Author: Peter Todd 2013-07-30 20:11:41
Published on: 2013-07-30T20:11:41+00:00
In an email exchange between Wendell and Peter Todd, Wendell asked if a certain advice applied to both full and Simplified Payment Verification (SPV) nodes. Peter Todd responded affirmatively, but noted that SPV nodes are generally less safe because they depend solely on confirmations for security. He explained how an attacker can target multiple entities that use SPV at the same time by creating an invalid block header with fake payments linked to it. An interesting way to improve SPV security is to request the history of a given txout, which is the previous transactions that funded it. This could be done using a zero-knowledge proof and detecting fraud by sampling some subset of the prior transactions. However, none of the infrastructure is currently set up to do this, and txids aren't constructed in ways that make these kinds of proofs cheap. Peter suggested this could be implemented as a soft-fork in the future.
Updated on: 2023-06-07T14:50:03.112325+00:00