
Btcd: A Full Alternative Bitcoin Implementation, Written In Go - waterlesscloud
http://bitcoinmagazine.com/btcd-a-full-bitcoin-alternative-written-in-go/
======
patio11
Interestingly, the main bitcoin developers generally treat other
implementations of the protocol as being suspect and more-than-possibly
threatening, since if you're not bug-for-bug compatible with the satoshi
client that is a security risk. This remains true even if you improve upon the
satoshi client with regards to, for example, hewing closer to the published
spec.

This might come as something of a surprise to many HNers, who would think "But
wait. The Internet would sort of suck if HTML5 were a purely advisory document
and failing to match IE6's actual behavior 100% of the time was a fatal flaw
in a browser." But, to quote a fairly representative post from their forums:

 _Any implementation needs to specifically test for uniformity with the
network: Bitcoin is a distributed consensus algorithm and differences in what
nodes accept or reject in the blockchain— things which would be minor harmless
behavioral differences in most software— can often result in fatal security
flaws where an attacker can move the nodes in question onto a separate fork
and double-spend their funds away or partition the network. This requires a
unusual level of care and system level tests.

Many of the most interesting cases are the great many things which must be
rejected as no amount of exposure to the live network will trigger those cases
(until an attacker exploits them to partition the network)._ (cite:
<https://bitcointalk.org/index.php?topic=192880.0>)

~~~
mseebach
How can a bug in the implementation be a security risk? Aren't the artefacts
of bitcoin (I don't know the correct terminology) cryptographically
unambiguous, completely independent of the implementation used to create them?

The "problem" with HTML incompatibilities is that there is room for plenty of
ambiguity in both standard and implementation, without compromising the
fundamental mission of the users of the protocol (rendering web content).

~~~
Strilanc
If one type of client accepts a particular block and another doesn't, the
block chain splits and things go badly.

This literally happened one month ago, because of a bug being _fixed_ :
<https://bitcointalk.org/index.php?topic=152030.0>

~~~
mseebach
Ugh, that is very bad. I had much higher thoughts of the cryptographic purity
of BTC.

~~~
nullc
Bitcoin is a distributed consensus algorithm. Software which implements a
subtly different algorithm might be able to join the consensus until some case
arises which triggers the difference, after that consensus between the
implementations would be impossible.

Unfortunately, it's rather hard to demonstrate that two dissimilar complex
programs actually implement exactly the same function.

This is doubly true because performance is very important, so some techniques
that might help— e.g. define a kind of abstract turing machine, write the
rules for the distributed algorithm in its language, then different
implementations use the same rules and only have to prove their turing machine
implementation is functionally identical— aren't readily available.

It can be hard to gain confidence through testing because some of the most
important rules are for cases which are forbidden, so these cases will not
show up on the production network— they only happen when an attacker produces
them. There are an infinite number (subject to memory, and already the
function input is gigabytes of data) of valid and invalid cases, so exhaustive
testing of the whole function is not possible. They can also arise out of
implicit behavior, "what happens when this value overflows?", "what is the
maximum size of this structure", etc.

This is further complicated by the fact that Bitcoin implementations use third
party code that wasn't written with this kind of must-have-exact-behavior in
mind. The reference implementation uses things like OpenSSL's crypto and
bignums, various boost data structures, BDB (previously, now leveldb)... and
subtle potentially undocumented and unknown behavior from this third party
code may be leaking into the definition of the consensus algorithm. The
reference implementation has been slowly disentangling these dependencies, but
things like the hidden BDB locking limitations (which depend on the layout of
the database on disk) are easy to miss.

(Third party code isn't just a reference implementation issue, e.g. BitcoinJ's
full node code has had algorithm inconsistencies arising out of undocumented
behavior in a database library it uses)

Satoshi's answer for this was that there should only be one implementation of
the full node software. However, "create your own Bitcoin implementation"
seems to be the new millennium's "create an IRC client" so it seems that this
is unrealistic... and there have been more than a half dozen attempts
(including two nearly complete ones in java, two in C, three in C++, one in
Haskell, one in erlang, one (two?) in javascript, as well as several non
public ones (including one in ruby, I think)).

~~~
mechanical_fish
_Satoshi's answer for this was that there should only be one implementation of
the full node software._

He should have talked to a release engineer. There are always at least two
implementations of a piece of software: the stable version, and the prerelease
version.

With Herculean effort and focus one could theoretically arrange a system where
every customer on Earth runs version N until midnight on Dec 31 and runs
version N+1 one microsecond later. You would have to distribute the new code
in advance. But it wouldn't ever be perfect, because networks get partitioned:
someone's PC would be unplugged when the patch was pushed. And what's the
rollback procedure when you push the unforeseen bug?

~~~
rmc
That sounds like the opposite of an actual peer-to-peer, decentralized system
that BitCoin promises. Funny that.

------
saurik
> The implementation is not yet entirely done, but most core features such as
> transaction verification, database interaction and network connectivity are
> tested as working, and the company has released one component of the system
> for public review...

I have a different definition of "full".

~~~
jeffasinger
I think full here may mean in the sense that it actually verifies the entire
blockchain, rather than relying on an instance of bitcoind to do that.

~~~
saurik
I am willing to re-state "I have a different definition of 'implementation'"?
It actually occurred to me that that is how "full" might be being used in this
context (I spent some time recently learning about bitcoin and even ran a
class on it a few days ago, and had run into the distinction), but if I were
to say I had "an end-to-end website rendering engine written in Erlang" would
you not also feel a little disappointed when you got to my page and found only
that "most of the core pieces, such as CSS3 selectors, DOM event bubbling, and
network connectivity are done and we've open sourced the HTML parser"?

------
swhitt
When this was posted on reddit there was a bit of confusion as the title lead
people to believe this was about an alternate cryptocurrency (like litecoin,
feathercoin, etc).

It's actually a complete reimplementation of the Bitcoin _protocol_ , which
can be used as an alternative to the bitcoind/bitcoin-qt (the official Bitcoin
p2p clients) JSON-RPC interface.

------
jimrandomh
Some variety in Bitcoin software could be a good thing. However, I'd just like
to leave a reminder here that beta-level software is not something you should
trust significant amounts of Bitcoins to, or build a business on, until it
stops being beta-level.

~~~
tptacek
Yeah, not like bitcoind.

------
SomeoneWeird
This is ridiculous, it's not even a partial implementation, it's just a
serialization library, at the moment. People should get their facts straight
:)

------
DanielBMarkham
Speaking as a Bitcoin skeptic, the really cool thing about it is that it opens
up a world of virtual collectibles.

Bitcoin isn't the future of money, it's more like Netscape -- a new way of
doing things we haven't thought of before. The follow-on products should truly
be amazing. Good to see this.

~~~
michielvoo
Not sure from your comment if you got the gist of it... but this is not an
alternative to Bitcoin, the currency. It's an alternative to bitcoind, the
library.

If anything, the article suggests, the rise of such alternative
implementations of the same protocol could make the network as a whole more
resilient and stable.

~~~
Guvante
Why does that disagree with what he said? Netscape understood the same
protocols all future browsers did, with only some feature misalignment, yet
eventually disappeared.

I think he is saying the same thing to could happen to Bitcoin, the current
use cases of the currency may be only the beginning.

~~~
vrotaru
As I understand it the Bitcoin is HTML and bitcoind is Netscape

It does not make a lot of sense, to disagree/disaprove of HTML, and hail a
Netscape alternative.

~~~
ttrreeww
Research litecoin. It'll have a larger user base, just give it time.

~~~
drivebyacct2
Why? I have researched litecoin and I don't get why everyone spams this
everywhere.

~~~
Guvante
Some have said that it fixes potential issues with Bitcoin (quicker
confirmation time for instance). However no one really knows how much
confidence will be needed for real transactions at this point, so most of the
fixes are of questionable importance.

------
Sami_Lehtinen
Also see: [https://blog.conformal.com/btcd-a-bitcoind-alternative-
writt...](https://blog.conformal.com/btcd-a-bitcoind-alternative-written-in-
go/) Btw, this original link was posted here full week ago.

------
kellros
Should definitely build this with the gcc go compiler (which featured a couple
of days ago on HN) that produces larger binaries but faster code :)

------
whaevr
Interesting, one question though. Who thought orange text on white background
was a good idea? Ow

~~~
maaku
Discuss the topic please.

~~~
whaevr
? It is related to the topic. Maybe not specifically the article but the
website in question that was linked. I thought it was a pretty odd choice, and
website design is definitely relevant to HN

