Author: Jonas Schnelli 2016-08-08 15:00:51
Published on: 2016-08-08T15:00:51+00:00
Jonas Schnelli has proposed an authentication scheme to allow MITM detection and rejection in conjunction with BIP151, which requires node operators to build trusted connections for various reasons. The proposed authentication BIP uses ECDSA, secrets will never be transmitted. Authentication initialization must only happen if encrypted channels have been established according to BIP-151. The identity-public-keys used for the authentication must be pre-shared over a different channel (Mail/PGP, physical paper exchange, etc.). Each peer that supports p2p authentication must provide two users editable "databases". The authentication state must be kept until the encryption/connection terminates. Only one authentication process is allowed per connection. The peers should display/log the identity-public-key as an identity-address to the users, which is a base58-check encoded ripemd160(sha256) hash.
Updated on: 2023-06-11T19:23:10.877851+00:00