Author: odinn 2015-08-19 05:21:15
Published on: 2015-08-19T05:21:15+00:00
The email thread from Bitcoin-dev mailing list talks about the security of using Simplified Payment Verification (SPV) mode, which is not very secure to use from a wallet point of view. The thread also discusses how volunteers running full nodes do not help the situation as Sybil attacking the IP address space is easier than acquiring hashing power sufficient to create false confirmations. An attacker able to Sybil any significant amount of hash power could be running the full node that you are connecting to anyway. Ultimately, Hearn-style SPV is a close approximation to just trusting anyone with a non-trivial amount of hashing power. Chris Pacia asked Peter Todd to explain how the SPV node fails against an attacker with a non-trivial amount of hash power where a full node does not. To attack an SPV wallet that is waiting for 6 or 10 confirmations, one would need to Sybil them and summon a massive amount of hashing power to create a chain of headers while forgoing the opportunity to mine valid blocks with that hash power. The failure model does not seem specific to SPV.
Updated on: 2023-06-10T20:12:49.640179+00:00