public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Peter Todd <pete@petertodd.org>
To: Wendell <w@grabhive.com>
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Tor and Bitcoin
Date: Tue, 30 Jul 2013 16:11:41 -0400	[thread overview]
Message-ID: <20130730201141.GA3555@petertodd.org> (raw)
In-Reply-To: <D20D7E1A-4E8C-4280-A81D-7AE960497CCB@grabhive.com>

[-- Attachment #1: Type: text/plain, Size: 1368 bytes --]

On Tue, Jul 30, 2013 at 09:36:50PM +0200, Wendell wrote:
> Thank you Peter.
> 
> Does this advice apply equally to both full and SPV nodes? At this point I'm merely curious, since we don't have the option to run bitcoinj over Tor right now anyway.

Yes, although remember that in general SPV nodes are significantly less
safe because they depend soley on confirmations for security; it's often
not appreciated that an attacker can target multiple SPV-using entities
at once by creating a invalid block header with any number of completely
fake payments linked to it; if you can attack n targets at once, the
cost to perform the attack is n times less per target. 

Unrelated to Tor, but an interesting possibility to improve SPV security
is to ask for the history of a given txout - that is the previous
transactions that funded it. You could even do this with a
zero-knowledge proof, sampling some subset of the prior transactions to
detect fraud. Unfortunately none of the infrastructure is setup to do
this, and txid's aren't constructed in ways that make these kinds of
proofs cheap. (you really want a merkle tree over the txin and txout
sets)

Work thinking about for the future in any case - the above can be
implemented as a soft-fork.

-- 
'peter'[:-1]@petertodd.org
0000000000000077bb3b12c68ada1e2965411a973b07fc721834154df07aa5c9

[-- Attachment #2: Digital signature --]
[-- Type: application/pgp-signature, Size: 198 bytes --]

  reply	other threads:[~2013-07-30 20:11 UTC|newest]

Thread overview: 9+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-07-30 12:01 [Bitcoin-development] Tor and Bitcoin Bazyli Zygan
2013-07-30 12:41 ` Mike Hearn
2013-07-30 14:01   ` Jeff Garzik
2013-07-30 17:02     ` Wendell
2013-07-30 17:20       ` Bazyli Zygan
2013-07-30 18:30 ` Peter Todd
2013-07-30 19:36   ` Wendell
2013-07-30 20:11     ` Peter Todd [this message]
2013-07-30 20:12       ` Peter Todd

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=20130730201141.GA3555@petertodd.org \
    --to=pete@petertodd.org \
    --cc=bitcoin-development@lists.sourceforge.net \
    --cc=w@grabhive.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox