Damus
Luke Dashjr
Recent notes
The exploit works because Core neglected to update the spam filters a few years ago, and refuses to fix the vulnerability. And no, you're wrong. Satoshi's spam filters were VERY picky about what was inside transactions. Anything that he didn't foresee being used was rejected. Core30's malicious changes have nothing whatsoever to do with Taproot. Each user decides for himself. Collectively, our nodes form consensus around what is spam and what maybe isn't.
F2Pool is actively attacking the network RIGHT NOW. All it takes is one attacker to send them a single instance of CSAM, and Bitcoin users will have to knowingly and intentionally receive, store, and distribute it until the end of time. This will permanently impact Bitcoin adoption regardless of whether governments turn a blind eye or prosecute. If miners are going to switch pools when they do bad things, NOW IS THE TIME. I don't care if you switch to Foundry or even Antpool. Obviously I would prefer you make your own blocks and use OCEAN, but this is too critical and time-sensitive to be picky. We can work on mining decentralization and spam issues over a longer period of time, but CSAM is an insta-kill we MUST avoid.
Bitcoin is not a finished product. We may be on a detour to address spam, and part of the crisis did originate with (mishandling of) the Segwit and Taproot upgrades - but to improve the world, we still need more functionality. Stopping all improvements forever ("ossifying") is fatal. Part of addressing the issues with Core needs to be ensuring we don't repeat the same mistakes: if an upgrade introduces unforeseen vulnerabilities, those need to get addressed in a timely manner. All protocol changes require support from the entire community, so we developers are going to have to earn that reputation back. There are fairly simple, low-risk softforks like CTV, or even a consensus cleanup (though I have reservations about BIP 54), that should not introduce vulnerabilities, and could be a starting point to regain confidence after Core is out of the picture. The next step up is probably native zero-knowledge support, BitVM optimisations, and similar. This is when it *might* make sense to start considering Bitcoin L1 "complete", and capable of handling further improvements and even scaling on true trustless sidechains. We have a long road to get there still, and every step will take consensus - possibly quick mitigation of unforeseen outcomes - but we shouldn't lose sight of the end goal: a decentralised currency that nobody can undermine, and hopefully one day onboard the entire global economy. It's possible to accomplish, but we will have to work for it.