On Tue, Aug 19, 2014 at 8:14 PM, Peter Todd <pete@petertodd.org> wrote:

Don't let perfect be the enemy of good.

I'm not. I don't think this proposal is even good.

You realize that by your own definition even the NSA is mostly a "weak passive attacker" They do *not* have the ability to attack more than a small, targeted, subset of connection for both technical and political reasons. For starters, MITM attacks are easily detected - "Bitcoin network attacked by unknown agents! Has your ISP been compromised?" would make for great headlines and would soon see the problem fixed both technically and politically.

Again, the NSA might get an absolutely trivial amount of data from monitoring connections on the Bitcoin network. A bit of publicity is *not* worth drastically increasing the software complexity of the client.

In any case, my suggestion of enabling hidden service support by default adds both encryption and reasonably good authentication.

Enabling hidden service support by default would introduce an insanely huge attack surface.

And you're conflating two different things; using Tor is valuable to Bitcoin because it would provide some anonymity. The encryption aspect is pretty much useless for us.