Author: Troy Benjegerdes 2014-08-23 06:39:06
Published on: 2014-08-23T06:39:06+00:00
The writer of this email believes that encrypting the P2P protocol does not guarantee security. They argue that organized crime agencies could easily monitor transactions by inserting 0-day and monitoring software into Github employees' laptops. The writer suggests that simplifying the system would be a better approach to increase security. However, they acknowledge that separating the P2P network transport from the core blockchain functionality may not be easy. Another developer in the chain suggests upgrading the P2P protocol with MAC keys and creating a simple home-grown encryption layer. This could help increase security as intelligence agencies are likely to be deanonymizing Bitcoin users already. TOR is not a complete solution as it can be exploited. Implementing a full TOR client is not a reasonable thing to ask of a wallet developer, but doing HMAC checks and a simple ECDH exchange + AES would be quite realistic.
Updated on: 2023-06-09T02:16:38.412549+00:00