It seems to me Bitcoin Unlimited really should be the "Unlimited" choice.
I've been thinking about the consensus code related to block limits, sigop limits, etc. for quite a while, and for everybody except miners, the rule can be pretty darn simple:
Don't enforce any limits on blocks. As long as blocks have valid proof-of-work, accept them, no matter how big they are or how long they take to validate.
Yes, theoretically a 'rogue miner' could produce a block that takes a long time to broadcast or validate. So what? Worst case is your node spends half an hour validating it, and then re-orgs onto the longer chain with less expensive-to-validate blocks.
For everybody except miners that looks no different from there being a gap of half an hour between blocks, which happens every once in a while. I wouldn't count it as a denial-of-service attack.
So my suggestion for Unlimited: just remove the block size and sigop counting code from CheckBlock().
For transactions, the existing IsStandard tests are sufficient to prevent denial-of-service attacks.
While you're changing code (disclaimer: I haven't looked at current Unlimited code, you might have already done this) change the MAX_PROTOCOL_MESSAGE constant in net.h back to 32 megabytes. Again, worst case is somebody gets you to allocate 32MB of memory-- "meh". If somebody actually wants to DoS attack you, they will just flood your ISP with packets until your ISP decides you're not worth the trouble and null-routes your connection. That's a lot easier and more effective than trying to send you valid 32MB bitcoin protocol messages.
-----
As for solo miners or pools using Unlimited with these suggested changes... that is fine, as long as the miner sets the block size to something the other miners won't reject, and as long as there are not economically irrational rogue miners producing expensive-to-validate-blocks.
I've seen zero evidence that there are any economically irrational rogue miners. However, to sidestep all of the "how many miners can dance on the head of a pin" arguments, if I were King of Unlimited I'd also rip out all of the mining-related code (CreateNewBlock / getblocktemplate / getmininginfo / etc) and explicitly say it is not for miners-- it is for everybody else who doesn't care about limits on blocks.
I've been thinking about the consensus code related to block limits, sigop limits, etc. for quite a while, and for everybody except miners, the rule can be pretty darn simple:
Don't enforce any limits on blocks. As long as blocks have valid proof-of-work, accept them, no matter how big they are or how long they take to validate.
Yes, theoretically a 'rogue miner' could produce a block that takes a long time to broadcast or validate. So what? Worst case is your node spends half an hour validating it, and then re-orgs onto the longer chain with less expensive-to-validate blocks.
For everybody except miners that looks no different from there being a gap of half an hour between blocks, which happens every once in a while. I wouldn't count it as a denial-of-service attack.
So my suggestion for Unlimited: just remove the block size and sigop counting code from CheckBlock().
For transactions, the existing IsStandard tests are sufficient to prevent denial-of-service attacks.
While you're changing code (disclaimer: I haven't looked at current Unlimited code, you might have already done this) change the MAX_PROTOCOL_MESSAGE constant in net.h back to 32 megabytes. Again, worst case is somebody gets you to allocate 32MB of memory-- "meh". If somebody actually wants to DoS attack you, they will just flood your ISP with packets until your ISP decides you're not worth the trouble and null-routes your connection. That's a lot easier and more effective than trying to send you valid 32MB bitcoin protocol messages.
-----
As for solo miners or pools using Unlimited with these suggested changes... that is fine, as long as the miner sets the block size to something the other miners won't reject, and as long as there are not economically irrational rogue miners producing expensive-to-validate-blocks.
I've seen zero evidence that there are any economically irrational rogue miners. However, to sidestep all of the "how many miners can dance on the head of a pin" arguments, if I were King of Unlimited I'd also rip out all of the mining-related code (CreateNewBlock / getblocktemplate / getmininginfo / etc) and explicitly say it is not for miners-- it is for everybody else who doesn't care about limits on blocks.