Bitcoin Blockchain Forked By Backward-Compatibility Issue

New submitter jhantin writes "The Bitcoin blockchain has forked due to a lurking backward-compatibility issue: versions older than 0.8 do not properly handle blocks larger than about 500k, and Slush's pool mined a 974k block today. The problem is that not all mining operations are on 0.8; blocks are being generated by a mix of several different versions of the daemon, each making its own decision as to which of the two forks is preferable to extend, and older versions refuse to honor or extend from a block of this size. The consensus on #bitcoin-dev is damage control: miners need to mine on pre-0.8 code so the backward-compatible fork will outgrow and thus dominate the compatibility-breaking one; merchants need to stop accepting transactions until the network re-converges on the backward-compatible fork of the chain; and average users can ignore the warning that they are out of sync and need to upgrade." Turns out there's an approximately 512K limit to atomic updates in Berkeley DB which were used by versions prior to 0.8. 0.8 uses a new database, allowing blockchains that old versions won't accept to be created.

Gobble bobble wobblywob?

Three words in and you lost 99% of your readership. Can't you be arsed to make a proper summary??

Re:Gobble bobble wobblywob?

[ledow]

Bitcoin is a virtual currency that works by "doing work" (a complicated mathematical "puzzle") on your computer. It becomes a currency by the difficulty of the puzzle, and that when you have solved it you tell other BitCoin users about your success and it goes into a "chain".

That chain is the history of EVERY transaction performed on the BitCoin network and the integrity of the system is given by every user relying on the same chain - so trying to create some extra BitCoins or a fake transaction requires compromising a lot of machines around the globe to believe it happened.

Because of a stupid bug that nobody knew about related to the size of a transaction in this chain, a transaction that's too big for older clients to handle was (legitimately) created. Older clients can't handle it, so they have no idea what to do when it comes into their chain updates. Newer clients can handle it, but can't synchronise their chains with older clients because of it (they can accept the transaction whereas older clients don't).

Because the chain is now effectively split into two chains, and that all the integrity of the system comes from the fact that everyone is using, verifying and updating the same chain, BitCoin is now in an "emergency" (quoted from the forum post in the summary) situation. New clients are generating coins that old clients can't see and vice-versa, so BitCoins are being generated and lost or transacted and forgotten about.

The fix is to go back to the old code, ignore the over-size transaction, and hope to fix the code in a more backward-compatible way. Unfortunately, that requires some people on newer clients to lose coins, revert transactions, and for exchanges to shut down (temporarily) until the issue is resolved.

Basically, someone really messed up by not checking that the database could handle transactions that could pop up in the real-world.

Re:Gobble bobble wobblywob?

[julesh]

Now can you explain why exactly is the preferred solution to revert to the old, flawed, code rather than updating everything to the newer code that can properly handle the larger transactions?

Because updating everything is likely to be impossible. The system relies on a distributed network of data processors that perform very large numbers of difficult cryptographic operations in the hope of randomly hitting the right answer for a cash reward (this is what is referred to as 'mining' in the summary). Because of the high rewards offered, a lot of people have invested large amounts of money into these operations, with many of the larger players using hardware built around custom ICs (if you do google searches for 'bitcoin' and then 'asic' you'll start seeing adverts for them, even if you leave it months between the two searches...). These likely cannot be upgraded to the new version trivially, as it would rely on the developers of the chips providing updates to their support software -- that is, if it is even possible at all (they may have hard-coded that 512KB block size limit directly into their design).

Re:Gobble bobble wobblywob?

[julesh]

Imagine your employer operated on a scheme were instead of paying all of their employees every month they randomly picked an employee and gave them the entire month's pool every time. Now imagine the result of that random selection was ambiguous due to, say, nobody having noticed that two people had picked the same lottery numbers. They then decide arbitrarily in favour of one employee over the other. Does it sound as much like they've lost now?

Also: miners should be well aware that they aren't guaranteed to receive the bitcoins even if they do successfully produce a signed block. The system is designed to cope with the fact that such chain forks may occur and to resolve them automatically by checking which chain is longest. It's part of the protocol that they signed up for from the very beginning, so it's hard to argue they were in some way cheated.

Re:Ooh, exciting!

[0100010001010011]

The nice thing about standards is there are so many to choose from.

How much time did this take? How much electricity was spent 'mining' ~$150 worth of BTC?

Re:Old news.

[therealkevinkretz]

I meant to mod this as "funny" but I clicked "overrated" by accident so I'm posting a reply to negate my mod.

Re: Was an issue for about four hours yesterday

[qubezz]

The forking was fixed within a few hours. Mining pools were notified of the issue and alerted to the recommendation to revert mining activity back to 0.7.x, which was a simple fix to grow a blockchain compatible with all mining pool Bitcoin versions. The majority of miners ignoring the incompatible fork (which caused a "Lock table is out of available lock entries" database error on Bitcoins compiled against certain BerkeleyDB libraries), let the new fork grow longer and all is fixed.

