Re: [bitcoin-dev] Unique node identifiers

[Aymeric Vitte <vitteaymeric@gmail.com>]

As stated in this thread and as I see it the use of BIP150 is optional, 
so if some parties want to trust each others and use it, then they can, 
if they don't like it and don't want to use it, then they don't use it

Unless I misread, some statements in this thread involving the Tor 
network are wrong, the Tor network is a centralized network, each node 
(except the bridges) have a long term identity key and have to prove  
periodically to the authority servers that they are the owners of this 
key, if not the other nodes will never extend circuits to them, then 
they will be of course quite difficult to reach

Unfortunately the original proposal starting this thread seems to be 
reinventing this system that probably can only lead to something 
centralized which cannot apply for the bitcoin network (the Tor network 
is centralized because the team want to control what is happening: 
sybils, bugs, attacks, blacklist etc)

Unless some peers/nodes have decided to trust each others (BIP150) I 
don't think it's a good idea at all that bitcoin nodes have anything 
similar to long term nodeIDs (see 
https://gist.github.com/Ayms/aab6f8e08fef0792ab3448f542a826bf , already 
posted, not final, not finished, and the title does not really reflect 
what would be the proposal today, but it carefully avoids any 
possibility for a full node to have a long term ID)


Le 09/03/2017 à 02:55, Pieter Wuille via bitcoin-dev a écrit :
> On Wed, Mar 8, 2017 at 5:16 PM, Eric Voskuil <eric@voskuil.org> wrote:
>> On 03/08/2017 03:12 PM, Pieter Wuille wrote:
>>> In that way, I see BIP150 as an extension of IP addresses, except more
>>> secure against network-level attackers. If you believe the concept of
>>> people establishing links along existing trust lines is a problem, you
>>> should be arguing against features in Bitcoin software that allows
>>> configuring preferred IP addresses to connect to as well (-addnode and
>>> -connect in Bitcoin Core, for example).
>> Weak identity is insufficient to produce the problem scenario that is at
>> the heart of my concern (excluding people). It is this "[same] except
>> more secure" distinction that is the problem. You brush past that as if
>> it did not exist.
> So you're saying that a -onlyacceptconnectionsfrom=IP option wouldn't
> be a concern to you because it can't exclude people? Of course it can
> exclude people - just not your ISP or a state-level attacker.
>
> Please, Eric. I think I understand your concern, but this argument
> isn't constructive either.
>
> The proposal here is to introduce visible node identities on the
> network. I think that's misguided as node count is irrelevant and
> trivial to fake anyway. But you bringing up BIP150 here isn't useful
> either. I know that you equate the concept of having verifiable
> identity keys in the P2P with a step towards making every node
> identifiable, but they are not the same. It's just a cryptographic
> tool to keep a certain class of attackers from bypassing restrictions
> that people can already make.
>

-- 
Peersm : http://www.peersm.com
node-Tor : https://www.github.com/Ayms/node-Tor
GitHub : https://www.github.com/Ayms