On Wed, May 13, 2015 at 1:26 PM, Alex Mizrahi <alex.mizrahi@gmail.com> wrote:

He tries to investigate, and after some time discovers that his router (or his ISP's router) was hijacked. His Bitcoin node couldn't connect to any of the legitimate nodes, and thus got a complete fake chain from the attacker.
Bitcoins he received were totally fake.

Bitcoin Core did a shitty job and confirmed some fake transactions.

I don't really see how you can protect against total isolation of a node (POS or POW). You would need to find an alternative route for the information.

Even encrypted connections are pointless without authentication of who you are communicating with.

Again, it is part of the security model that you can connect to at least one honest node.

Someone tweated all the bitcoin headers at one point. The problem is that if everyone uses the same check, then that source can be compromised.

> WIthout checkpoints an attacker could prepare a fork for $10.

> With checkpoints, it would cost him at least $1000, but more likely upwards of $100000.

> That's quite a difference, no?

Headers first mean that you can't knock a synced node off the main chain without winning the POW race.

Checkpoints can be replaced with a minimum amount of POW for initial sync. This prevents spam of low POW blocks. Once a node is on a chain with at least that much POW, it considers it the main chain.,