From: Mike Hearn <mike@plan99.net>
To: Isidor Zeuner <cryptocurrencies@quidecco.de>
Cc: Bitcoin Development <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Deanonymisation of clients in Bitcoin P2P network paper
Date: Mon, 8 Dec 2014 17:59:06 +0100 [thread overview]
Message-ID: <CANEZrP1Wh_98+47PmmHwSTDoSASw96R+Xnh5qWzROdmxPwO0Gw@mail.gmail.com> (raw)
In-Reply-To: <20141208161514.6C492E1B59B@quidecco.de>
[-- Attachment #1: Type: text/plain, Size: 2396 bytes --]
>
> Finally, distributors of consumer wallets can use this research in
> order to distribute their wallet with policies which may be less prone
> to Tor-specific attacks. Or leave this out altogether if their
> audience has different expectations for connecting to Bitcoin.
>
Sure. I guess there will be wallets for all kinds of people in future,
sharing a common core that they can customise (this is certainly the vision
and general direction for bitcoinj, and it's working out OK).
To clarify, my comments above were for mainstream granny-focused wallets.
Wallets designed for crypto geeks can and should expose all the knobs to
let people run wild.
One possible direction to go is to use Tor for writing to the network and
use general link encryption and better Bloom filtering for reading it. Thus
new transactions would pop out of Tor exits, but there isn't much they can
do that's malicious there except mutate them or block them entirely. If you
insert the same transaction into the P2P network via say 10 randomly chosen
exits, the worst a malicious mutator can do is race the real transaction
and that's no different to a malicious P2P node. Even in a world where an
attacker has DoS-banned a lot of nodes and now controls your TX submission
path entirely, it's hard to see how it helps them.
The nice thing about the above approach is that it solves the latency
problems. Startup speed is really an issue for reading from the network:
just syncing the block chain is already enough of a speed hit without
adding consensus sync as well. But if you're syncing the block chain via
the clearnet you can connect to Tor in parallel so that by the time the
user has scanned a QR code, verified the details on the screen and then
pressed the Pay button, you have a warm connection and can upload the TX
through that. It reduces the level of startup time optimisation needed,
although Tor consensus download is still too slow even to race a QR code
scan at the moment. I think tuning the consensus caching process and
switching to a fresh one on the fly might be the way to go.
When BIP70 is in use, you wouldn't write the tx to the network yourself but
you could download the PaymentRequest and upload the Payment message via an
SSLd Tor connection to the merchant. Then malicious exits can only DoS you
but not do anything else so there's no need for multiple exit paths
simultaneously.
[-- Attachment #2: Type: text/html, Size: 2791 bytes --]
next prev parent reply other threads:[~2014-12-08 16:59 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-11-26 7:47 [Bitcoin-development] Deanonymisation of clients in Bitcoin P2P network paper Jean-Paul Kogelman
2014-11-26 13:51 ` Jeff Garzik
2014-11-26 17:13 ` odinn
2014-11-27 2:09 ` Isidor Zeuner
2014-11-27 2:22 ` Gregory Maxwell
2014-11-27 11:06 ` Mike Hearn
2014-11-27 11:27 ` Wladimir
2014-12-08 16:15 ` Isidor Zeuner
2014-12-08 16:59 ` Mike Hearn [this message]
2015-01-22 0:44 ` Isidor Zeuner
2015-01-22 13:20 ` Mike Hearn
2014-12-15 13:25 ` Isidor Zeuner
2014-12-01 10:42 ` Isidor Zeuner
2014-11-27 17:44 Mistr Bigs
2014-11-27 20:30 ` Gregory Maxwell
2014-11-28 0:45 Mistr Bigs
2014-11-28 5:30 ` Gregory Maxwell
2014-12-11 11:51 ` Isidor Zeuner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CANEZrP1Wh_98+47PmmHwSTDoSASw96R+Xnh5qWzROdmxPwO0Gw@mail.gmail.com \
--to=mike@plan99.net \
--cc=bitcoin-development@lists.sourceforge.net \
--cc=cryptocurrencies@quidecco.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox