From: Pieter Wuille <pieter.wuille@gmail.com>
To: Jonas Schnelli <dev@jonasschnelli.ch>,
Bitcoin Protocol Discussion
<bitcoin-dev@lists.linuxfoundation.org>
Cc: Libbitcoin Development <libbitcoin@lists.dyne.org>
Subject: Re: [bitcoin-dev] Unique node identifiers
Date: Wed, 8 Mar 2017 15:12:01 -0800 [thread overview]
Message-ID: <CAPg+sBhKMWVRSka+iZvLn1B94eBgrzakw73pX40XHPMH647C7A@mail.gmail.com> (raw)
In-Reply-To: <31FB94D1-5B5B-43EF-AFD8-2A7508464F7C@jonasschnelli.ch>
On Wed, Mar 8, 2017 at 1:20 PM, Jonas Schnelli via bitcoin-dev
<bitcoin-dev@lists.linuxfoundation.org> wrote:
>
>> Am 08.03.2017 um 22:09 schrieb Eric Voskuil <eric@voskuil.org>:
>>
>> On 03/08/2017 11:47 AM, Jonas Schnelli wrote:
>>>>> Nodes are by design not supposed to be identifiable in any way
>>>>
>>>> This is of course my objection to BIP150 ("a way for peers to ...
>>>> guarantee node ownership“).
I believe this discussion is getting sidetracked.
There is a difference between identification/fingerprinting (who are
you?) and proving identity (prove that you are who I think you are?).
BIP150 only facilitates the second, not the first. I don't think you
disagree about that, but I want to make it clear for anyone else
following the discussion.
The question is whether it encourages people to establish known and
pre-shared identities for nodes. Perhaps, but not in any way that
IP/onion addresses don't already. Think about it:
* If you know an IP/onion address, you can verify whether some node
has it. If you know an IP/onion address + BIP150 PSK, you can verify
whether some node has it.
* If you know 2 IP/onion addresses, you cannot figure out whether they
correspond to the same node (and if you can, that is a bug, not by
design). If you know 2 (IP/onion addresses, BIP150 PSK) pairs, you
cannot figure out whether they correspond to the same node (and if you
can, that is a bug, not by design).
* If you receive a connection from a node, you cannot know what their
onion address is. If you receive a connection from a node, you cannot
figure out what their PSK is.
In that way, I see BIP150 as an extension of IP addresses, except more
secure against network-level attackers. If you believe the concept of
people establishing links along existing trust lines is a problem, you
should be arguing against features in Bitcoin software that allows
configuring preferred IP addresses to connect to as well (-addnode and
-connect in Bitcoin Core, for example).
Cheers,
--
Pieter
next prev parent reply other threads:[~2017-03-08 23:12 UTC|newest]
Thread overview: 17+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-03-04 16:04 [bitcoin-dev] Unique node identifiers John Hardy
2017-03-05 6:29 ` Marcel Jamin
2017-03-05 12:55 ` John Hardy
2017-03-05 13:27 ` Btc Drak
2017-03-05 13:57 ` John Hardy
2017-03-07 18:44 ` Eric Voskuil
2017-03-08 2:01 ` bfd
2017-03-08 19:47 ` Jonas Schnelli
2017-03-08 21:09 ` Eric Voskuil
2017-03-08 21:20 ` Jonas Schnelli
2017-03-08 23:12 ` Pieter Wuille [this message]
[not found] ` <6a5a6a8f-d689-260a-76a9-a91f6bda56c5@voskuil.org>
2017-03-09 1:55 ` Pieter Wuille
2017-03-09 11:01 ` Aymeric Vitte
2017-03-09 1:08 ` Eric Voskuil
2017-03-08 21:25 ` [bitcoin-dev] Unique node identifiers (and BIP150) Tom Zander
2017-03-08 21:31 ` Jonas Schnelli
[not found] <7c5020dd-5259-9954-7bf1-06fa98124f8f@voskuil.org>
2017-03-22 0:04 ` [bitcoin-dev] Unique node identifiers Eric Voskuil
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=CAPg+sBhKMWVRSka+iZvLn1B94eBgrzakw73pX40XHPMH647C7A@mail.gmail.com \
--to=pieter.wuille@gmail.com \
--cc=bitcoin-dev@lists.linuxfoundation.org \
--cc=dev@jonasschnelli.ch \
--cc=libbitcoin@lists.dyne.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox