Author: Mike Hearn 2013-08-16 14:36:20
Published on: 2013-08-16T14:36:20+00:00
On August 16, 2013, Warren Togami Jr. made a change to the bitcoinj-0.10 release notes stating that they now require Bloom-capable (0.8+) peers by default and will disconnect from older nodes due to complaints about battery life and bandwidth impact even with Bloom filtering. However, Peter Todd brought up concerns about user-security and potential sybil attacks on the network. He suggested creating "SPV honeypots" that allow incoming connections only from SPV nodes, which could attract a disproportionate percentage of the total SPV population given a relatively small number of nodes. This could be used to harm SPV nodes by dropping deterministic percentages of transactions, either by the bloom matching code or when sent. Todd also suggested an attack where a fake transaction is created that pays the same scriptPubKeys with the same amount, and sent to the SPV peer instead of the dropped transaction. Mike was asked if bitcoinj has any protections against peers flooding users with useless garbage, which could rack up a user's data bill by creating junk unconfirmed transactions matching the bloom filter. Warren Togami Jr. considered reconsidering this new default behavior in SPV clients due to the user-security concern raised by Todd. Gavin, on the other hand, believes that the future of P2P networks should consider the dominance of mobile devices and tablets. He suggests that a change in thinking would be necessary if this were to happen. However, he is not too worried about it as he believes that there are plenty of people with private servers who would be willing to run nodes. He is also not concerned about using peoples' bandwidth for relaying blocks, especially since most SPV nodes are behind NAT.
Updated on: 2023-06-07T15:54:19.644293+00:00