public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Peter Todd <pete@petertodd.org>
To: Mike Hearn <mike@plan99.net>
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Discovery/addr packets (was: Service bits for pruned nodes)
Date: Mon, 6 May 2013 13:19:43 -0400	[thread overview]
Message-ID: <20130506171943.GA22505@petertodd.org> (raw)
In-Reply-To: <CANEZrP2WqXZVRJp6ag=RC4mSkt+a6qTYYpvE=DW_0Rdr=_BBHA@mail.gmail.com>

[-- Attachment #1: Type: text/plain, Size: 2779 bytes --]

On Mon, May 06, 2013 at 06:47:22PM +0200, Mike Hearn wrote:
> Iteration 1) Make it clear in the UI that if the phone is connected to
> WiFi, payments from untrusted people should not be accepted. Currently
> the Android app merely says the money won't be spendable for a few
> minutes. It needs to communicate the "may not exist" aspect more
> clearly. If you're connected via a cell tower, the existing wording is
> fine - it's very unlikely your telco is trying to scam you in a
> person-to-person transaction, traffic is encrypted and 3G+ connections
> authenticate the network so you can't be MITMd except by your telco.
> Assuming you have a good list of IPs, of course.

You mean scam you with a zero-conf transaction that hasn't actually been
broadcast?

You know how I feel about zero-conf.

> Iteration 2) Give nodes keys that appear in addr broadcasts and seed
> data (whether it be via https or otherwise), and have each node keep a
> running hash of all messages sent on a connection so far. Add a new
> protocol message that asks the node to sign the current accumulated
> hash. Not all messages really need to be signed, eg asking for
> signatures of blocks is sort of pointless at high difficulty levels
> because the structures are self proving and a simple watchdog timer
> that looks for unusually slow progress is probably enough. If the
> client keeps the same accumulated hash then when you encounter
> something you care about the accuracy of, you can ask for a signature
> over all traffic so far.

We already depend on OpenSSL, why not just use standard SSL?

Define a per-node compressed pubkey to pass around, and then do whatever
is easiest to get the actual SSL up and running. If we have to use that
pubkey to in-turn sign for a secondary RSA key or whatever due to
compatibility, no big deal.

Define a new service bit SSL and if you connect to a SSL supporting node
switch to SSL within the same TCP connection.

> Iteration 3) Do something about end to end encryption, just delegate
> everything to Tor, or find some other way to obfuscate the origin of a
> transaction (a mini onion network for example).

Obfusication probably isn't the hard part, it's SPV bloom filter privacy
that is the tough one, but probably a problem better handled by Tor.

> Last time I looked, Tor wasn't really usable in library form and
> connecting to hidden services is really slow. So it'd be an issue to
> just re-use it out of the box, I think.

For phone stuff you should work with The Guardian Project - they've
implemented Tor on Android among other things and want to find easier
ways for apps to use it.

-- 
'peter'[:-1]@petertodd.org
000000000000014671272e3a4dd966bb56d4a9a27751b5cd4dc75dc931660cb5

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 198 bytes --]

  reply	other threads:[~2013-05-06 17:20 UTC|newest]

Thread overview: 28+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-05-06 14:58 [Bitcoin-development] Discovery/addr packets (was: Service bits for pruned nodes) Mike Hearn
2013-05-06 16:12 ` Peter Todd
2013-05-06 16:20   ` Jeff Garzik
2013-05-06 16:34     ` Mike Hearn
2013-05-06 16:37     ` Peter Todd
2013-05-06 16:47       ` Mike Hearn
2013-05-06 17:19         ` Peter Todd [this message]
2013-05-06 17:25           ` Jeff Garzik
2013-05-06 17:42           ` Gregory Maxwell
2013-05-06 17:53             ` Peter Todd
2013-05-06 18:01               ` Gregory Maxwell
2013-05-06 18:19                 ` Peter Todd
2013-05-06 18:32                 ` Adam Back
2013-05-06 19:08                   ` Peter Todd
2013-05-06 19:50                     ` Adam Back
2013-05-06 20:43                       ` Peter Todd
2013-05-06 23:44                         ` Peter Todd
2013-05-07  9:00           ` Mike Hearn
2013-05-09  0:57             ` John Dillon
2013-05-06 18:04         ` Adam Back
2013-05-06 18:25           ` Gregory Maxwell
2013-05-06 22:51             ` [Bitcoin-development] limits of network hacking/netsplits (was: Discovery/addr packets) Adam Back
2013-05-06 23:13               ` Gregory Maxwell
2013-05-07  4:48                 ` Petr Praus
2013-05-07 21:07                   ` Matt Corallo
2013-05-07  9:17                 ` Mike Hearn
2013-05-07 11:07                   ` Adam Back
2013-05-07 12:04                     ` Mike Hearn

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20130506171943.GA22505@petertodd.org \
    --to=pete@petertodd.org \
    --cc=bitcoin-development@lists.sourceforge.net \
    --cc=mike@plan99.net \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox