Tech

Cecille de Jesus

Jonald Fyookball: SegWit dismantles one of Bitcoin’s primary security mechanisms

As problems with the Lightning Network and the risks of Segregated Witness continue to surface, Jonald Fyookball questions Bitcoin Core development team’s “interesting contradictions.”

In a Yours.org post, Electron Cash developer Jonald Fyookball revisits the security issues of Segregated Witness or Segwit, Bitcoin Core’s supposed solution to the congestion suffered by the legacy chain (BTC).

Segwit discards the signature data from blocks to free up space. The signature hashes in Bitcoin serve as testaments to a user’s consent for a transfer of funds from his wallet to another. It was initially agreed through the New York Agreement (NYA) that Segwit will be activated on the legacy chain under the condition that a subsequent block size increase to 2Mb will follow—the other half of the agreement referred to as SegWit2x. But this was ultimately abandoned.

He quotes Bitcoin Unlimited chief scientist Peter Rizun, who has also explained its dangers before.

“In a Bitcoin, the signatures are an integral part of the chain. Carol can only verify the complete chain of ownership if all the signatures exist because if even a single signature is missing, the chain breaks down…there’s no way to follow it through. A SegWit coin is different because the signatures are all outside of the chain. If even none of the signatures exist, or maybe none of the signatures were even real to begin with, Carol can still validate the chain of custody. I’m using the word custody instead of the chain of ownership, because SegWit really only shows custody.” -Peter Rizun.

Risks of Segregated Witness

Jonald points out that Segwit gets rid of one of Bitcoin’s main security mechanisms.

“…breaking the chain of digital signatures is actually removing an integrity check in the Bitcoin ledger,” he wrote.

“In Bitcoin, one of the most important types of data are the digital signatures that prove a coin was transferred properly.  The fact that signatures cannot be forged is one reason that your coins in storage are safe, even if the network were to undergo a 51% attack.

By defining a coin as a chain of digital signatures (and by implementing Bitcoin to require the signature to be part of the transaction which then gets hashed into the input of the next transaction), Bitcoin establishes an important data integrity check.”

Even though the signature data is stored somewhere else, Jonald says this opens up to a lot of potential errors—even the possibility of collusion, although the chances are remote.

“We still have the data, but what we DON’T have is the data integrity check since it’s not necessary to have the complete transaction (including the signatures) the next time the coin is spent.”

“What if political pressure is applied to mining pools to steal some funds without a signature?,” he asks.“After a certain number of blocks, would other miners capitulate or would the chain split?  You could argue that the same thing could happen without SegWit (an invalid signature is accepted as valid), but it seems less likely that this chain would continue.”

Data integrity and questions of legality

There are some specific criteria that regulators use to validate the integrity of data, sometimes referred to as ALCOA. Segwit may encounter problems with some of these criteria, as simplified by Global Vision:

“Data should clearly demonstrate who observed and recorded it, when it was observed and recorded, and who it is about;

Data should be easy to understand, recorded permanently and original entries should be preserved;

Data should be recorded as it was observed, and at the time it was executed.”

Additionally, last year, nChain CEO Jimmy Nguyen pointed out the possible legal repercussions of discarding signature data.

“In a SegWit world, signature data may not always be “attached to or logically associated” later with transaction data. That would contravene the leading legal framework for electronic contracts and trigger additional hurdles for authenticating blockchain records as evidence in legal proceedings. These risks could deter businesses from operating more on the blockchain, and impede the greater vision of a Bitcoin 2.0 network powering smart contracts and greater functionality in the future. To achieve greater Bitcoin 2.0 vision, the bitcoin community needs to demonstrate to businesses, courts, regulators, and legislators that bitcoin records— and in particular, signatures—are reliable and authentic; this effort is just getting started and should not be undermined by proposals such as SegWit which fundamentally change the nature of bitcoin,” he wrote.

Risks outweigh the benefits?

Recently, a study by Diar found that the Lightning Network—the second layer solution that would work with Segwit in processing transactions on the legacy chain—had a low success rate for routing payments. The study found that as transactions go up to even just a few dollars, the rate of failure worsens. UX-wise, it’s also a nightmare since it requires an intermediary between sender and receiver, first of all—and requires that all three parties be online at the time of a transaction. This ends up proving criticisms right as it encourages the establishment of large, centralized “banking” hubs, which Jonald Fyookball also pointed out last year.

Yet with little demonstrable benefits and several risks, the Bitcoin Core development team pushes on. Jonald Fyookball points out how inconsistent this is.

“This is a group that heavily emphasizes the importance of running a full node and “validating everything yourself”.  They discourage the SPV security model, and one of the Core developers (Luke Jr) has even said on multiple occasions that if you’re not running a full node, you’re not using Bitcoin.Other BTC supporters rarely if ever contest these statements.

Yet these same people are perfectly ok with tossing out the window the basic assurance that comes from validating each transaction’s signature as a required linkage in the chain.  That makes no sense to me,” he wrote.

He adds another inconsistency with the way miners are viewed by the team.

“This is also a group that loves developers and (non-mining) “full node” operators, but are mistrustful of miners.  They have even said that miners don’t get to enforce consensus; that they are only there to “ensure transaction ordering.” Isn’t it funny how they now support a security model that depends on the miners more than ever?”

To receive the latest CoinGeek.com news, special discounts on CoinGeek Conferences and other inside information direct to your inbox, please sign up for our mailing list.

COMMENT

[data-clipboard-demo]
[data-clipboard-demo]
[data-clipboard-demo]
[data-clipboard-demo]
[data-clipboard-demo]
[data-clipboard-demo]
[data-clipboard-demo]
[data-clipboard-demo]
[data-clipboard-demo]
[data-clipboard-demo]
[data-clipboard-demo]
[data-clipboard-demo]