Published on: 2015-10-04T06:59:27+00:00
In a recent discussion on the bitcoin-development mailing list, a user named Odinn brought attention to a protocol concept called ABIS that enables the decentralization and expansion of a giving economy. Odinn referenced a post from 2013 about microdonations and incentives for running full nodes. He also mentioned new developments in Bytecoin, which implemented microdonations successfully and could potentially be applied to Bitcoin. The email thread then shifted to the security of using Simplified Payment Verification (SPV) mode. Some participants argued that SPV is not secure, as Sybil attacking the IP address space is easier than acquiring hashing power to create false confirmations. However, others pointed out that the failure model is not specific to SPV and could apply to full nodes as well.Joseph Poon emphasized the vulnerability of SPV nodes compared to full nodes in an attack scenario. He explained that with SPV, it is possible to create a transaction that spends from non-existent coins and construct an SPV proof to send funds to the victim. This attack can be "overloadable" as the attacker is never out of money. In contrast, full nodes require the attacker to sign and spend real outputs they control, and there is a chance that the victim will eventually recover their funds in a reorganization. Poon also highlighted that attackers can target thousands of people simultaneously with less hashpower using SPV validation. Although he acknowledged that some threats can be mitigated, he believed that running a full node offers stronger security, especially when handling significant amounts of money.Peter Todd echoed concerns about the security of Hearn-style SPV mode and the limited effectiveness of volunteers running full nodes. He argued that Sybil attacking the IP address space is easier than acquiring enough hashing power for false confirmations, making Hearn-style SPV similar to trusting anyone with substantial hashing power. The discussion then debated whether full nodes would fare better against attackers with significant hashing power, with some suggesting that the failure model is not exclusive to SPV.Satoshi Nakamoto acknowledged in a separate discussion the changes that have occurred in the Bitcoin network since its early days, such as the unexpected impact of pooled mining on security. Balancing competition and security remains a challenge, and there is a need for better incentives for users to run nodes beyond altruism. Peter Todd argued that incentivizing full nodes is not a priority. He reiterated concerns about the security of Hearn-style SPV mode and the limited contribution of volunteers running full nodes. Todd proposed that having peers as validating nodes primarily optimizes bandwidth, while the best incentive for validation lies in immediate failure when not validating. Gregory Maxwell's proposal for blocks to commit to separate merkle trees, one valid and one invalid, was mentioned as an example of ensuring active validation. Todd's embedded consensus ideas rely on proof-of-publication and/or anti-replay functionality, with validation becoming the responsibility of individuals or trusted parties.Overall, these discussions shed light on the security challenges associated with SPV mode and the role of full nodes in enhancing Bitcoin's security. The participants recognize the need for further exploration of incentives and protocols to ensure the integrity and reliability of the network.
Updated on: 2023-08-01T15:28:03.532194+00:00