Author: Justus Ranvier 2015-04-27 15:54:36
Published on: 2015-04-27T15:54:36+00:00
The discussion revolves around how to ensure privacy in SPV clients. The first point made is that there will be a 1:1 relationship between a payment code owner and their identity. To mitigate this issue, SPV clients can connect exclusively to hidden services through Tor and broadcast their transactions through different peers than the ones they use for checking their balance. A client can create a filter that only matches their notification address and use that filter with a selected peer. All the rest of their addresses would be contained in a different filter that is never sent to the same full node which is watching their notification address. The second point made is that a client can use a bloom filter with a higher false positive rate but an active attacker can counter that by sending several payment codes to an individual user. The user would then add to their bloom filter all the shared addresses between them and the attacker. Even with a high false positive filter, always matching all the attacker's payment codes would strongly tie the user to the filter. The author suggests that for SPV to have any privacy at all, clients need to get a lot smarter about how they use bloom filters overall, such as by connecting to more than one peer, only putting a subset of their addresses in a single filter, and temporally varying the addresses which they watch.
Updated on: 2023-06-09T19:15:16.003632+00:00