Almost all transactions are expected to be included in the new chain, so there is little opportunity for malfeasance. If you sent someone money for goods, your transaction sending money will likely be in both the new chain and the old.

Re:So much for being based on crypto

[h4rr4r]

No because the morons who created it did not understand what they were doing. If you don't know the limits of the DB you use why would I trust you to create a digital currency?

Re:For those, like me, reading this and saying wtf

[Hmmmnmnmnm]

Well, I read the article and still don't understand Bitcoin, the concept or the need for it. Just seems like a product without a real need other than the idea of being subversive. But perhaps I don't understand it at all. Of course that's why I come here.... So if any /.ers can explain this, I'm sure others would appreciate it as much as I would.

It's a decentralized, trustless value storage and transfer protocol that allows you to send or receive value to anyone on the internet without the need of a third party. It has the potential to do to banking what email did to the post office.

Re:For those, like me, reading this and saying wtf

You can still get robbed when the money transmission service has no central authority, it just works in the other direction. PayPal has the ability to reverse charges that it shouldn't reverse, whereas BitCoin does not have the ability to reverse charges that it should reverse.

Customers like the ability to reverse charges under appropriate circumstances.

Re:The concensus should be...

[Chrisq]

I think its fair to say that while forking code may be a good idea most of the time - when its code running a virtual currency its a very BAD idea.

This isn't a code fork, it's a block chain fork" caused by an incompatible version update. That said, I agree with your assessment that it is not suitable for storing wealth unless you are prepared to take risks. To be fair bitcoin describes itself as ".. an experimental, decentralized digital currency".

Re:Ooh, exciting!

No, Steam never accepted BitCoin; I don't know where you got that from.

There was some reseller that would sell Steam codes for BitCoin; you would pay him and he would buy a Steam game with dollars and then gift it to your account. I don't really know what the point of that was supposed to be, or if it's still a thing.

Fiat money is backed by lame duck lead

[tepples]

If a large enough percentage of people stopped accepting the Euro tomorrow, it would be just as dead.

Tell that to governments that use firearms to compel payment of tax in euros in the days between when "a large enough percentage of people stopped accepting the Euro" and when the people have a chance to elect legislators who will amend the tax statutes to reflect this. See fuzzyfuzzyfungus's post about the "lead standard".

Re: So much for being based on crypto

[Urza9814]

The security was never broken and does not rely on the database specifics. Compatibility was broken. Security was not.

A better analogy would be like having a system that uses SHA-1 to hash passwords using a hardware chip....then they make a new version whose chip only does SHA-512. Everything is still as secure as it was, but you would no longer be able to transfer the output between devices.

Re:Old news.

Dont use Bill Gate's lines

He didn't. Bill Gates never said that.

Re:So what now?

[gox]

Yes.

Branches are a part of the protocol, they are mostly natural. That's why it's recommended to wait for confirmations for higher value transactions. However long branches should be very improbable and this software glitch broke this condition. Even so, since the protocol is built on this, all transactions from the orphaned chain are carried to to the one selected by the highest hashing power. Valid transactions are not lost and double spends are invalidated. However, as you said, a careful attacker can do a double spend far more easily during such a long fork.

Re:Ooh, exciting!

[TheRaven64]

If you'd like to live in a ditch and swap dead squirrels with other people, you're free to do so.

If you do so in the USA, then the US government will still require that taxes be paid in US dollars on the transactions.

Re:This type of problem was solved a long time ago

[gox]

I can't claim that the bug is not a stupid one, but I don't think your solution would have saved it. It was really an unknown problem at the database layer and it would be decided as reconcilable anyway. And it's at a specific level in the network architecture; clients were never incompatible and transactions were being relayed just fine.

Furthermore, you don't want any method to top-down enforce anything on a network like Bitcoin. Actually a wider variance of software increases network's resilience.

If a major bank tried to pull this sort of nonsense, they'd be bankrupt so fast that the stockholders would have whiplash.

Well, Bitcoin is not a major bank though. Bitcoin's market cap is probably much lower than a major bank's janitorial costs.

My wife is the manager of an operations branch of a major bank, and snickered at your comment though. What I gather is, this sort of nonsense happens all the time in major banks too, but they have several layers that keep it going even if some part is broken. Bitcoin, as a greater structure, isn't quite there yet.

Re:Old news.

You obviously don't hang out on IRC with the developers. DHT's come up so often and are such a bad idea that the term coming up at all in a conversation is considered an inside joke. "Oh I know, lets add a DHT to it!"

Long story short, if you share the set of unspent transaction outputs in a DHT you have to trust every other computer in the network to actually return the DHT data when requested, or you suddenly you can't validate a block. This opens Bitcoin up to dangerous DoS attacks against miners, as well as network forks and other problems.

It's a total non-starter, although a common "newbie" idea.