Fossil SCM
Removed several weak arguments from the blockchain.md doc and added a lot more info about cryptocurrencies to show the differences between them and Fossil. Tweaked much of the preexisting material.
Commit
3d55f44376b09e3a0919a0a9ce37e6f66e907fbe612e66054220591b025361b7
Parent
855578b61091c49…
1 file changed
+178
-88
+178
-88
| --- www/blockchain.md | ||
| +++ www/blockchain.md | ||
| @@ -1,101 +1,191 @@ | ||
| 1 | 1 | # Is Fossil A Blockchain? |
| 2 | 2 | |
| 3 | 3 | The Fossil version control system shares a lot of similarities with |
| 4 | -blockchain based technologies, but it also differs from the more common | |
| 4 | +other blockchain based technologies, but it also differs from the more common | |
| 5 | 5 | sorts of blockchains. This document will discuss the term’s |
| 6 | 6 | applicability, so you can decide whether applying the term to Fossil |
| 7 | 7 | makes sense to you. |
| 8 | 8 | |
| 9 | 9 | |
| 10 | 10 | ## The Dictionary Argument |
| 11 | 11 | |
| 12 | -[Wikipedia defines "blockchain"][bcwp] in part as | |
| 13 | - | |
| 14 | -> | |
| 15 | - "…a growing list of records, called blocks, which are linked using | |
| 16 | - cryptography. Each block contains a cryptographic hash of the previous | |
| 17 | - block, a timestamp, and transaction data…" | |
| 18 | - | |
| 19 | - | |
| 20 | -By that partial definition, Fossil is indeed a blockchain. | |
| 21 | -The blocks are ["manifests" artifacts](./fileformat.wiki#manifest). | |
| 22 | -Each manifest has a SHA1 or SHA3 hash of its parent or parents, | |
| 23 | -a timestamp, and other transactional data. The repository grows by | |
| 24 | -adding new manifests onto the list. | |
| 25 | - | |
| 26 | -Nevertheless, there are many reasons to regard Fossil as *not* a | |
| 27 | -blockchain. | |
| 28 | - | |
| 29 | -[bcwp]: https://en.wikipedia.org/wiki/Blockchain | |
| 12 | +The [Wikipedia definition of "blockchain"][bcwp] begins: | |
| 13 | + | |
| 14 | +> | |
| 15 | + "A blockchain…is a growing list of records, called blocks, which are linked using | |
| 16 | + cryptography. Each block contains a cryptographic hash of the previous | |
| 17 | + block, a timestamp, and transaction data (generally represented as a Merkle tree)." | |
| 18 | + | |
| 19 | + | |
| 20 | +By that partial definition, Fossil is indeed a blockchain. The blocks | |
| 21 | +are Fossil’s ["manifest" artifacts](./fileformat.wiki#manifest). Each | |
| 22 | +manifest has a cryptographically-strong [SHA-1] or [SHA-3] hash linking it to | |
| 23 | +one or more “parent” blocks. The manifest also contains a timestamp and | |
| 24 | +the transactional data needed to express a commit to the repository. If | |
| 25 | +you traverse the Fossil repository from the tips of its [DAG] to the | |
| 26 | +root by following the parent hashes in each manifest, you will then have | |
| 27 | +a Merkle tree. Point-for-point, Fossil follows that definition. | |
| 28 | + | |
| 29 | +Every change in Fossil starts by adding one or more manifests to | |
| 30 | +the repository. | |
| 31 | + | |
| 32 | +[bcwp]: https://en.wikipedia.org/wiki/Blockchain | |
| 33 | +[DAG]: https://en.wikipedia.org/wiki/Directed_acyclic_graph | |
| 34 | +[SHA-1]: https://en.wikipedia.org/wiki/SHA-1 | |
| 35 | +[SHA-3]: https://en.wikipedia.org/wiki/SHA-3 | |
| 30 | 36 | |
| 31 | 37 | |
| 32 | 38 | |
| 33 | 39 | ## Cryptocurrency |
| 34 | 40 | |
| 35 | 41 | Because blockchain technology was first popularized as Bitcoin, many |
| 36 | -people associate the term with cryptocurrency. Since Fossil has nothing | |
| 37 | -to do with cryptocurrency, someone using the term “blockchain” to refer | |
| 38 | -to Fossil is likely to fail to communicate their ideas clearly. | |
| 39 | - | |
| 40 | -Cryptocurrency also has unfortunate implications in certain circles, its | |
| 41 | -anonymity and lack of regulation leading it to become associated with | |
| 42 | -bad actors. Even if we ignore all of the other criticisms in this | |
| 43 | -document, our unwillingness to be so associated may be enough of a | |
| 44 | -reason for us to avoid using it. | |
| 45 | - | |
| 46 | - | |
| 47 | - | |
| 48 | -## Marketing Capture | |
| 49 | - | |
| 50 | -The fact that blockchain technology has become a hot marketing buzzword | |
| 51 | -should affect your choice of whether to use the term “blockchain” to | |
| 52 | -refer to Fossil. Your choice may well vary based on the audience: | |
| 53 | - | |
| 54 | -* **Executive Board:** At the quarterly all-hands meeting, the big | |
| 55 | - boss — who just read about blockchains in [PHB] Weekly — asks if | |
| 56 | - your development organization “has a blockchain.” With Fossil and a | |
| 57 | - suitably narrow definition of the term “blockchain” in mind, you | |
| 58 | - could answer “Yes,” except that you know they’re then going to go to | |
| 59 | - the shareholders and happily report, “Our development organization | |
| 60 | - has been using blockchain technology for years!” You may decide that | |
| 61 | - this makes you responsible for a public deception, putting the | |
| 62 | - organization at risk of an SEC investigation for making false | |
| 63 | - statements. | |
| 64 | - | |
| 65 | - Yet if you answer “No,” knowing you’ll be punished for not being on | |
| 66 | - top of the latest whiz-bang as the technologically gormless PHB sees | |
| 67 | - it, are you advancing the organization’s actual interests? If the | |
| 68 | - organization has no actual need for a proper blockchain tech base, | |
| 69 | - isn’t it better to just say “Yes” and point at Fossil so you can get | |
| 70 | - back to useful work? | |
