From: Gregory Maxwell <gmaxwell@gmail•com>
To: Mike Hearn <mike@plan99•net>
Cc: Bitcoin Dev <bitcoin-development@lists•sourceforge.net>
Subject: Re: [Bitcoin-development] Bootstrapping full nodes post-pruning
Date: Mon, 11 Jun 2012 16:43:20 -0400 [thread overview]
Message-ID: <CAAS2fgQ7sspfZ+aBDhCj7Y+Dzmv1ku7u4wO=VUFVcBSuuTzo6Q@mail.gmail.com> (raw)
In-Reply-To: <CANEZrP2TU3W08Pi7Wdw4rPYLHC=wesKtci8vopV8Hbi3eCMHcw@mail.gmail.com>
On Mon, Jun 11, 2012 at 4:36 PM, Mike Hearn <mike@plan99•net> wrote:
> Unless BDB has some weird behaviour in it, that shouldn't require any
HAHAHA. Have you consider doing comedy full time?
Actual BDB files are absolutely not deterministic. Nor is the raw
blockchain itself currently, because blocks aren't always added in the
same order (plus they get orphans in them)
But the serious inter-version compatibility problems as well as poor
space efficiency make BDB a poor candidate for read only pruned
indexes.
> Even if a more complex scheme is used whereby commitments are in the
> block chain, somebody still has to verify the binaries match the
> source. If that isn't true, the software could do anything and you'd
> never know.
The binaries distributed by bitcoin.org are all already compiled
deterministically and validated by multiple independent parties. In
the future there will be a downloader tool (e.g. for updates) which
will automatically check for N approvals before accepting an update,
even for technically unsophisticated users.
This will produce a full chain of custody which tracks the actual
binaries people fetch to specific source code which can be audited, so
substitution attacks will at least in theory always be detectable. Of
course, you're left with Ken Thompson's compiler attack but even that
can be substantially closed.
next prev parent reply other threads:[~2012-06-11 20:43 UTC|newest]
Thread overview: 5+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-06-10 23:06 Mike Hearn
2012-06-11 15:39 ` Gregory Maxwell
2012-06-11 20:36 ` Mike Hearn
2012-06-11 20:43 ` Gregory Maxwell [this message]
2012-06-11 20:48 ` Mike Hearn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to='CAAS2fgQ7sspfZ+aBDhCj7Y+Dzmv1ku7u4wO=VUFVcBSuuTzo6Q@mail.gmail.com' \
--to=gmaxwell@gmail$(echo .)com \
--cc=bitcoin-development@lists$(echo .)sourceforge.net \
--cc=mike@plan99$(echo .)net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox