From: Peter Todd <pete@petertodd•org>
To: Wendell <w@grabhive•com>
Cc: Bitcoin Dev <bitcoin-development@lists•sourceforge.net>
Subject: Re: [Bitcoin-development] Tor and Bitcoin
Date: Tue, 30 Jul 2013 16:11:41 -0400 [thread overview]
Message-ID: <20130730201141.GA3555@petertodd.org> (raw)
In-Reply-To: <D20D7E1A-4E8C-4280-A81D-7AE960497CCB@grabhive.com>
[-- Attachment #1: Type: text/plain, Size: 1368 bytes --]
On Tue, Jul 30, 2013 at 09:36:50PM +0200, Wendell wrote:
> Thank you Peter.
>
> Does this advice apply equally to both full and SPV nodes? At this point I'm merely curious, since we don't have the option to run bitcoinj over Tor right now anyway.
Yes, although remember that in general SPV nodes are significantly less
safe because they depend soley on confirmations for security; it's often
not appreciated that an attacker can target multiple SPV-using entities
at once by creating a invalid block header with any number of completely
fake payments linked to it; if you can attack n targets at once, the
cost to perform the attack is n times less per target.
Unrelated to Tor, but an interesting possibility to improve SPV security
is to ask for the history of a given txout - that is the previous
transactions that funded it. You could even do this with a
zero-knowledge proof, sampling some subset of the prior transactions to
detect fraud. Unfortunately none of the infrastructure is setup to do
this, and txid's aren't constructed in ways that make these kinds of
proofs cheap. (you really want a merkle tree over the txin and txout
sets)
Work thinking about for the future in any case - the above can be
implemented as a soft-fork.
--
'peter'[:-1]@petertodd.org
0000000000000077bb3b12c68ada1e2965411a973b07fc721834154df07aa5c9
[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 198 bytes --]
next prev parent reply other threads:[~2013-07-30 20:11 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-07-30 12:01 Bazyli Zygan
2013-07-30 12:41 ` Mike Hearn
2013-07-30 14:01 ` Jeff Garzik
2013-07-30 17:02 ` Wendell
2013-07-30 17:20 ` Bazyli Zygan
2013-07-30 18:30 ` Peter Todd
2013-07-30 19:36 ` Wendell
2013-07-30 20:11 ` Peter Todd [this message]
2013-07-30 20:12 ` Peter Todd
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20130730201141.GA3555@petertodd.org \
--to=pete@petertodd$(echo .)org \
--cc=bitcoin-development@lists$(echo .)sourceforge.net \
--cc=w@grabhive$(echo .)com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox