The following security considerations, potential risks, and costs have been reviewed to verify the safety and advisability of this proposal.
Note that this risk assessment extends the parent proposal's risk assessment: Targeted Virtual Machine Limits: Risk Assessment.
Table of Contents
This section reviews the foreseeable security implications of the proposed changes to the Bitcoin Cash network. Key technical considerations include user impact risks, consensus risks, denial-of-service (DoS) risks, and risks to protocol complexity or maintenance burden of newly introduced behavior.
All upgrade proposals must carefully analyze proposed changes for potential impacts to existing Bitcoin Cash users and use cases. Virtual Machine (VM) upgrades can impact node operators and blockchain indexers (and therefore payment processors, exchanges, and other businesses), software development libraries, wallets, decentralized applications, and a wide range of pre-signed transactions, contract systems, and transaction-settled protocols.
This proposal preserves backwards-compatibility, minimizing user impact risks:
See Limits CHIP Risk Assessment: Reduced or Equivalent Node Validation Costs.
See Limits CHIP Risk Assessment: Increased or Equivalent Contract Capabilities.
Additionally, this proposal highlights and evaluates the risk of impact to one additional, hypothetical set of advanced contract users. See Removal of Overflow Behavior: Consideration of Potential Impacts.
All network consensus upgrade proposals must account for consensus risks arising from incorrect or inconsistent implementation of consensus-critical changes. For Virtual Machine (VM) upgrades, consensus risks primarily apply to node implementations and other software which performs VM evaluation as part of transaction validation.
This proposal inherits the parent proposal's consensus risk mitigations: 1) an extensive set of full-transaction test vectors, 2) a new cross-implementation performance testing methodology, and 3) a 6-month early activation on chipnet.
See Limits CHIP Risk Assessment: Full-Transaction Test Vectors.
See Limits CHIP Risk Assessment: New Performance Testing Methodology.
See Limits CHIP Risk Assessment: Chipnet Preview Activation.
All network consensus upgrade proposals which alter system limits carry risks related to Denial-of-Service (DoS) attacks. In particular, modifications to VM limits could 1) exacerbate the worst-case performance of transaction or block validation for both expensive-but-valid cases and excessively-invalid cases, and/or 2) decrease the cost or increase the practicality of attempting a particular VM-related DOS attack.
See Limits CHIP Risk Assessment: Expanded Node Performance Safety Margin.
All upgrade proposals must carefully analyze proposed changes for both immediate and potential future impacts on overall protocol complexity.
In addition to the risk mitigations of the parent proposal, this proposal mitigates additional protocol complexity risks:
This proposal eliminates a variety of edge cases which add to the complexity of both VM implementations and contract development. By simplifying away these cases, protocol complexity risks are reduced and a class of potential contract vulnerabilities is eliminated. See Rationale: Full Removal Simplifies Protocol and Contract Review.
This proposal fully eliminates a potential source of future protocol ambiguity from the Bitcoin Cash VM. See Removal of Overflow Behavior: Consideration of Potential Impacts.
By definitively removing the need for emulated-precision math, this proposal reduces future protocol complexity risks arising from the demands of precision-emulation use cases, as all existing use cases needing greater flexibility can be migrated to native-precision math. For example, the owners of CHIP-2023-07 Composite Arithmetic Opcodes have paused work and plan to withdraw CHIP-2023-07 Composite Arithmetic Opcodes if this proposal is locked-in.
This section reviews the costs of implementing the proposed changes.
See Limits CHIP Risk Assessment: Node Upgrade Costs.
Note that significant portions of expected node upgrade costs were already speculatively paid, in hopes of later activation, during the creation and review of this proposal. Additionally, rather than draining node resources, this proposal has attracted additional resources to fund further development and maintenance of multiple node implementations. See Node Maintenance Costs.
See Limits CHIP Risk Assessment: Ecosystem Upgrade Costs.
All network upgrade proposals must evaluate their foreseeable impact on maintenance costs. Virtual Machine (VM) upgrades can increase the risks of consensus divergence, performance issues, and increased implementation complexity. This section reviews foreseeable ongoing costs following activation of the proposed changes.
See Limits CHIP Risk Assessment: Node Maintenance Costs.
Beyond the node maintenance costs of CHIP: Targeted Virtual Machine Limits, this proposal requires all future node implementations to implement big-integer arithmetic, either by:
- Importing a dependency, or
- Relying on utilities built-in to the programming language or execution environment in use.
Most modern programming languages and/or execution environments now include official support for arbitrary-precision arithmetic at far greater lengths than are required by this proposal – with the notable exceptions of C++ and Rust, which both have a variety of widely-used libraries, e.g.:
- C++ – GMP (the library used by BCHN's implementation of this proposal)
- Go –
math/bigstandard library package - Java –
java.math.BigInteger - JavaScript –
BigIntprimitive - Python –
intNumeric Type - Ruby –
Integer - Rust –
rugcrate – (interface to GMP)
Requiring high-precision arithmetic in the Bitcoin Cash VM adds a non-zero review and maintenance cost to all future implementations – particularly for node implementations written in languages without existing, official support (requiring a new direct dependency).
However, high-precision arithmetic is widely used across a variety of financial and safety-critical industries. With such wide usage, the relative implementation and maintenance cost of high-precision arithmetic is often even lower than the equivalent costs related to Bitcoin Cash's existing, relatively-niche cryptographic requirements – especially RIPEMD160 and Secp256k1 – which typically require implementations to rely on far less commonly used dependencies for cryptography than are available for high-precision arithmetic.
Finally, various implementations have produced additional BigInt-specific test sets and testing methodologies which may be useful for verification and maintenance:
- vmb_tests – This proposal's functional tests and performance benchmarks include combinatorial sets of tests exercising all arithmetic operations at varying operand lengths and byte-fill contents.
- Property-based testing – Property Tests for Big Integer Arithmetic Script Operations (BCHN)
- Python-Generated Test Vectors –
generate_bigint_test_vectors.pyfrom BCHN - OpenSSL Test Vectors – Used in verifying the BCHN implementation
See Limits CHIP Risk Assessment: Ecosystem Maintenance Costs.