public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Mike Hearn <mike@plan99.net>
To: Pieter Wuille <pieter.wuille@gmail.com>
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: [Bitcoin-development] Discovery/addr packets (was: Service bits for pruned nodes)
Date: Mon, 6 May 2013 16:58:56 +0200	[thread overview]
Message-ID: <CANEZrP1YFCLmasOrdxdKDP1=x8nKuy06kGRqZwpnmnhe3-AroA@mail.gmail.com> (raw)

[-- Attachment #1: Type: text/plain, Size: 1658 bytes --]

Subject change to reflect that this is off-topic for the old thread.

Eventually, I think it makes sense to move to a system where you get seeds
> from
> a DNS (or other mechanism), connect to one or a few of the results, do a
> getaddr,
> fill your peer IP database with it, and disconnect from the DNS seeded
> peer.


This obviously makes no difference from a security perspective. If a DNS
seed is compromised it can feed you nodes that just connect you back to the
sybil. If you seed from DNS then that's your root of trust.

The problem with moving away from DNS seeding for bitcoinj clients at least
is that SPV clients are very sensitive to startup time. It isn't OK to
spend two minutes trying to connect to lots of long-dead IP addresses if
you're wanting to pay your bill in a restaurant. That means either you have
to spin up a lot of TCP connections in parallel, which I know from bitter
experience can cause problems with some crappy wifi routers (they think
it's a synflood), or you get a known fresh source of IPs like a DNS seed
response and then later on bring up connections to the P2P network from
that.

Implementing the latter is complicated - you have to partition your nodes
so the seed peers are separated from the peers you found via addr
broadcasts and seeded peers can't pollute your addr-found peers unless it's
your first run.

I've actually not experimented with this for a while. I'm hoping that by
the time this gets to the top of my todo list, network nodes will be stable
enough that actually you can always obtain at least one or two connections
if you try (say) 30 at once. But I have no idea if we're at that stage yet.

[-- Attachment #2: Type: text/html, Size: 2055 bytes --]

             reply	other threads:[~2013-05-06 14:59 UTC|newest]

Thread overview: 28+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2013-05-06 14:58 Mike Hearn [this message]
2013-05-06 16:12 ` [Bitcoin-development] Discovery/addr packets (was: Service bits for pruned nodes) Peter Todd
2013-05-06 16:20   ` Jeff Garzik
2013-05-06 16:34     ` Mike Hearn
2013-05-06 16:37     ` Peter Todd
2013-05-06 16:47       ` Mike Hearn
2013-05-06 17:19         ` Peter Todd
2013-05-06 17:25           ` Jeff Garzik
2013-05-06 17:42           ` Gregory Maxwell
2013-05-06 17:53             ` Peter Todd
2013-05-06 18:01               ` Gregory Maxwell
2013-05-06 18:19                 ` Peter Todd
2013-05-06 18:32                 ` Adam Back
2013-05-06 19:08                   ` Peter Todd
2013-05-06 19:50                     ` Adam Back
2013-05-06 20:43                       ` Peter Todd
2013-05-06 23:44                         ` Peter Todd
2013-05-07  9:00           ` Mike Hearn
2013-05-09  0:57             ` John Dillon
2013-05-06 18:04         ` Adam Back
2013-05-06 18:25           ` Gregory Maxwell
2013-05-06 22:51             ` [Bitcoin-development] limits of network hacking/netsplits (was: Discovery/addr packets) Adam Back
2013-05-06 23:13               ` Gregory Maxwell
2013-05-07  4:48                 ` Petr Praus
2013-05-07 21:07                   ` Matt Corallo
2013-05-07  9:17                 ` Mike Hearn
2013-05-07 11:07                   ` Adam Back
2013-05-07 12:04                     ` Mike Hearn

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='CANEZrP1YFCLmasOrdxdKDP1=x8nKuy06kGRqZwpnmnhe3-AroA@mail.gmail.com' \
    --to=mike@plan99.net \
    --cc=bitcoin-development@lists.sourceforge.net \
    --cc=pieter.wuille@gmail.com \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox