Maintaining the security of DigiByte

How does a merge differ from a rebase?

I’m glad you asked because that underpins a lot of this!

So why is merging bad then?

Well, because so much fluff gets left in for starters, but also because it’s going to be impossible to review the code. Things can get slipped in there, intentionally or inadvertently, which you naturally don’t want.

DigiSpeed code removed

When DigiByte merged in the code from BTC Core in 2017, the SegWit code broke DigiSpeed block size doubling. As such, that block size increase code was removed.

Double spends on DigiByte

I’ve talked about this before in depth (at the end of the article), but it needs repeating:

Jared sent me this screenshot, he was the green, and the person reporting the security issue was in white on the left.
DigiByte Orphan chart from 2018 when the double spends were happening

Code can easily be slipped through when merging

Unless somebody is looking over every single line of code, and vetting it thoroughly, you can slip through a LOT of things. It might not be malicious, it may be inadvertent issues that get through, but it can still happen.

GitHub won’t show you the file by default, the merge was too big to even show on your PC

Inability to import older wallets

Merging also broke the ability to restore wallets with private keys from the earlier 2014 days of DigiByte!

Couldn’t import the older private keys

Broke fresh blockchain syncing

Yep, did you know that when 6.16.5 was released, further code from upstream was merged which broke the ability for DigiByte to sync from scratch?

Release of 6.16.5.1 fixed the new client sync issue

So why do Jared and GTO90 insist on a merge?

I genuinely don’t know. It’s completely asinine at this point.

Will a rebase really solve these issues though?

Great question, and I’ll ask you another in return before answering:

Sounds scary, how the heck would that work?

It’s pretty straight-forward actually:

So what’s the way forward?

Demand better.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store
Josiah Spackman

Josiah Spackman

I write interesting things about cryptocurrency, especially DigiByte