Published on: 2014-02-22T02:08:19+00:00
In a conversation between Dustin D. Trammell and Jeff Garzik, the concern about disk space usage when running multiple wallets that require their own copy of the blockchain was discussed. Trammell suggested running a local blockchain server or network instead to optimize disk space. Garzik, a Bitcoin core developer and open source evangelist at BitPay Inc., agreed with Trammell's concern and mentioned that he manages multiple wallets using symlink replacement.Garzik proposed running the Bitcoin Core wallet as a separate process, independent of the blockchain engine. This would involve the wallet communicating with the blockchain engine through RPC and P2P channels, effectively becoming a real SPV client. This plan has several benefits, including sandboxing wallet keys and sensitive data from the network-exposed P2P engine. It also addresses the issue of consuming excessive disk space when managing multiple wallets.Process separation was discussed as a way to increase the difficulty of accessing key data from the blockchain engine and change the attack surface. While not everyone was convinced of its effectiveness, it was agreed that process separation is necessary for sandboxing. The suggestion of using the seccomp mechanism, which whitelists syscalls and renders ptrace useless, was made to enhance security.The Bitcoin Core reference implementation can be used as a payment network access and management tool, in addition to its role as wallet software. Version 0.9 allows the bitcoind wallet to be disabled, leading to a more optimized border router profile. Recent discussions have proposed running the Bitcoin Core wallet as a separate process, communicating with the blockchain engine through existing RPC and P2P channels. This would sandbox wallet keys and sensitive data away from the network-exposed P2P engine. The preference for separate programs over forking was highlighted, especially due to Windows requiring an exec-like method for process separation. Pieter Wuille's work on headers-first sync is important for the wallet/blockchain engine split, but increased review and test bandwidth is necessary.The Bitcoin Core wallet is set to run as a separate process and binary from the blockchain engine. This separation enhances security by isolating wallet keys and sensitive data from the P2P network-exposed engine. Recent IRC discussions have proposed this development, which would involve a new IPC protocol and additional glue code. It was concluded that separate programs are preferable, and Pieter's work on headers-first sync is crucial. However, further review and testing are needed before implementing the separate-binary proposal.In the upcoming version 0.9 of Bitcoin Core, it will be possible to disable the bitcoind wallet, allowing it to be used solely for payment network access and management. This optimization reduces the process size by 40-200MB, making it suitable for a more optimized border router profile. Recent discussions have suggested running the Bitcoin Core wallet as a separate process from the blockchain engine to achieve the security goal of sandboxing wallet keys and sensitive data from the network-exposed P2P engine. While simple forking was considered, Windows requires an exec-like solution for process separation. Using separate programs with IPC (RPC + P2P) was deemed better, as modern operating systems make localhost sockets just as fast as other IPC methods. Pieter's work on headers-first sync is important for the wallet/blockchain engine split, but it necessitates increased review and test bandwidth. The final decision on the separate-binary proposal is still pending.
Updated on: 2023-08-01T07:41:52.928157+00:00