Skip to content

Commit 3fa24bb

Browse files
committed
Merge #12204: Fix overly eager BIP30 bypass
5b8b387 Fix overly eager BIP30 bypass (Alex Morcos) Pull request description: In #6931 we introduced a possible consensus breaking change by misunderstanding how completely BIP 34 obviated the need for BIP 30. Unfixed, this could break consensus after block height about 1.9M. Explained in code comment. h/t @sdaftuar Tree-SHA512: 8f798c3f203432fd4ae1c1c08bd6967b4a5ec2064ed5f6a7dcf3bff34ea830952838dd4ff70d70b5080cf4644f601e5526b60456c08f43789e4aae05621d9d6b
2 parents 0f71679 + 5b8b387 commit 3fa24bb

File tree

1 file changed

+54
-1
lines changed

1 file changed

+54
-1
lines changed

src/validation.cpp

Lines changed: 54 additions & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -1856,12 +1856,65 @@ bool CChainState::ConnectBlock(const CBlock& block, CValidationState& state, CBl
18561856
// before the first had been spent. Since those coinbases are sufficiently buried its no longer possible to create further
18571857
// duplicate transactions descending from the known pairs either.
18581858
// If we're on the known chain at height greater than where BIP34 activated, we can save the db accesses needed for the BIP30 check.
1859+
1860+
// BIP34 requires that a block at height X (block X) has its coinbase
1861+
// scriptSig start with a CScriptNum of X (indicated height X). The above
1862+
// logic of no longer requiring BIP30 once BIP34 activates is flawed in the
1863+
// case that there is a block X before the BIP34 height of 227,931 which has
1864+
// an indicated height Y where Y is greater than X. The coinbase for block
1865+
// X would also be a valid coinbase for block Y, which could be a BIP30
1866+
// violation. An exhaustive search of all mainnet coinbases before the
1867+
// BIP34 height which have an indicated height greater than the block height
1868+
// reveals many occurrences. The 3 lowest indicated heights found are
1869+
// 209,921, 490,897, and 1,983,702 and thus coinbases for blocks at these 3
1870+
// heights would be the first opportunity for BIP30 to be violated.
1871+
1872+
// The search reveals a great many blocks which have an indicated height
1873+
// greater than 1,983,702, so we simply remove the optimization to skip
1874+
// BIP30 checking for blocks at height 1,983,702 or higher. Before we reach
1875+
// that block in another 25 years or so, we should take advantage of a
1876+
// future consensus change to do a new and improved version of BIP34 that
1877+
// will actually prevent ever creating any duplicate coinbases in the
1878+
// future.
1879+
static constexpr int BIP34_IMPLIES_BIP30_LIMIT = 1983702;
1880+
1881+
// There is no potential to create a duplicate coinbase at block 209,921
1882+
// because this is still before the BIP34 height and so explicit BIP30
1883+
// checking is still active.
1884+
1885+
// The final case is block 176,684 which has an indicated height of
1886+
// 490,897. Unfortunately, this issue was not discovered until about 2 weeks
1887+
// before block 490,897 so there was not much opportunity to address this
1888+
// case other than to carefully analyze it and determine it would not be a
1889+
// problem. Block 490,897 was, in fact, mined with a different coinbase than
1890+
// block 176,684, but it is important to note that even if it hadn't been or
1891+
// is remined on an alternate fork with a duplicate coinbase, we would still
1892+
// not run into a BIP30 violation. This is because the coinbase for 176,684
1893+
// is spent in block 185,956 in transaction
1894+
// d4f7fbbf92f4a3014a230b2dc70b8058d02eb36ac06b4a0736d9d60eaa9e8781. This
1895+
// spending transaction can't be duplicated because it also spends coinbase
1896+
// 0328dd85c331237f18e781d692c92de57649529bd5edf1d01036daea32ffde29. This
1897+
// coinbase has an indicated height of over 4.2 billion, and wouldn't be
1898+
// duplicatable until that height, and it's currently impossible to create a
1899+
// chain that long. Nevertheless we may wish to consider a future soft fork
1900+
// which retroactively prevents block 490,897 from creating a duplicate
1901+
// coinbase. The two historical BIP30 violations often provide a confusing
1902+
// edge case when manipulating the UTXO and it would be simpler not to have
1903+
// another edge case to deal with.
1904+
1905+
// testnet3 has no blocks before the BIP34 height with indicated heights
1906+
// post BIP34 before approximately height 486,000,000 and presumably will
1907+
// be reset before it reaches block 1,983,702 and starts doing unnecessary
1908+
// BIP30 checking again.
18591909
assert(pindex->pprev);
18601910
CBlockIndex *pindexBIP34height = pindex->pprev->GetAncestor(chainparams.GetConsensus().BIP34Height);
18611911
//Only continue to enforce if we're below BIP34 activation height or the block hash at that height doesn't correspond.
18621912
fEnforceBIP30 = fEnforceBIP30 && (!pindexBIP34height || !(pindexBIP34height->GetBlockHash() == chainparams.GetConsensus().BIP34Hash));
18631913

1864-
if (fEnforceBIP30) {
1914+
// TODO: Remove BIP30 checking from block height 1,983,702 on, once we have a
1915+
// consensus change that ensures coinbases at those heights can not
1916+
// duplicate earlier coinbases.
1917+
if (fEnforceBIP30 || pindex->nHeight >= BIP34_IMPLIES_BIP30_LIMIT) {
18651918
for (const auto& tx : block.vtx) {
18661919
for (size_t o = 0; o < tx->vout.size(); o++) {
18671920
if (view.HaveCoin(COutPoint(tx->GetHash(), o))) {

0 commit comments

Comments
 (0)