March 3, 2016

A couple of months ago, Paul Sztorc published a blog post asking two very good questions:

“Why do you think we have a [maximum] blocksize?” “What has changed, between the time that the [maximum] blocksize was introduced (July 15th, 2010), and today, which motivates us to make a corresponding change in the constraint?”

For me, personally, the answers are simple. First, the limits were added to prevent a ‘poisonous block’ network denial-of-service attack. We have to worry about denial-of-service attacks if they are inexpensive to the attacker. ‘Amplification’ attacks are the worst, where the attacker sends a little bit of information that causes lots of traffic on the network or causes lots of wasted CPU processing.

Second, a couple of key things have changed since Satoshi made the change.

The attack the limit is meant to prevent is much more expensive today. I have a spreadsheet with all of the trades made on bitcoinmarket.com, the earliest Bitcoin exchange. On July 15th, about eleven thousand bitcoin were traded at an average price of about three cents each.

The block reward was 50 BTC back then, so miners could sell a block’s worth of coin for about $1.50. That gives a rough idea of how much it would cost an attacker to produce a ‘poisonous block’ to disrupt the network– a dollar or two. Lots of people are willing to spend a dollar or two “for the lulz” – they enjoy causing trouble, and are willing to spend either lots of time or a modest amount of money to cause trouble.

Today the block reward is 25 BTC and the price is over $400; miners get over $10,000 for the blocks they produce. An attacker would have to spend close to that amount to produce a ‘poisonous block.’

Something else has changed since July of 2010– we know that attackers could produce very-expensive-to-validate blocks, even with the limits Satoshi imposed over five years ago. We have known that since Sergio Demian Lerner reported it in 2013.

The fact that nobody has attacked the network by producing intentionally-expensive-to-validate blocks is very good evidence that there is no profit to be made by the attack… but it is a good idea to completely eliminate the possibility of a ‘poisonous block’ attack. BIP 109 eliminates the attack in a straightforward way, and makes it safe to raise the limit.

So, we know how to safely raise the limit. In 2010 there were a few hundred transactions confirmed per day. Today there are hundreds of thousands confirmed every day. The number of people reporting trouble getting their transactions confirmed is increasing, and even the smartest fee-estimating code in the world will not prevent transaction confirmations from becoming increasingly unreliable.

See Paul’s blog post for other people’s answer to “why do we have a maximum block size.”

In my view, people are using the block size limit for something it was never meant to do– to influence how people use the Bitcoin blockchain, forcing some uses off the blockchain.

They are doing this for the best of reasons– they believe their vision for the future of Bitcoin is better than what will naturally arise if the limits are (safely) raised or eliminated.

I cannot support that type of top-down, centrally-planned vision.

973 Kudos