From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 10EE4B43 for ; Tue, 3 Jan 2017 23:46:03 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-qk0-f178.google.com (mail-qk0-f178.google.com [209.85.220.178]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 2370D229 for ; Tue, 3 Jan 2017 23:46:02 +0000 (UTC) Received: by mail-qk0-f178.google.com with SMTP id u25so380647644qki.2 for ; Tue, 03 Jan 2017 15:46:02 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=5XqL7df8249TSerxo+1y5rAKcbVCvszPFUICoG1ihQs=; b=MNWbQiMRdyYFzQR+klB1jhsHj067MYjf1jyF7PTv7AQ5ZkZg/V2nHzuSwvTc5kr6YQ ODb54mP+16EDWOTKcfy5ik7Md/jpkN/LDJs/JFfScPSHE66siXzfmg1elERrmmm+bhnM hVsbmnPF9KNSGrPhdsTK1E9zgSoVCbo8Wf6zu+ThI70rTuRZ4ytaEvqANOmNeluoaXKL s4xcxq/oXyI8TDs+pwWoz7s7TZ+Tk4HwKpGdZO03KCeM13oaxWEntFzASLS1sgv2qI/W TH6sKItxR/n8Nym6joH4heKMTud9MYCpmTVOby8DPGeLVWkvLy56+Hi3upm4Er+nEDyC Duvg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=5XqL7df8249TSerxo+1y5rAKcbVCvszPFUICoG1ihQs=; b=QWxt2aycJayOP0tXrIHOicmcyY5mIQSqkJRakEJMl2FqIbdIRGqU7ripwOBjNXw7Rx LcBcthmps7MRGUMD7FWyvmmlV1MNOnYtzSn3LoAFdPE6CYEstli8+UFb5Sta4jB9H5T/ y27FU7isLa+Zu5+GRcA8HCzh7sdMVm/UxiFrAHH1kz3ruX0SBOnby5LhZbpNCpduXEGH f1u0U5VG4zVIulywndajzCckp7RDoIiCP2KIpIZZuSWBV0eDDhDdwnMENAbfAvCeOJoS nMBOjXYmy3ba+lL5EkbaexO0DtgRNHBAj1ee6xTi0TjUuYRhOERYfLpBQWO0r3qDFhcI KKUw== X-Gm-Message-State: AIkVDXIDPyeOCHPXp9gmM+fsrHzfFuhIaTRB7DXCuvbsAs0UmHD2jgXal/fuVDjZ58OAY/5wcHEtKu97Sk1dug== X-Received: by 10.55.112.65 with SMTP id l62mr72499043qkc.76.1483487161300; Tue, 03 Jan 2017 15:46:01 -0800 (PST) MIME-Version: 1.0 Received: by 10.12.164.98 with HTTP; Tue, 3 Jan 2017 15:46:00 -0800 (PST) In-Reply-To: References: <71d822e413ac457a530e1c367811cc24@cock.lu> <77b6dd25-0603-a0bd-6a9e-38098e5cb19d@jonasschnelli.ch> <74aeb4760316b59a3db56c0d16d11f28@cock.lu> From: Aaron Voisine Date: Tue, 3 Jan 2017 15:46:00 -0800 Message-ID: To: adiabat Content-Type: multipart/alternative; boundary=001a114fe714473cc305453945ae X-Spam-Status: No, score=-1.5 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, HTML_MESSAGE, RCVD_IN_DNSWL_NONE, RCVD_IN_SORBS_SPAM autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Cc: Bitcoin Protocol Discussion Subject: Re: [bitcoin-dev] Committed bloom filters for improved wallet performance and SPV security X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Jan 2017 23:46:03 -0000 --001a114fe714473cc305453945ae Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable If the sender doesn't control the receiver's network connection, then the information the receiver gains by watching the mempool is if the transaction has propagated across the bitcoin network. This is useful to know in all kinds of situations. Aaron Voisine co-founder and CEO breadwallet On Tue, Jan 3, 2017 at 3:06 PM, adiabat wrote: > Mempool transactions have their place, but "unconfirmed" and "SPV" don't > belong together. Only a full node can tell if a transaction may get > confirmed, or is nonsense. Unfortunately all the light / SPV wallets I > know of show mempool transactions, which makes it hard to go back... (e.g= . > "why doesn't your software show 0-conf! your wallet is broken!", somewhat > akin to people complaining about RBF) > > So, this is easy, just don't worry about mempool filtering. Why are ligh= t > clients looking at the mempool anyway? Maybe if there were some way to > provide SPV proofs of all inputs, but that's a bit of a mess for full nod= es > to do. > > Without mempool filtering, I think the committed bloom filters would be a > great improvement over the current bloom filter setup, especially for > lightning network use cases (with lightning, not finding out about a > transaction can make you lose money). I want to work on it and may be ab= le > to at some point as it's somewhat related to lightning. > > Also, if you're running a light client, and storing the filters the way > you store block headers, there's really no reason to go all the way back = to > height 0. You can start grabbing headers at some point a while ago, befo= re > your set of keys was generated. I think it'd be very worth it even with > GB-scale disk usage. > > -Tadge > > > On Tue, Jan 3, 2017 at 5:18 PM, Aaron Voisine via bitcoin-dev < > bitcoin-dev@lists.linuxfoundation.org> wrote: > >> Unconfirmed transactions are incredibly important for real world use. >> Merchants for instance are willing to accept credit card payments of >> thousands of dollars and ship the goods despite the fact that the >> transaction can be reversed up to 60 days later. There is a very large c= ost >> to losing the ability to have instant transactions in many or even most >> situations. This cost is typically well above the fraud risk. >> >> It's important to recognize that bitcoin serves a wide variety of use >> cases with different profiles for time sensitivity and fraud risk. >> >> Aaron >> >> On Tue, Jan 3, 2017 at 12:41 PM bfd--- via bitcoin-dev < >> bitcoin-dev@lists.linuxfoundation.org> wrote: >> >>> The concept combined with the weak blocks system where miners commit >>> >>> to potential transaction inclusion with fractional difficulty blocks >>> >>> is possible. I'm not personally convinced that unconfirmed transaction >>> >>> display in a wallet is worth the privacy trade-off. The user has very >>> >>> little to gain from this knowledge until the txn is in a block. >>> >>> >>> >>> >>> >>> On 2017-01-01 13:01, Jonas Schnelli via bitcoin-dev wrote: >>> >>> > Hi >>> >>> >> We introduce several concepts that rework the lightweight Bitcoin >>> >>> >> client model in a manner which is secure, efficient and privacy >>> >>> >> compatible. >>> >>> >> >>> >>> >> The BFD can be used verbatim in replacement of BIP37, where the filt= er >>> >>> >> can be cached between clients without needing to be recomputed. It c= an >>> >>> >> also be used by normal pruned nodes to do re-scans locally of their >>> >>> >> wallet without needing to have the block data available to scan, or >>> >>> >> without reading the entire block chain from disk. >>> >>> > I started exploring the potential of BFD after this specification. >>> >>> > >>> >>> > What would be the preferred/recommended way to handle 0-conf/mempool >>> >>> > filtering =E2=80=93 if & once BDF would have been deployed (any type, >>> >>> > semi-trusted oracles or protocol-level/softfork)? >>> >>> > >>> >>> > From the user-experience perspective, this is probably pretty importa= nt >>> >>> > (otherwise the experience will be that incoming funds can take serval >>> >>> > minutes to hours until they appear). >>> >>> > Using BIP37 bloom filters just for mempool filtering would obviously >>> >>> > result in the same unwanted privacy-setup. >>> >>> > >>> >>> > >>> >>> > >>> >>> > >>> >>> > _______________________________________________ >>> >>> > bitcoin-dev mailing list >>> >>> > bitcoin-dev@lists.linuxfoundation.org >>> >>> > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev >>> >>> _______________________________________________ >>> >>> bitcoin-dev mailing list >>> >>> bitcoin-dev@lists.linuxfoundation.org >>> >>> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev >>> >>> >> _______________________________________________ >> bitcoin-dev mailing list >> bitcoin-dev@lists.linuxfoundation.org >> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev >> >> > --001a114fe714473cc305453945ae Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
If the sender doesn't control the receiver's netwo= rk connection, then the information the receiver gains by watching the memp= ool is if the transaction has propagated across the bitcoin network. This i= s useful to know in all kinds of situations.


