156 sats \ 8 replies \ @shafemtol 4 May \ on: What kind of hard fork do you think Bitcoin needs more right now? bitcoin
Bitcoin will never need a hard fork, but if it will need one, it will be a security related one.
In a hard fork, old nodes will stop following the same chain as forked nodes (if there are miners among the old nodes, there will be a chain split). However, virtually any change can in one way or another be implemented as a soft fork, where old nodes and new nodes still follow the same chain (at least as long as the majority of hash power implements the fork).
Post-quantum signature schemes can be soft-forked in as a new script version, just like what was done for Taproot.
A sudden and complete break of the secp256k1 curve could arguably be a good opportunity for a hard fork, if only to force everyone to upgrade their nodes lest they risk revealing the keys to still-unspent P2PKH/P2WPKH coins through their thence insecure public keys. A fork could then require proof of an OTS-style timestamp (from several hundreds or thousands of blocks prior) of a commitment to spend such coins before allowing them to be spent.
bitcoin needs at least one hardfork, lookup the year 2106 issue.
reply
I had forgotten about the timestamp overflow issue, but that would be the kind of hard fork Bitcoin would need if it would ever need one.
That kind of hard fork doesn't necessarily have the same problem that most other hard forks would have, though. At some point it would be completely impossible to progress on the old chain. If the fork activates at that point, there's no actual chain split, old nodes will simply be stuck on an old block.
In practice such a hard fork would be more similar to a forced soft fork.
reply
Thinking about the timestamp overflow issue a bit further, it could have been implemented as a soft fork by exploiting Bitcoin's time warp bug. By my calculations this could extend the lifespan of the existing chain by some 240 thousand years.
However, after the activation of BIP113 in 2016, a time warp exploit is no longer a viable option as there's no way to do make timelocked transactions with a far-future timestamp spendable at the appropriate time.
But that part could be addressed with a forced soft fork at worst. So my point still stands ("tis but a scratch!"): Bitcoin will "never" need a hard fork.
reply
touché
reply