Author: Jeff Garzik 2014-07-16 12:11:39
Published on: 2014-07-16T12:11:39+00:00
A draft BIP (Bitcoin Improvement Proposal) for 'getutxo' has been proposed by Mike Hearn. The process is ideally an implementation and draft BIP, similar to IETF RFCs. The ability to query UTXOs is useful, as many existing applications have been built on top of bitcoind (gettxout RPC), insight, and other existing tools that make this query available. However, the proposal raises a few concerns. One major security issue is the entirely untrusted view of UTXO, which may be malicious or wrong. This brings up the question of why export potentially dangerous information to victims? The BIP should describe this major security issue and at least one method of solving it.The BIP describes two new messages, 'getutxos' and 'utxos', which perform UTXO lookups given a set of outpoints. Two new fields are defined in the 'getutxos' message - 'checkmempool' and 'outpoints'. The response message 'utxos,' has three fields - 'chainheight,' 'chaintiphash,' and 'result.' The result object is defined by three fields - 'txversion,' 'height,' and 'outputCtXOut.' While the protocol has the same security model as Bloom filtering, it does not show that the output is really unspent or was ever actually created in the block chain. If implemented naively, people could build insecure apps, when they could have just as easily queried a slightly-more-trusted-than-just-a-random-P2P-peer network of N bitcoind's or N Insight servers running somewhere. The BIP should describe this major security issue and at least one method of solving it.
Updated on: 2023-06-09T00:44:32.155095+00:00