Published on: 2015-07-05T21:08:12+00:00
In a conversation about Bitcoin security, Eric Lombrozo and Justus Ranvier discuss the challenges of achieving perfect security in the cryptocurrency. Lombrozo emphasizes that while Bitcoin aims to be trustless, it does not promise infinite security. He believes that striving for perfection can hinder progress towards good security measures. Ranvier, associated with the Open Bitcoin Privacy Project, agrees that good security is more important than an unachievable standard of perfection.Lombrozo argues that trust has been introduced into various elements of the Bitcoin network, undermining its original security model. Ranvier counters that trust has not completely abandoned the security model, as long as users have access to the complete blockchain. He suggests that improving the security of simplified payment verification (SPV) clients requires a mechanism to prove the invalidity of blocks for honest nodes.Lombrozo further explains how the current state of the Bitcoin network relies on trust in validators, miners, relayers, explorer websites, and online wallets. However, this contradicts the trustlessness that Bitcoin was designed for and compromises its security model. The security model aims to prevent double spending without a trusted third party, requiring attackers to pay a proof of work cost. The model holds for users with access to the complete blockchain but fails for those without it. To address this issue, a mechanism is needed for honest nodes to prove the invalidity of blocks, enhancing the security of SPV clients.Lombrozo also highlights the rising cost of validating the blockchain, making compliance with the original security model impractical for most use cases. Trust has been introduced as a practical way for the network to function, but it deviates from the trustlessness that Bitcoin intended. This has led to an unspecified replacement of the security model, with uncertain boundaries. There is now reliance on a few developers and mining pool operators, potentially compromising the network's benefits. Lombrozo suggests solving the validation cost/bottleneck issue or constructing a new security model that considers these trust assumptions.
Updated on: 2023-08-01T14:14:35.919231+00:00