validate sidechain blocks. Sidechain nodes watch Bitcoin for invalid withdrawals, and publish signed attestations to a public broadcast network (such as Nostr) that a transaction is making an invalid withdrawal. These sidechain nodes are the so-called sentinels.
Bitcoin full nodes wishing to participate in holding miners accountable for stealing will watch the public broadcast network for attestations of improper withdrawals and treat those transactions as de facto invalid, thus forking violating miners off the network. In this way, launching a Sentinel chain mimics a user-activated soft fork, but without any changes to Bitcoin Core consensus logic. Bitcoin full nodes would choose their own limited set of sidechain validators to trust. They might run their own sidechain node and trust that result exclusively. They might instead choose to trust a set of high quality community members such as companies, etc. A downside to this method are the same as the difficulties of launching a soft fork. Making sure enough nodes (or miners) are on board to enforce the new rules prior to launch of a sidechain, or a minority of users will fork off the network. Additionally, maintaining a healthy network of sentinels for a sidechain is an additional angle to consider. The upside of this method is that sidechains can be user-activated, not just miner-activated like under the BIP-300 framework. And it allows Bitcoin full nodes to hold miners accountable for obeying the sidechain withdrawal rules. -------------------- To answer your first question: When you say the sentinel chain software, are you asking what would happen if the sidechain developers create malicious code in sidechain node software? I suppose that would depend on the upgrade process of the sidechain, but the maximum fallout from malicious Sentinel chains is the exact same as any other sidechain proposal: the sidechain users get rugged. The concept behind Sentinel chains puts no restriction on how sentinel chains may operate, only how the “difficult” part of launching a 2WP sidechain, peg-outs from sidechain to mainchain, may work without advanced cryptographic techniques such a ZKPs. Thanks, Ryan (ursuscamp on twitter) > On Aug 28, 2023, at 9:48 AM, ZmnSCPxj <zmnsc...@protonmail.com> wrote: > > Good morning Ryan, > > If I modify your Sentinel Chain open-source software so that it is honest for > 999 sidechain blocks, then lies and says that the 1000th block is invalid > even though it actually is, what happens? > > Do mainchain nodes need to download the previous 999 sidechain blocks, run > the sidechain rules on them, and then validate the 1000th sidechain block > itself? > > Regards, > ZmnSCPxj _______________________________________________ bitcoin-dev mailing list bitcoin-dev@lists.linuxfoundation.org https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
