Published on: 2014-04-28T17:29:46+00:00
In an email conversation between Sergio Lerner and a recipient, the discussion revolves around the periodic connection to an honest node during a potential attack. Lerner believes that the loss of this connection should be assumed during an attack, while the recipient argues that SPV proofs have broader applications and can detect non-51% attacks with existing tools. The recipient suggests that back-link commitments and compact SPV proofs can achieve the same results with fewer messages, less bandwidth, and equal security. Mark Friedenbach and Sergio Lerner discuss the security assumptions of Simplified Payment Verification (SPV) nodes, with Friedenbach suggesting that back-link block-history commitments can allow for a binary search to find common ancestors and trust the intermediate links. Peter Todd counters that assumptions about honest peers are necessary for computing economic arguments correctly. They also discuss different definitions of SPV proofs, with Lerner defining it as a sequence of bits establishing a block as part of the best-chain, and Friedenbach defining it as a sequence of bits establishing the ancestor of a block and the cost of creating a fake proof. The community does not have an official definition of "SPV proof", but SPV nodes generally trust the most-work chain based on economic arguments. In another email exchange, Friedenbach defines SPV proofs as a succinct sequence of bits that can establish connectivity and proof of work between two blocks, while Sergio argues for his own definition. The emails propose ways to construct SPV proofs using back-link commitments and discuss the use case of an SPV client coming online and asking peers for parent blocks until a last common parent is found. The proposal addresses the problem of parallel synchronized attacks and suggests assuming at least one peer is honest. It concludes with a proposed use case where an SPV client retrieves compact non-interactive proofs-of-inclusion for its transactions without downloading every intervening block header.
Updated on: 2023-08-01T09:04:33.186737+00:00