[bitcoindev] Removing checkpoints in Bitcoin Core v30

public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed

From: Sjors Provoost <sjors@sprovoost•nl>
To: Bitcoin Development Mailing List <bitcoindev@googlegroups.com>
Subject: [bitcoindev] Removing checkpoints in Bitcoin Core v30
Date: Mon, 28 Apr 2025 13:34:23 +0200	[thread overview]
Message-ID: <F8E9B25A-5198-4A5E-B3D7-9DAD6B709825@sprovoost.nl> (raw)

Dear list,

I thought this was already communicated, but I can't find a thread.

A recent pull request was merged into Bitcoin Core that removes existing checkpoints and all related support code.[0] The current plan is for this change to be part of v30 which should be released this fall.

Checkpoints are no longer needed in order to protect against low proof-of-work header spam attacks, thanks to the headers pre-sync functionality included since v24. [1]

The existing checkpoints no longer provide enough security against those attacks. Adding new checkpoints is not desirable.

However, if someone is aware of another attack, please disclose it (ideally responsibly) so the change can be reverted. [2]

Since older versions of Bitcoin Core, as well as other Bitcoin implementations, still enforce the checkpoints, an extremely large reorg (attack by aliens, NSA, etc) would split the network. This may already be the case due to the way some older soft forks have been grandfathered / buried in Bitcoin Core.[3]

I think many would consider Bitcoin a total loss in such a scenario and not worth salvaging - especially if the attacker didn't airdrop you any coins in the reorg. But it could be useful for someone to write a BIP that describes what happens in such a scenario. It could recommend ways to at least regain consistency, and perhaps permanently apply some soft fork rules from genesis (e.g. activate them if the last checkpoint header is absent).

Kind regards,

Sjors Provoost

[0] https://github.com/bitcoin/bitcoin/pull/31649
[1] https://bitcoin.stackexchange.com/a/121235/4948
[2] https://github.com/bitcoin/bitcoin/blob/master/SECURITY.md
[3] https://github.com/bitcoin/bips/blob/master/bip-0090.mediawiki

-- 
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups•com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/F8E9B25A-5198-4A5E-B3D7-9DAD6B709825%40sprovoost.nl.

next             reply	other threads:[~2025-04-28 12:04 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2025-04-28 11:34 Sjors Provoost [this message]
2025-04-28 16:25 ` Sjors Provoost

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=F8E9B25A-5198-4A5E-B3D7-9DAD6B709825@sprovoost.nl \
    --to=sjors@sprovoost$(echo .)nl \
    --cc=bitcoindev@googlegroups.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox