public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Pieter Wuille <pieter.wuille@gmail.com>
To: Jonas Schnelli <dev@jonasschnelli.ch>,
	 Bitcoin Protocol Discussion
	<bitcoin-dev@lists.linuxfoundation.org>
Cc: Libbitcoin Development <libbitcoin@lists.dyne.org>
Subject: Re: [bitcoin-dev] Unique node identifiers
Date: Wed, 8 Mar 2017 15:12:01 -0800	[thread overview]
Message-ID: <CAPg+sBhKMWVRSka+iZvLn1B94eBgrzakw73pX40XHPMH647C7A@mail.gmail.com> (raw)
In-Reply-To: <31FB94D1-5B5B-43EF-AFD8-2A7508464F7C@jonasschnelli.ch>

On Wed, Mar 8, 2017 at 1:20 PM, Jonas Schnelli via bitcoin-dev
<bitcoin-dev@lists.linuxfoundation.org> wrote:
>
>> Am 08.03.2017 um 22:09 schrieb Eric Voskuil <eric@voskuil.org>:
>>
>> On 03/08/2017 11:47 AM, Jonas Schnelli wrote:
>>>>> Nodes are by design not supposed to be identifiable in any way
>>>>
>>>> This is of course my objection to BIP150 ("a way for peers to ...
>>>> guarantee node ownership“).

I believe this discussion is getting sidetracked.

There is a difference between identification/fingerprinting (who are
you?) and proving identity (prove that you are who I think you are?).

BIP150 only facilitates the second, not the first. I don't think you
disagree about that, but I want to make it clear for anyone else
following the discussion.

The question is whether it encourages people to establish known and
pre-shared identities for nodes. Perhaps, but not in any way that
IP/onion addresses don't already. Think about it:
* If you know an IP/onion address, you can verify whether some node
has it. If you know an IP/onion address + BIP150 PSK, you can verify
whether some node has it.
* If you know 2 IP/onion addresses, you cannot figure out whether they
correspond to the same node (and if you can, that is a bug, not by
design). If you know 2 (IP/onion addresses, BIP150 PSK) pairs, you
cannot figure out whether they correspond to the same node (and if you
can, that is a bug, not by design).
* If you receive a connection from a node, you cannot know what their
onion address is. If you receive a connection from a node, you cannot
figure out what their PSK is.

In that way, I see BIP150 as an extension of IP addresses, except more
secure against network-level attackers. If you believe the concept of
people establishing links along existing trust lines is a problem, you
should be arguing against features in Bitcoin software that allows
configuring preferred IP addresses to connect to as well (-addnode and
-connect in Bitcoin Core, for example).

Cheers,

-- 
Pieter


  reply	other threads:[~2017-03-08 23:12 UTC|newest]

Thread overview: 17+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2017-03-04 16:04 [bitcoin-dev] Unique node identifiers John Hardy
2017-03-05  6:29 ` Marcel Jamin
2017-03-05 12:55   ` John Hardy
2017-03-05 13:27 ` Btc Drak
2017-03-05 13:57   ` John Hardy
2017-03-07 18:44     ` Eric Voskuil
2017-03-08  2:01       ` bfd
2017-03-08 19:47       ` Jonas Schnelli
2017-03-08 21:09         ` Eric Voskuil
2017-03-08 21:20           ` Jonas Schnelli
2017-03-08 23:12             ` Pieter Wuille [this message]
     [not found]               ` <6a5a6a8f-d689-260a-76a9-a91f6bda56c5@voskuil.org>
2017-03-09  1:55                 ` Pieter Wuille
2017-03-09 11:01                   ` Aymeric Vitte
2017-03-09  1:08             ` Eric Voskuil
2017-03-08 21:25         ` [bitcoin-dev] Unique node identifiers (and BIP150) Tom Zander
2017-03-08 21:31           ` Jonas Schnelli
     [not found] <7c5020dd-5259-9954-7bf1-06fa98124f8f@voskuil.org>
2017-03-22  0:04 ` [bitcoin-dev] Unique node identifiers Eric Voskuil

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=CAPg+sBhKMWVRSka+iZvLn1B94eBgrzakw73pX40XHPMH647C7A@mail.gmail.com \
    --to=pieter.wuille@gmail.com \
    --cc=bitcoin-dev@lists.linuxfoundation.org \
    --cc=dev@jonasschnelli.ch \
    --cc=libbitcoin@lists.dyne.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox