From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193] helo=mx.sourceforge.net) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1V4GGx-0002kh-PS for bitcoin-development@lists.sourceforge.net; Tue, 30 Jul 2013 20:11:55 +0000 Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of petertodd.org designates 62.13.148.113 as permitted sender) client-ip=62.13.148.113; envelope-from=pete@petertodd.org; helo=outmail148113.authsmtp.com; Received: from outmail148113.authsmtp.com ([62.13.148.113]) by sog-mx-3.v43.ch3.sourceforge.com with esmtp (Exim 4.76) id 1V4GGv-0005tD-Li for bitcoin-development@lists.sourceforge.net; Tue, 30 Jul 2013 20:11:55 +0000 Received: from mail-c226.authsmtp.com (mail-c226.authsmtp.com [62.13.128.226]) by punt10.authsmtp.com (8.14.2/8.14.2/Kp) with ESMTP id r6UKBkrF032123; Tue, 30 Jul 2013 21:11:46 +0100 (BST) Received: from petertodd.org (petertodd.org [174.129.28.249]) (authenticated bits=128) by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id r6UKBgnV050585 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Tue, 30 Jul 2013 21:11:44 +0100 (BST) Date: Tue, 30 Jul 2013 16:11:41 -0400 From: Peter Todd To: Wendell Message-ID: <20130730201141.GA3555@petertodd.org> References: <20130730183043.GA32398@petertodd.org> MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="x+6KMIRAuhnl3hBn" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) X-Server-Quench: 41a85259-f954-11e2-98a9-0025907ec6c5 X-AuthReport-Spam: If SPAM / abuse - report it at: http://www.authsmtp.com/abuse X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR aQdMdQIUEkAYAgsB AmUbWVVeUVx7XWc7 ag1VcwRfa1RMVxto VEFWR1pVCwQmQxpk fWxJDH9ycgVDcHs+ ZEZjVnAVWEUrfUN/ R0dJQ2QDYXphaTUd TUlQJgpJcANIexZF bQUsUiAILwdSbGoL NQ4vNDcwO3BTJTpY RgYVKF8UXXNDIjkm DxkEEX0FHFEOQCQ1 RwAA X-Authentic-SMTP: 61633532353630.1020:706 X-AuthFastPath: 0 (Was 255) X-AuthSMTP-Origin: 174.129.28.249/587 X-AuthVirus-Status: No virus detected - but ensure you scan with your own anti-virus system. X-Spam-Score: -1.5 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain -0.0 SPF_PASS SPF: sender matches SPF record X-Headers-End: 1V4GGv-0005tD-Li Cc: Bitcoin Dev Subject: Re: [Bitcoin-development] Tor and Bitcoin X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 30 Jul 2013 20:11:55 -0000 --x+6KMIRAuhnl3hBn Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Jul 30, 2013 at 09:36:50PM +0200, Wendell wrote: > Thank you Peter. >=20 > Does this advice apply equally to both full and SPV nodes? At this point = I'm merely curious, since we don't have the option to run bitcoinj over Tor= right now anyway. Yes, although remember that in general SPV nodes are significantly less safe because they depend soley on confirmations for security; it's often not appreciated that an attacker can target multiple SPV-using entities at once by creating a invalid block header with any number of completely fake payments linked to it; if you can attack n targets at once, the cost to perform the attack is n times less per target.=20 Unrelated to Tor, but an interesting possibility to improve SPV security is to ask for the history of a given txout - that is the previous transactions that funded it. You could even do this with a zero-knowledge proof, sampling some subset of the prior transactions to detect fraud. Unfortunately none of the infrastructure is setup to do this, and txid's aren't constructed in ways that make these kinds of proofs cheap. (you really want a merkle tree over the txin and txout sets) Work thinking about for the future in any case - the above can be implemented as a soft-fork. --=20 'peter'[:-1]@petertodd.org 0000000000000077bb3b12c68ada1e2965411a973b07fc721834154df07aa5c9 --x+6KMIRAuhnl3hBn Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iEYEARECAAYFAlH4Hf0ACgkQpEFN739thox0vQCfaKziMn0tOR9wKSf5S2IjdiUm XEAAoIZFPha60Q1vP/toCzVcloKxZ9ZD =qR2l -----END PGP SIGNATURE----- --x+6KMIRAuhnl3hBn--