From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192] helo=mx.sourceforge.net) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1QW3yK-000884-UG for bitcoin-development@lists.sourceforge.net; Mon, 13 Jun 2011 10:02:16 +0000 X-ACL-Warn: Received: from mail-iw0-f175.google.com ([209.85.214.175]) by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1QW3yG-0000zI-E4 for bitcoin-development@lists.sourceforge.net; Mon, 13 Jun 2011 10:02:16 +0000 Received: by iwn19 with SMTP id 19so2583152iwn.34 for ; Mon, 13 Jun 2011 03:02:06 -0700 (PDT) MIME-Version: 1.0 Received: by 10.231.117.37 with SMTP id o37mr5388858ibq.184.1307958995627; Mon, 13 Jun 2011 02:56:35 -0700 (PDT) Received: by 10.231.19.203 with HTTP; Mon, 13 Jun 2011 02:56:35 -0700 (PDT) X-Originating-IP: [99.173.148.118] In-Reply-To: References: Date: Mon, 13 Jun 2011 05:56:35 -0400 Message-ID: From: Jeff Garzik To: Christian Decker Content-Type: text/plain; charset=ISO-8859-1 X-Spam-Score: 0.1 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.1 AWL AWL: From: address is in the auto white-list X-Headers-End: 1QW3yG-0000zI-E4 Cc: bitcoin-development@lists.sourceforge.net Subject: Re: [Bitcoin-development] Bootstrapping via BitTorrent trackers X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Jun 2011 10:02:17 -0000 On Mon, Jun 13, 2011 at 5:38 AM, Christian Decker wrote: > BitTorrent trackers are used to handle several thousands of requests, so > they would probably scale well enough. I'm not even talking about using the > DHT trackers, but using old fashioned HTTP based trackers. The fact that > each bitcoin client would contact the tracker would make it very hard for an > attacker to get bootstrapping clients to exclusively connect to his > compromised clients. I would say that using a tracker such as OpenBittorrent > provides the same advantages as using an IRC channel. And how does the client discover HTTP trackers? You're either hardcoding -those- into the client, or adding an additional bootstrap step to discover them. Either way, it has the same problems as other current methods. The history and experience of gnutella's web caches vs. UDP host caches seems highly relevant here. -- Jeff Garzik exMULTI, Inc. jgarzik@exmulti.com