Aaron Voisine
co-founder and CEO
breadwallet
<= /div>

On Tue, Jan 3, 2017 at 3:06 PM, adiabat <rx@a= wsomnet.org> wrote:
Mempool transactions have their = place, but "unconfirmed" and "SPV" don't belong tog= ether.=C2=A0 Only a full node can tell if a transaction may get confirmed, = or is nonsense.=C2=A0 Unfortunately all the light / SPV wallets I know of s= how mempool transactions, which makes it hard to go back... (e.g. "why= doesn't your software show 0-conf! your wallet is broken!", somew= hat akin to people complaining about RBF)

So, this = is easy, just don't worry about mempool filtering.=C2=A0 Why are light = clients looking at the mempool anyway?=C2=A0 Maybe if there were some way t= o provide SPV proofs of all inputs, but that's a bit of a mess for full= nodes to do.

Without m= empool filtering, I think the committed bloom filters would be a great impr= ovement over the current bloom filter setup, especially for lightning netwo= rk use cases (with lightning, not finding out about a transaction can make = you lose money).=C2=A0 I want to work on it and may be able to at some poin= t as it's somewhat related to lightning.

Also, if you're running a light client, and storing the filters the w= ay you store block headers, there's really no reason to go all the way = back to height 0.=C2=A0 You can start grabbing headers at some point a whil= e ago, before your set of keys was generated.=C2=A0 I think it'd be ver= y worth it even with GB-scale disk usage.

-Ta= dge

=
On Tue, Jan 3, 2017 at 5:18 PM, Aaron Voisin= e via bitcoin-dev <bitcoin-dev@lists.linuxfoundat= ion.org> wrote:
Unconf= irmed transactions are incredibly important for real world use. Merchants f= or instance are willing to accept credit card payments of thousands of doll= ars and ship the goods despite the fact that the transaction can be reverse= d up to 60 days later. There is a very large cost to losing the ability to = have instant transactions in many or even most situations. This cost is typ= ically well above the fraud risk.=C2=A0

It's i= mportant to recognize that bitcoin serves a wide variety of use cases with = different profiles for time sensitivity and fraud risk.

Aaron

On Tue, Jan = 3, 2017 at 12:41 PM bfd--- via bitcoin-dev <bitcoin-dev@lists.linuxfound= ation.org> wrote:
The c= oncept combined with the weak blocks system where miners commit

to potential transa= ction inclusion with fractional difficulty blocks

is possible. I'm not personal= ly convinced that unconfirmed transaction

display in a wallet is worth the privacy = trade-off. The user has very

little to gain from this knowledge until the txn is in= a block.




On 2017-01-0= 1 13:01, Jonas Schnelli via bitcoin-dev wrote:

> Hi

>> We introduce several concep= ts that rework the lightweight Bitcoin

>> client model in a manner which is s= ecure, efficient and privacy

>> compatible.

>>

>> The BFD can be used verbatim in= replacement of BIP37, where the filter

>> can be cached between clients with= out needing to be recomputed. It can

>> also be used by normal pruned nodes t= o do re-scans locally of their

>> wallet without needing to have the block da= ta available to scan, or

>> without reading the entire block chain from disk.=

> I = started exploring the potential of BFD after this specification.

>

> What would be = the preferred/recommended way to handle 0-conf/mempool

> filtering =E2=80=93 if = & once BDF would have been deployed (any type,

> semi-trusted oracles or pro= tocol-level/softfork)?

>

> From the user-experience perspective, this is probably pre= tty important

> (otherwise the experience will be that incoming funds can take s= erval

&g= t; minutes to hours until they appear).

> Using BIP37 bloom filters just for mem= pool filtering would obviously

> result in the same unwanted privacy-setup.

>

> </jonas= >

>= ;

>
> ____= ___________________________________________

> bitcoin-dev mailing list

> bitcoin-dev@lists.linu= xfoundation.org

> https://lists.linuxfoundation.<= wbr>org/mailman/listinfo/bitcoin-dev

________________________________= _______________

bitcoin-dev mailing list

bitcoin-dev@lists.linuxfoundation.org

ht= tps://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev<= br class=3D"m_949038359825094764m_582444580811563830gmail_msg">

_______________________________________________
bitcoin-dev mailing list
= bitcoin-dev@lists.linuxfoundation.org
https://lists.linuxfoundation.org= /mailman/listinfo/bitcoin-dev



--001a114fe714473cc305453945ae--