On Aug 17, 2015 5:29 PM, "Peter Todd via bitcoin-dev" <
bitcoin-dev@lists.linuxfoundation.org> wrote:
From the point of view of a
> wallet, it's not very secure to use Hearn-style SPV mode, and volunteers
> running full nodes doesn't help things. Sybil attacking the IP address
> space is pretty easy in comparison to aquiring hashing power sufficient
> to create false confirmations, so any attacker able to do the former
> will likely be running the full node you're connecting too anyway.
> Ultimately, Hearn-style SPV is a close approximation to just trusting
> anyone with a non-trivial amount of hashing power. (and getting that is
> surprisingly easy, e.g. w/ SPV mining)

Can you explain how the spv node fails against an attacker with a
non-trivial amount of hash power where a full node doesn't? To attack an
spv wallet that is waiting for 6 or 10 confirmations, you would not only
need to Sybil them but also summon a massive amount of hashing power to
create a chain of headers (while forgoing the opportunity to mine valid
blocks with that hash power).

But could someone with that much hash power not Sybil a full node and give
them a chain for valid blocks (but on an orphan fork)? The failure model
doesn't seem specific to spv to me.