| 71 | - | |
| 72 | -* **Middle Management:** Your project leader asks the same question, | |
| 73 | - so you point them at this document, which tells them the truth: | |
| 74 | - kinda yes, but mostly no. | |
| 75 | - | |
| 76 | -* **Developer Lunch:** A peer asks if you’re doing anything with | |
| 77 | - blockchains. Knowing the contents of this document, you decide you | |
| 78 | - can’t justify using that term to refer to Fossil at a deep technical | |
| 79 | - level, so you admit that you are not. | |
| 80 | - | |
| 81 | -[PHB]: https://en.wikipedia.org/wiki/Pointy-haired_Boss | |
| 42 | +people associate the term with cryptocurrency. Fossil has nothing to do | |
| 43 | +with cryptocurrency, so a claim that “Fossil is a blockchain” may run up | |
| 44 | +against problems due to conflation with cryptocurrency. | |
| 45 | + | |
| 46 | +Cryptocurrency has several features and requirements that Fossil doesn’t | |
| 47 | +provide, either because it doesn’t need them or because we haven’t | |
| 48 | +gotten around to creating the feature. Whether these are essential to | |
| 49 | +the definition of “blockchain” and thus make Fossil “not a blockchain” | |
| 50 | +is for you to decide. | |
| 51 | + | |
| 52 | +1. **Signatures.** Blocks in a cryptocurrency have to be signed by the | |
| 53 | + *prior* owner of each block in order to transfer the money to the | |
| 54 | + new holder, else the new recipient could claim to have received any | |
| 55 | + amount of money they want by editing the face value of the currency | |
| 56 | + block. The chain of signatures also lets us verify that each block | |
| 57 | + is transferred only once, solving the double-spending problem. These | |
| 58 | + are both types of forgery, but they’re distinct sorts: changing a | |
| 59 | + US $20 bill to $100 is different from simply making more $20 bills | |
| 60 | + that look sufficiently like the original. | |
| 61 | + | |
| 62 | + This chain of signatures prevents both types of forgery, and it is a | |
| 63 | + second type of link between the blocks, separate from the “hash | |
| 64 | + chain” that applies an ordering to the blocks. (This distinction of | |
| 65 | + terms comes from [_Blockchain: Simple Explanation_][bse].) | |
| 66 | + | |
| 67 | + Fossil has an off-by-default feature to call out to an external copy | |
| 68 | + of PGP or GPG to sign commit manifests before inserting them into | |
| 69 | + the repository, but it’s rarely used, and even when it is used, | |
| 70 | + Fossil doesn’t currently verify those signatures in any way. | |
| 71 | + | |
| 72 | + Even if Fossil someday gets a built-in commit signature feature, and | |
| 73 | + even if this new feature enforces a rule that rejects commits that | |
| 74 | + don’t include a verifiable signature, Fossil will still not provide | |
| 75 | + the sort of cross-block transfer signatures needed by | |
| 76 | + cryptocurrencies. Fossil commit signatures simply attest that the | |
| 77 | + new commit was created by some verifiable person while preventing | |
| 78 | + that attestation and the block it attests to from being changed. (A | |
| 79 | + failure in this feature would be analogous to the first type of | |
| 80 | + forgery above: changing the “face value” of a commit.) As long as I | |
| 81 | + retain control over my private commit signing key, no one can take | |
| 82 | + one of my commits and change its contents. | |
| 83 | + | |
| 84 | + There is no need in Fossil for cross-commit sign-overs, because | |
| 85 | + there is no useful analog to double-spending fraud in Fossil. | |
| 86 | + | |
| 87 | + The lack of commit signing in the default Fossil configuration means | |
| 88 | + forgery of commits is possible by anyone with commit capability. If | |
| 89 | + that is an essential element to your notion of “blockchain,” and you | |
| 90 | + wish to have some of the same guarantees from Fossil as you get from | |
| 91 | + other types of blockchains, then you should enable its [clearsign | |
| 92 | + feature][cs], coupled with a server-side [“after receive” hook][arh] | |
| 93 | + to reject commits if they aren’t signed. | |
| 94 | + | |
| 95 | + Fossil’s chain of hashes prevents modification of existing commits | |
| 96 | + as long as the receiving Fossil server is secure. Even if you manage | |
| 97 | + to execute a [preimage attack][prei] on the hash algorthm — SHA3-256 | |
| 98 | + by default in the current version of Fossil — our sync protocol will | |
| 99 | + prevent the modification from being accepted into the repository. To | |
| 100 | + modify an existing commit, an attacker would have to attack the | |
| 101 | + remote host itself somehow, not its repository data structures. | |
| 102 | + Strong signatures are only needed to prevent *new* commits from | |
| 103 | + being forged at the tips of the DAG, and to avoid the need to trust | |
| 104 | + the remote Fossil server quite so heavily. | |
| 105 | + | |
| 106 | + If you’re wondering why Fossil currently lacks built-in commit | |
| 107 | + signing and verification, and why its current commit signing feature | |
| 108 | + is not enabled by default, it is because Fossil is not itself a | |
| 109 | + [PKI], and there is no way for regular users of Fossil to link it to | |
| 110 | + a PKI, since doing so would likely result in an unwanted [PII] | |
| 111 | + disclosure. There is no email address in a Fossil commit manifest | |
| 112 | + that you could use to query one of the public PGP keyservers, for | |
| 113 | + example. It therefore becomes a local policy matter as to whether | |
| 114 | + you even *want* to have signatures, because they’re not without | |
| 115 | + their downsides. | |
| 116 | + | |
| 117 | +2. **Longest-Chain Rule.** Cryptocurrencies generally need some way to | |
| 118 | + distinguish which blocks are legitimate and which not. | |
| 119 | + | |
| 120 | + There is the proof-of-work aspect of this, which has no useful | |
| 121 | + application to Fossil, so we can ignore that. | |
| 122 | + | |
| 123 | + The other aspect of this does have applicability to Fossil is the | |
| 124 | + notion (as in Bitcoin) that the linear chain with the greatest | |
| 125 | + cumulative work-time is the legitimate chain. Everything else is | |
| 126 | + considered an “orphan” block and is ignored by the software. The | |
| 127 | + closest we can come to that notion in Fossil is the default “trunk” | |
| 128 | + branch, but there’s nothing in Fossil that delegitimizes other | |
| 129 | + branches just because they’re shorter, nor is there any way in | |
| 130 | + Fossil to score the amount of work that went into a commit. Indeed, | |
| 131 | + [forks and branches][fb] are *valuable and desirable* things in | |
| 132 | + Fossil. | |
| 133 | + | |
| 134 | +3. **Work Contests.** Cryptocurrencies prevent forgery by setting up | |
| 135 | + some sort of contest that ensures that new coins can come into | |
| 136 | + existence only by doing some difficult work task. This “mining” | |
| 137 | + activity results in a coin that took considerable work to create, | |
| 138 | + which thus has economic value by being a) difficult to re-create, | |
| 139 | + and b) resistant to [debasement][dboc]. | |
| 140 | + | |
| 141 | + Fossil repositories are most often used to store the work product of | |
| 142 | + individuals, rather than cryptocoin mining machines. There is | |
| 143 | + generally no contest in trying to produce the most commits. | |
| 144 | + Incentives to commit to the repository come from outside of Fossil; | |
| 145 | + they are not inherent to its nature, as with cryptocurrencies. | |
| 146 | + Moreover, there is no useful sense in which we could say that one | |
| 147 | + commit “re-creates” another. Commits are generally products of | |
| 148 | + individual human intellect, thus necessarily unique in all but | |
| 149 | + trivial cases. Thus the entire basis of copyright law. | |
| 150 | + | |
| 151 | +This much is certain: Fossil is definitely not a cryptocurrency. | |
| 152 | + | |
| 153 | +[arh]: https://fossil-scm.org/fossil/doc/trunk/www/hooks.md | |
| 154 | +[bse]: https://www.researchgate.net/publication/311572122_What_is_Blockchain_a_Gentle_Introduction | |
| 155 | +[cs]: https://fossil-scm.org/home/help?cmd=clearsign | |
| 156 | +[dboc]: https://en.wikipedia.org/wiki/Debasement | |
| 157 | +[fb]: https://fossil-scm.org/home/doc/trunk/www/branching.wiki | |
| 158 | +[PII]: https://en.wikipedia.org/wiki/Personal_data | |
| 159 | +[PKI]: https://en.wikipedia.org/wiki/Public_key_infrastructure | |
| 160 | +[prei]: https://en.wikipedia.org/wiki/Preimage_attack | |
| 161 | + | |
| 82 | 162 | |
| 83 | 163 | |
| 84 | 164 | ## Distributed Ledgers |
| 85 | 165 | |
| 86 | -Cryptocurrencies are a type of [distributed ledger technology][dlt]. Is | |
| 87 | -Fossil a distributed ledger? | |
| 166 | +Cryptocurrencies are a type of [distributed ledger technology][dlt]. If | |
| 167 | +we can convince ourselves that Fossil is also a type of distributed | |
| 168 | +ledger, then we might think of Fossil as a peer technology, thus also a | |
| 169 | +type of blockchain. | |
| 88 | 170 | |
| 89 | 171 | A key tenet of DLT is that records be unmodifiable after they’re |
| 90 | 172 | committed to the ledger, which matches quite well with Fossil’s design |
| 91 | -and everyday use cases. | |
| 173 | +and everyday use cases. Fossil puts up multiple barriers to prevent | |
| 174 | +modification of existing records and injection of incorrect records. | |
| 92 | 175 | |
| 93 | 176 | Yet, Fossil also has [purge] and [shunning][shun]. Doesn’t that mean |
| 94 | 177 | Fossil cannot be a distributed ledger? |
| 95 | 178 | |
| 96 | -What if you removed those features from Fossil, creating an append-only | |
| 179 | +These features remove commits from the repository. If you want a | |
| 180 | +currency analogy, they are ways to burn a paper bill or to melt a [fiat | |
| 181 | +coin][fc] down to slag. In a cryptocurrency, you can erase your “wallet” | |
| 182 | +file, effectively destroying money in a similar way. You can’t use these | |
| 183 | +features of Fossil to forge new commits or forge a modification to an | |
| 184 | +existing commit. | |
| 185 | + | |
| 186 | +What if we removed those features from Fossil, creating an append-only | |
| 97 | 187 | variant? Is it a DLT then? Arguably still not, because [today’s Fossil |
| 98 | 188 | is an AP-mode system][fapm] in the [CAP theorem][cap] sense, which means |
| 99 | 189 | there can be no guaranteed consensus on the content of the ledger at any |
| 100 | 190 | given time. If you had an AP-mode accounts receivable system, it could |
| 101 | 191 | have different bottom-line totals at different sites, because you’ve |
| @@ -102,18 +192,21 @@ | ||
| 102 | 192 | cast away “C” to get AP-mode operation. |
| 103 | 193 | |
| 104 | 194 | What are the prospects for CA-mode or CP-mode Fossil? [We don’t want |
| 105 | 195 | CA-mode Fossil, but CP-mode could be useful.][fapm] Until the latter |
| 106 | 196 | exists, this author believes Fossil is not a distributed ledger in a |
| 107 | -technologically defensible sense. If you restrict your definition’s | |
| 108 | -scope to cover only the most common uses of “blockchain,” which are all | |
| 109 | -DLTs, that means Fossil is not a blockchain. | |
| 197 | +technologically defensible sense. | |
| 198 | + | |
| 199 | +The most common technologies answering to the label “blockchain” are all | |
| 200 | +DLTs, so if Fossil is not a DLT, then it is not a blockchain in that | |
| 201 | +sense. | |
| 110 | 202 | |
| 111 | 203 | [fapm]: ./cap-theorem.md |
| 112 | 204 | [cap]: https://en.wikipedia.org/wiki/CAP_theorem |
| 113 | 205 | [dlt]: https://en.wikipedia.org/wiki/Distributed_ledger |
| 114 | 206 | [DVCS]: https://en.wikipedia.org/wiki/Distributed_version_control |
| 207 | +[fc]: https://en.wikipedia.org/wiki/Fiat_money | |
| 115 | 208 | [purge]: /help?cmd=purge |
| 116 | 209 | [shun]: ./shunning.wiki |
| 117 | 210 | |
| 118 | 211 | |
| 119 | 212 | ## Distributed Partial Consensus |
| @@ -133,11 +226,14 @@ | ||
| 133 | 226 | DAG. This is what the enabled-by-default [`repo-cksum` setting][rcks] |
| 134 | 227 | does. |
| 135 | 228 | |
| 136 | 229 | If cryptocurrencies worked this way, you wouldn’t be able to prove that |
| 137 | 230 | a given cryptocoin was legitimate without repeating the proof-of-work |
| 138 | -calculations for the entire cryptocurrency scheme! | |
| 231 | +calculations for the entire cryptocurrency scheme! Instead, you only | |
| 232 | +need to check a certain number of signatures and proofs-of-work in order | |
| 233 | +to be reasonably certain that you are looking at a legitimate section of | |
| 234 | +the whole blockchain. | |
| 139 | 235 | |
| 140 | 236 | What would it even mean to prove that a given Fossil commit “*belongs*” |
| 141 | 237 | to the repository you’ve extracted it from? For a software project, |
| 142 | 238 | isn’t that tantamount to automatic code review, where the server would |
| 143 | 239 | be able to reliably accept or reject a commit based solely on its |
| @@ -162,21 +258,11 @@ | ||
| 162 | 258 | “blockchain” would be as simple as going down the list of servers and |
| 163 | 259 | sending it an HTTP GET `/info` query for the artifact ID, returning |
| 164 | 260 | “Yes” once you get enough HTTP 200 status codes back. All of this is |
| 165 | 261 | hypothetical, because Fossil doesn’t do this today. |
| 166 | 262 | |
| 167 | -Even with all of the above solved, you’d still have another problem: | |
| 168 | -Fossil currently has no way to do partial cloning of a repository. The | |
| 169 | -only way to remotely extract individual “blocks” — commits — from a | |
| 170 | -remote repository is to make `/artifact`, `/info`, or `/raw` queries to | |
| 171 | -its HTTP interface. For Fossil to be a true blockchain, we’d want a way | |
| 172 | -to send around as little as one commit which could be individually | |
| 173 | -verified as being “part of the blockchain” using only intra-block | |
| 174 | -consistency checks. | |
| 175 | - | |
| 176 | 263 | [AGI]: https://en.wikipedia.org/wiki/Artificial_general_intelligence |
| 177 | -[PKI]: https://en.wikipedia.org/wiki/Public_key_infrastructure | |
| 178 | 264 | [rcks]: https://fossil-scm.org/home/help?cmd=repo-cksum |
| 179 | 265 | |
| 180 | 266 | |
| 181 | 267 | # Conclusion |
| 182 | 268 | |
| @@ -187,14 +273,18 @@ | ||
| 187 | 273 | Within a certain narrow scope, you can defend this usage, but if you do |
| 188 | 274 | that, you’ve failed any goal that requires clear communication: it |
| 189 | 275 | doesn’t work to use a term in a nonstandard way just because you can |
| 190 | 276 | defend it. The people you’re communicating your ideas to must have the |
| 191 | 277 | same concept of the terms you use. |
| 278 | + | |
| 192 | 279 | |
| 193 | 280 | What term should you use instead? A blockchain is a type of [Merkle |
| 194 | -tree][mt], also called a hash tree, and Fossil is certainly that. | |
| 281 | +tree][mt], named after [its inventor][drrm]. You could also call it by | |
| 282 | +the more generic term “hash tree.” That Fossil certainly is. | |
| 195 | 283 | |
| 196 | -Fossil and “blockchain” are technological peers. They are related | |
| 197 | -technologies, but neither is a subset or instance of the other in any | |
| 198 | -useful sense. | |
| 284 | +Fossil is a technological peer to many common types of blockchain | |
| 285 | +technology. There is a lot of overlap in concepts and implementation | |
| 286 | +details, but when speaking of what most people understand as | |
| 287 | +“blockchain,” Fossil is not that. | |
| 199 | 288 | |
| 200 | -[mt]: https://en.wikipedia.org/wiki/Merkle_tree | |
| 289 | +[drrm]: https://en.wikipedia.org/wiki/Ralph_Merkle | |
| 290 | +[mt]: https://en.wikipedia.org/wiki/Merkle_tree | |
| 201 | 291 |
| --- www/blockchain.md | |
| +++ www/blockchain.md | |
| @@ -1,101 +1,191 @@ | |
| 1 | # Is Fossil A Blockchain? |
| 2 | |
| 3 | The Fossil version control system shares a lot of similarities with |
| 4 | blockchain based technologies, but it also differs from the more common |
| 5 | sorts of blockchains. This document will discuss the term’s |
| 6 | applicability, so you can decide whether applying the term to Fossil |
| 7 | makes sense to you. |
| 8 | |
| 9 | |
| 10 | ## The Dictionary Argument |
| 11 | |
| 12 | [Wikipedia defines "blockchain"][bcwp] in part as |
| 13 | |
| 14 | > |
| 15 | "…a growing list of records, called blocks, which are linked using |
| 16 | cryptography. Each block contains a cryptographic hash of the previous |
| 17 | block, a timestamp, and transaction data…" |
| 18 | |
| 19 | |
| 20 | By that partial definition, Fossil is indeed a blockchain. |
| 21 | The blocks are ["manifests" artifacts](./fileformat.wiki#manifest). |
| 22 | Each manifest has a SHA1 or SHA3 hash of its parent or parents, |
| 23 | a timestamp, and other transactional data. The repository grows by |
| 24 | adding new manifests onto the list. |
| 25 | |
| 26 | Nevertheless, there are many reasons to regard Fossil as *not* a |
| 27 | blockchain. |
| 28 | |
| 29 | [bcwp]: https://en.wikipedia.org/wiki/Blockchain |
| 30 | |
| 31 | |
| 32 | |
| 33 | ## Cryptocurrency |
| 34 | |
| 35 | Because blockchain technology was first popularized as Bitcoin, many |
| 36 | people associate the term with cryptocurrency. Since Fossil has nothing |
| 37 | to do with cryptocurrency, someone using the term “blockchain” to refer |
| 38 | to Fossil is likely to fail to communicate their ideas clearly. |
| 39 | |
| 40 | Cryptocurrency also has unfortunate implications in certain circles, its |
| 41 | anonymity and lack of regulation leading it to become associated with |
| 42 | bad actors. Even if we ignore all of the other criticisms in this |
| 43 | document, our unwillingness to be so associated may be enough of a |
| 44 | reason for us to avoid using it. |
| 45 | |
| 46 | |
| 47 | |
| 48 | ## Marketing Capture |
| 49 | |
| 50 | The fact that blockchain technology has become a hot marketing buzzword |
| 51 | should affect your choice of whether to use the term “blockchain” to |
| 52 | refer to Fossil. Your choice may well vary based on the audience: |
| 53 | |
| 54 | * **Executive Board:** At the quarterly all-hands meeting, the big |
| 55 | boss — who just read about blockchains in [PHB] Weekly — asks if |
| 56 | your development organization “has a blockchain.” With Fossil and a |
| 57 | suitably narrow definition of the term “blockchain” in mind, you |
| 58 | could answer “Yes,” except that you know they’re then going to go to |
| 59 | the shareholders and happily report, “Our development organization |
| 60 | has been using blockchain technology for years!” You may decide that |
| 61 | this makes you responsible for a public deception, putting the |
| 62 | organization at risk of an SEC investigation for making false |
| 63 | statements. |
| 64 | |
| 65 | Yet if you answer “No,” knowing you’ll be punished for not being on |
| 66 | top of the latest whiz-bang as the technologically gormless PHB sees |
| 67 | it, are you advancing the organization’s actual interests? If the |
| 68 | organization has no actual need for a proper blockchain tech base, |
| 69 | isn’t it better to just say “Yes” and point at Fossil so you can get |
| 70 | back to useful work? |
| 71 | |
| 72 | * **Middle Management:** Your project leader asks the same question, |
| 73 | so you point them at this document, which tells them the truth: |
| 74 | kinda yes, but mostly no. |
| 75 | |
| 76 | * **Developer Lunch:** A peer asks if you’re doing anything with |
| 77 | blockchains. Knowing the contents of this document, you decide you |
| 78 | can’t justify using that term to refer to Fossil at a deep technical |
| 79 | level, so you admit that you are not. |
| 80 | |
| 81 | [PHB]: https://en.wikipedia.org/wiki/Pointy-haired_Boss |
| 82 | |
| 83 | |
| 84 | ## Distributed Ledgers |
| 85 | |
| 86 | Cryptocurrencies are a type of [distributed ledger technology][dlt]. Is |
| 87 | Fossil a distributed ledger? |
| 88 | |
| 89 | A key tenet of DLT is that records be unmodifiable after they’re |
| 90 | committed to the ledger, which matches quite well with Fossil’s design |
| 91 | and everyday use cases. |
| 92 | |
| 93 | Yet, Fossil also has [purge] and [shunning][shun]. Doesn’t that mean |
| 94 | Fossil cannot be a distributed ledger? |
| 95 | |
| 96 | What if you removed those features from Fossil, creating an append-only |
| 97 | variant? Is it a DLT then? Arguably still not, because [today’s Fossil |
| 98 | is an AP-mode system][fapm] in the [CAP theorem][cap] sense, which means |
| 99 | there can be no guaranteed consensus on the content of the ledger at any |
| 100 | given time. If you had an AP-mode accounts receivable system, it could |
| 101 | have different bottom-line totals at different sites, because you’ve |
| @@ -102,18 +192,21 @@ | |
| 102 | cast away “C” to get AP-mode operation. |
| 103 | |
| 104 | What are the prospects for CA-mode or CP-mode Fossil? [We don’t want |
| 105 | CA-mode Fossil, but CP-mode could be useful.][fapm] Until the latter |
| 106 | exists, this author believes Fossil is not a distributed ledger in a |
| 107 | technologically defensible sense. If you restrict your definition’s |
| 108 | scope to cover only the most common uses of “blockchain,” which are all |
| 109 | DLTs, that means Fossil is not a blockchain. |
| 110 | |
| 111 | [fapm]: ./cap-theorem.md |
| 112 | [cap]: https://en.wikipedia.org/wiki/CAP_theorem |
| 113 | [dlt]: https://en.wikipedia.org/wiki/Distributed_ledger |
| 114 | [DVCS]: https://en.wikipedia.org/wiki/Distributed_version_control |
| 115 | [purge]: /help?cmd=purge |
| 116 | [shun]: ./shunning.wiki |
| 117 | |
| 118 | |
| 119 | ## Distributed Partial Consensus |
| @@ -133,11 +226,14 @@ | |
| 133 | DAG. This is what the enabled-by-default [`repo-cksum` setting][rcks] |
| 134 | does. |
| 135 | |
| 136 | If cryptocurrencies worked this way, you wouldn’t be able to prove that |
| 137 | a given cryptocoin was legitimate without repeating the proof-of-work |
| 138 | calculations for the entire cryptocurrency scheme! |
| 139 | |
| 140 | What would it even mean to prove that a given Fossil commit “*belongs*” |
| 141 | to the repository you’ve extracted it from? For a software project, |
| 142 | isn’t that tantamount to automatic code review, where the server would |
| 143 | be able to reliably accept or reject a commit based solely on its |
| @@ -162,21 +258,11 @@ | |
| 162 | “blockchain” would be as simple as going down the list of servers and |
| 163 | sending it an HTTP GET `/info` query for the artifact ID, returning |
| 164 | “Yes” once you get enough HTTP 200 status codes back. All of this is |
| 165 | hypothetical, because Fossil doesn’t do this today. |
| 166 | |
| 167 | Even with all of the above solved, you’d still have another problem: |
| 168 | Fossil currently has no way to do partial cloning of a repository. The |
| 169 | only way to remotely extract individual “blocks” — commits — from a |
| 170 | remote repository is to make `/artifact`, `/info`, or `/raw` queries to |
| 171 | its HTTP interface. For Fossil to be a true blockchain, we’d want a way |
| 172 | to send around as little as one commit which could be individually |
| 173 | verified as being “part of the blockchain” using only intra-block |
| 174 | consistency checks. |
| 175 | |
| 176 | [AGI]: https://en.wikipedia.org/wiki/Artificial_general_intelligence |
| 177 | [PKI]: https://en.wikipedia.org/wiki/Public_key_infrastructure |
| 178 | [rcks]: https://fossil-scm.org/home/help?cmd=repo-cksum |
| 179 | |
| 180 | |
| 181 | # Conclusion |
| 182 | |
| @@ -187,14 +273,18 @@ | |
| 187 | Within a certain narrow scope, you can defend this usage, but if you do |
| 188 | that, you’ve failed any goal that requires clear communication: it |
| 189 | doesn’t work to use a term in a nonstandard way just because you can |
| 190 | defend it. The people you’re communicating your ideas to must have the |
| 191 | same concept of the terms you use. |
| 192 | |
| 193 | What term should you use instead? A blockchain is a type of [Merkle |
| 194 | tree][mt], also called a hash tree, and Fossil is certainly that. |
| 195 | |
| 196 | Fossil and “blockchain” are technological peers. They are related |
| 197 | technologies, but neither is a subset or instance of the other in any |
| 198 | useful sense. |
| 199 | |
| 200 | [mt]: https://en.wikipedia.org/wiki/Merkle_tree |
| 201 |
| --- www/blockchain.md | |
| +++ www/blockchain.md | |
| @@ -1,101 +1,191 @@ | |
| 1 | # Is Fossil A Blockchain? |
| 2 | |
| 3 | The Fossil version control system shares a lot of similarities with |
| 4 | other blockchain based technologies, but it also differs from the more common |
| 5 | sorts of blockchains. This document will discuss the term’s |
| 6 | applicability, so you can decide whether applying the term to Fossil |
| 7 | makes sense to you. |
| 8 | |
| 9 | |
| 10 | ## The Dictionary Argument |
| 11 | |
| 12 | The [Wikipedia definition of "blockchain"][bcwp] begins: |
| 13 | |
| 14 | > |
| 15 | "A blockchain…is a growing list of records, called blocks, which are linked using |
| 16 | cryptography. Each block contains a cryptographic hash of the previous |
| 17 | block, a timestamp, and transaction data (generally represented as a Merkle tree)." |
| 18 | |
| 19 | |
| 20 | By that partial definition, Fossil is indeed a blockchain. The blocks |
| 21 | are Fossil’s ["manifest" artifacts](./fileformat.wiki#manifest). Each |
| 22 | manifest has a cryptographically-strong [SHA-1] or [SHA-3] hash linking it to |
| 23 | one or more “parent” blocks. The manifest also contains a timestamp and |
| 24 | the transactional data needed to express a commit to the repository. If |
| 25 | you traverse the Fossil repository from the tips of its [DAG] to the |
| 26 | root by following the parent hashes in each manifest, you will then have |
| 27 | a Merkle tree. Point-for-point, Fossil follows that definition. |
| 28 | |
| 29 | Every change in Fossil starts by adding one or more manifests to |
| 30 | the repository. |
| 31 | |
| 32 | [bcwp]: https://en.wikipedia.org/wiki/Blockchain |
| 33 | [DAG]: https://en.wikipedia.org/wiki/Directed_acyclic_graph |
| 34 | [SHA-1]: https://en.wikipedia.org/wiki/SHA-1 |
| 35 | [SHA-3]: https://en.wikipedia.org/wiki/SHA-3 |
| 36 | |
| 37 | |
| 38 | |
| 39 | ## Cryptocurrency |
| 40 | |
| 41 | Because blockchain technology was first popularized as Bitcoin, many |
| 42 | people associate the term with cryptocurrency. Fossil has nothing to do |
| 43 | with cryptocurrency, so a claim that “Fossil is a blockchain” may run up |
| 44 | against problems due to conflation with cryptocurrency. |
| 45 | |
| 46 | Cryptocurrency has several features and requirements that Fossil doesn’t |
| 47 | provide, either because it doesn’t need them or because we haven’t |
| 48 | gotten around to creating the feature. Whether these are essential to |
| 49 | the definition of “blockchain” and thus make Fossil “not a blockchain” |
| 50 | is for you to decide. |
| 51 | |
| 52 | 1. **Signatures.** Blocks in a cryptocurrency have to be signed by the |
| 53 | *prior* owner of each block in order to transfer the money to the |
| 54 | new holder, else the new recipient could claim to have received any |
| 55 | amount of money they want by editing the face value of the currency |
| 56 | block. The chain of signatures also lets us verify that each block |
| 57 | is transferred only once, solving the double-spending problem. These |
| 58 | are both types of forgery, but they’re distinct sorts: changing a |
| 59 | US $20 bill to $100 is different from simply making more $20 bills |
| 60 | that look sufficiently like the original. |
| 61 | |
| 62 | This chain of signatures prevents both types of forgery, and it is a |
| 63 | second type of link between the blocks, separate from the “hash |
| 64 | chain” that applies an ordering to the blocks. (This distinction of |
| 65 | terms comes from [_Blockchain: Simple Explanation_][bse].) |
| 66 | |
| 67 | Fossil has an off-by-default feature to call out to an external copy |
| 68 | of PGP or GPG to sign commit manifests before inserting them into |
| 69 | the repository, but it’s rarely used, and even when it is used, |
| 70 | Fossil doesn’t currently verify those signatures in any way. |
| 71 | |
| 72 | Even if Fossil someday gets a built-in commit signature feature, and |
| 73 | even if this new feature enforces a rule that rejects commits that |
| 74 | don’t include a verifiable signature, Fossil will still not provide |
| 75 | the sort of cross-block transfer signatures needed by |
| 76 | cryptocurrencies. Fossil commit signatures simply attest that the |
| 77 | new commit was created by some verifiable person while preventing |
| 78 | that attestation and the block it attests to from being changed. (A |
| 79 | failure in this feature would be analogous to the first type of |
| 80 | forgery above: changing the “face value” of a commit.) As long as I |
| 81 | retain control over my private commit signing key, no one can take |
| 82 | one of my commits and change its contents. |
| 83 | |
| 84 | There is no need in Fossil for cross-commit sign-overs, because |
| 85 | there is no useful analog to double-spending fraud in Fossil. |
| 86 | |
| 87 | The lack of commit signing in the default Fossil configuration means |
| 88 | forgery of commits is possible by anyone with commit capability. If |
| 89 | that is an essential element to your notion of “blockchain,” and you |
| 90 | wish to have some of the same guarantees from Fossil as you get from |
| 91 | other types of blockchains, then you should enable its [clearsign |
| 92 | feature][cs], coupled with a server-side [“after receive” hook][arh] |
| 93 | to reject commits if they aren’t signed. |
| 94 | |
| 95 | Fossil’s chain of hashes prevents modification of existing commits |
| 96 | as long as the receiving Fossil server is secure. Even if you manage |
| 97 | to execute a [preimage attack][prei] on the hash algorthm — SHA3-256 |
| 98 | by default in the current version of Fossil — our sync protocol will |
| 99 | prevent the modification from being accepted into the repository. To |
| 100 | modify an existing commit, an attacker would have to attack the |
| 101 | remote host itself somehow, not its repository data structures. |
| 102 | Strong signatures are only needed to prevent *new* commits from |
| 103 | being forged at the tips of the DAG, and to avoid the need to trust |
| 104 | the remote Fossil server quite so heavily. |
| 105 | |
| 106 | If you’re wondering why Fossil currently lacks built-in commit |
| 107 | signing and verification, and why its current commit signing feature |
| 108 | is not enabled by default, it is because Fossil is not itself a |
| 109 | [PKI], and there is no way for regular users of Fossil to link it to |
| 110 | a PKI, since doing so would likely result in an unwanted [PII] |
| 111 | disclosure. There is no email address in a Fossil commit manifest |
| 112 | that you could use to query one of the public PGP keyservers, for |
| 113 | example. It therefore becomes a local policy matter as to whether |
| 114 | you even *want* to have signatures, because they’re not without |
| 115 | their downsides. |
| 116 | |
| 117 | 2. **Longest-Chain Rule.** Cryptocurrencies generally need some way to |
| 118 | distinguish which blocks are legitimate and which not. |
| 119 | |
| 120 | There is the proof-of-work aspect of this, which has no useful |
| 121 | application to Fossil, so we can ignore that. |
| 122 | |
| 123 | The other aspect of this does have applicability to Fossil is the |
| 124 | notion (as in Bitcoin) that the linear chain with the greatest |
| 125 | cumulative work-time is the legitimate chain. Everything else is |
| 126 | considered an “orphan” block and is ignored by the software. The |
| 127 | closest we can come to that notion in Fossil is the default “trunk” |
| 128 | branch, but there’s nothing in Fossil that delegitimizes other |
| 129 | branches just because they’re shorter, nor is there any way in |
| 130 | Fossil to score the amount of work that went into a commit. Indeed, |
| 131 | [forks and branches][fb] are *valuable and desirable* things in |
| 132 | Fossil. |
| 133 | |
| 134 | 3. **Work Contests.** Cryptocurrencies prevent forgery by setting up |
| 135 | some sort of contest that ensures that new coins can come into |
| 136 | existence only by doing some difficult work task. This “mining” |
| 137 | activity results in a coin that took considerable work to create, |
| 138 | which thus has economic value by being a) difficult to re-create, |
| 139 | and b) resistant to [debasement][dboc]. |
| 140 | |
| 141 | Fossil repositories are most often used to store the work product of |
| 142 | individuals, rather than cryptocoin mining machines. There is |
| 143 | generally no contest in trying to produce the most commits. |
| 144 | Incentives to commit to the repository come from outside of Fossil; |
| 145 | they are not inherent to its nature, as with cryptocurrencies. |
| 146 | Moreover, there is no useful sense in which we could say that one |
| 147 | commit “re-creates” another. Commits are generally products of |
| 148 | individual human intellect, thus necessarily unique in all but |
| 149 | trivial cases. Thus the entire basis of copyright law. |
| 150 | |
| 151 | This much is certain: Fossil is definitely not a cryptocurrency. |
| 152 | |
| 153 | [arh]: https://fossil-scm.org/fossil/doc/trunk/www/hooks.md |
| 154 | [bse]: https://www.researchgate.net/publication/311572122_What_is_Blockchain_a_Gentle_Introduction |
| 155 | [cs]: https://fossil-scm.org/home/help?cmd=clearsign |
| 156 | [dboc]: https://en.wikipedia.org/wiki/Debasement |
| 157 | [fb]: https://fossil-scm.org/home/doc/trunk/www/branching.wiki |
| 158 | [PII]: https://en.wikipedia.org/wiki/Personal_data |
| 159 | [PKI]: https://en.wikipedia.org/wiki/Public_key_infrastructure |
| 160 | [prei]: https://en.wikipedia.org/wiki/Preimage_attack |
| 161 | |
| 162 | |
| 163 | |
| 164 | ## Distributed Ledgers |
| 165 | |
| 166 | Cryptocurrencies are a type of [distributed ledger technology][dlt]. If |
| 167 | we can convince ourselves that Fossil is also a type of distributed |
| 168 | ledger, then we might think of Fossil as a peer technology, thus also a |
| 169 | type of blockchain. |
| 170 | |
| 171 | A key tenet of DLT is that records be unmodifiable after they’re |
| 172 | committed to the ledger, which matches quite well with Fossil’s design |
| 173 | and everyday use cases. Fossil puts up multiple barriers to prevent |
| 174 | modification of existing records and injection of incorrect records. |
| 175 | |
| 176 | Yet, Fossil also has [purge] and [shunning][shun]. Doesn’t that mean |
| 177 | Fossil cannot be a distributed ledger? |
| 178 | |
| 179 | These features remove commits from the repository. If you want a |
| 180 | currency analogy, they are ways to burn a paper bill or to melt a [fiat |
| 181 | coin][fc] down to slag. In a cryptocurrency, you can erase your “wallet” |
| 182 | file, effectively destroying money in a similar way. You can’t use these |
| 183 | features of Fossil to forge new commits or forge a modification to an |
| 184 | existing commit. |
| 185 | |
| 186 | What if we removed those features from Fossil, creating an append-only |
| 187 | variant? Is it a DLT then? Arguably still not, because [today’s Fossil |
| 188 | is an AP-mode system][fapm] in the [CAP theorem][cap] sense, which means |
| 189 | there can be no guaranteed consensus on the content of the ledger at any |
| 190 | given time. If you had an AP-mode accounts receivable system, it could |
| 191 | have different bottom-line totals at different sites, because you’ve |
| @@ -102,18 +192,21 @@ | |
| 192 | cast away “C” to get AP-mode operation. |
| 193 | |
| 194 | What are the prospects for CA-mode or CP-mode Fossil? [We don’t want |
| 195 | CA-mode Fossil, but CP-mode could be useful.][fapm] Until the latter |
| 196 | exists, this author believes Fossil is not a distributed ledger in a |
| 197 | technologically defensible sense. |
| 198 | |
| 199 | The most common technologies answering to the label “blockchain” are all |
| 200 | DLTs, so if Fossil is not a DLT, then it is not a blockchain in that |
| 201 | sense. |
| 202 | |
| 203 | [fapm]: ./cap-theorem.md |
| 204 | [cap]: https://en.wikipedia.org/wiki/CAP_theorem |
| 205 | [dlt]: https://en.wikipedia.org/wiki/Distributed_ledger |
| 206 | [DVCS]: https://en.wikipedia.org/wiki/Distributed_version_control |
| 207 | [fc]: https://en.wikipedia.org/wiki/Fiat_money |
| 208 | [purge]: /help?cmd=purge |
| 209 | [shun]: ./shunning.wiki |
| 210 | |
| 211 | |
| 212 | ## Distributed Partial Consensus |
| @@ -133,11 +226,14 @@ | |
| 226 | DAG. This is what the enabled-by-default [`repo-cksum` setting][rcks] |
| 227 | does. |
| 228 | |
| 229 | If cryptocurrencies worked this way, you wouldn’t be able to prove that |
| 230 | a given cryptocoin was legitimate without repeating the proof-of-work |
| 231 | calculations for the entire cryptocurrency scheme! Instead, you only |
| 232 | need to check a certain number of signatures and proofs-of-work in order |
| 233 | to be reasonably certain that you are looking at a legitimate section of |
| 234 | the whole blockchain. |
| 235 | |
| 236 | What would it even mean to prove that a given Fossil commit “*belongs*” |
| 237 | to the repository you’ve extracted it from? For a software project, |
| 238 | isn’t that tantamount to automatic code review, where the server would |
| 239 | be able to reliably accept or reject a commit based solely on its |
| @@ -162,21 +258,11 @@ | |
| 258 | “blockchain” would be as simple as going down the list of servers and |
| 259 | sending it an HTTP GET `/info` query for the artifact ID, returning |
| 260 | “Yes” once you get enough HTTP 200 status codes back. All of this is |
| 261 | hypothetical, because Fossil doesn’t do this today. |
| 262 | |
| 263 | [AGI]: https://en.wikipedia.org/wiki/Artificial_general_intelligence |
| 264 | [rcks]: https://fossil-scm.org/home/help?cmd=repo-cksum |
| 265 | |
| 266 | |
| 267 | # Conclusion |
| 268 | |
| @@ -187,14 +273,18 @@ | |
| 273 | Within a certain narrow scope, you can defend this usage, but if you do |
| 274 | that, you’ve failed any goal that requires clear communication: it |
| 275 | doesn’t work to use a term in a nonstandard way just because you can |
| 276 | defend it. The people you’re communicating your ideas to must have the |
| 277 | same concept of the terms you use. |
| 278 | |
| 279 | |
| 280 | What term should you use instead? A blockchain is a type of [Merkle |
| 281 | tree][mt], named after [its inventor][drrm]. You could also call it by |
| 282 | the more generic term “hash tree.” That Fossil certainly is. |
| 283 | |
| 284 | Fossil is a technological peer to many common types of blockchain |
| 285 | technology. There is a lot of overlap in concepts and implementation |
| 286 | details, but when speaking of what most people understand as |
| 287 | “blockchain,” Fossil is not that. |
| 288 | |
| 289 | [drrm]: https://en.wikipedia.org/wiki/Ralph_Merkle |
| 290 | [mt]: https://en.wikipedia.org/wiki/Merkle_tree |
| 291 |