From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1Rhhzj-00072u-Hq for bitcoin-development@lists.sourceforge.net; Mon, 02 Jan 2012 13:32:07 +0000 Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of gmail.com designates 74.125.82.175 as permitted sender) client-ip=74.125.82.175; envelope-from=decker.christian@gmail.com; helo=mail-we0-f175.google.com; Received: from mail-we0-f175.google.com ([74.125.82.175]) by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1Rhhzi-0005Vb-CN for bitcoin-development@lists.sourceforge.net; Mon, 02 Jan 2012 13:32:07 +0000 Received: by werm13 with SMTP id m13so11050788wer.34 for ; Mon, 02 Jan 2012 05:32:00 -0800 (PST) Received: by 10.216.135.69 with SMTP id t47mr32404412wei.42.1325511120173; Mon, 02 Jan 2012 05:32:00 -0800 (PST) MIME-Version: 1.0 Received: by 10.227.159.201 with HTTP; Mon, 2 Jan 2012 05:31:19 -0800 (PST) In-Reply-To: References: From: Christian Decker Date: Mon, 2 Jan 2012 14:31:19 +0100 Message-ID: To: Elden Tyrell Content-Type: multipart/alternative; boundary=0016e6de16b176bce604b58b9ba2 X-Spam-Score: -0.6 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (decker.christian[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 1.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1Rhhzi-0005Vb-CN Cc: bitcoin-development@lists.sourceforge.net Subject: Re: [Bitcoin-development] does "stubbing" off Merkle trees reduce initial download bandwidth? X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 02 Jan 2012 13:32:07 -0000 --0016e6de16b176bce604b58b9ba2 Content-Type: text/plain; charset=ISO-8859-1 It can speed up the initial chain download. A newly created wallet will have only new key-pairs, hence no incoming transactions (unless we have a key collision, which is unlikely). So there is no need for a bootstrapping node to download the chain with transactions. The chain itself can be verified without the transactions. Later full blocks would be required to detect usable inputs for future outgoing transactions. As long as you verify the very last blocks in the chain you can be sure that all preceeding blocks were also valid. HTH, Chris On Mon, Jan 2, 2012 at 6:04 AM, Elden Tyrell wrote: > Satoshi's paper mentions that storage requirements for the blockchain > can be reduced by deleting transactions whose outputs have been spent. > > If I understand correctly, this technique can only be used for reducing > *storage* requirements, not *bandwidth* needed for the initial chain > download by a high-security client that doesn't trust any of its peers > -- right? > > The rule is "trust the longest valid chain of blocks". Part of a block > being "valid" is that each transaction's inputs are unspent and their > sum exceeds the transaction's outputs unless it is a coinbase. This > cannot be verified for "stubbed out" transactions -- they have outputs > but no inputs, and aren't coinbases. So a paranoid client booting up > for the first time needs to be given an un-stubbed chain, right? > > Of course, if a client decided to accept a stubbed blocks only when the > sum of the difficulties in the blocks after it exceeds some number N, > then attacking it could be made very expensive by picking a large > enough N. > > Please let me know if I have misunderstood something. > > > > > ------------------------------------------------------------------------------ > Ridiculously easy VDI. With Citrix VDI-in-a-Box, you don't need a complex > infrastructure or vast IT resources to deliver seamless, secure access to > virtual desktops. With this all-in-one solution, easily deploy virtual > desktops for less than the cost of PCs and save 60% on VDI infrastructure > costs. Try it free! http://p.sf.net/sfu/Citrix-VDIinabox > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > --0016e6de16b176bce604b58b9ba2 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable It can speed up the initial chain download. A newly created wallet will hav= e only new key-pairs, hence no incoming transactions (unless we have a key = collision, which is unlikely). So there is no need for a bootstrapping node= to download the chain with transactions. The chain itself can be verified = without the transactions. Later full blocks would be required to detect usa= ble inputs for future outgoing transactions. As long as you verify the very= last blocks in the chain you can be sure that all preceeding blocks were a= lso valid.

HTH,
Chris

On Mon, Jan 2, 2012 at = 6:04 AM, Elden Tyrell <tyrell.elden@gmail.com> wrote:
Satoshi's paper mentions that storage requirements for the blockchain can be reduced by deleting transactions whose outputs have been spent.

If I understand correctly, this technique can only be used for reducing
*storage* requirements, not *bandwidth* needed for the initial chain
download by a high-security client that doesn't trust any of its peers<= br> -- right?

The rule is "trust the longest valid chain of blocks". =A0Part of= a block
being "valid" is that each transaction's inputs are unspent a= nd their
sum exceeds the transaction's outputs unless it is a coinbase. =A0This<= br> cannot be verified for "stubbed out" transactions -- they have ou= tputs
but no inputs, and aren't coinbases. =A0So a paranoid client booting up=
for the first time needs to be given an un-stubbed chain, right?

Of course, if a client decided to accept a stubbed blocks only when the
sum of the difficulties in the blocks after it exceeds some number N,
then attacking it could be made very expensive by picking a large
enough N.

Please let me know if I have misunderstood something.



---------------------------------------------------------------------------= ---
Ridiculously easy VDI. With Citrix VDI-in-a-Box, you don't need a compl= ex
infrastructure or vast IT resources to deliver seamless, secure access to virtual desktops. With this all-in-one solution, easily deploy virtual
desktops for less than the cost of PCs and save 60% on VDI infrastructure costs. Try it free! http://p.sf.net/sfu/Citrix-VDIinabox
_______________________________________________
Bitcoin-development mailing list
Bitcoin-develo= pment@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-de= velopment

--0016e6de16b176bce604b58b9ba2--