Author: Eric Voskuil 2016-06-28 21:22:23
Published on: 2016-06-28T21:22:23+00:00
In an email exchange between Peter Todd and Eric Voskuil, they discuss the ability of BIP151 to detect MITM attacks. Todd argues that BIP151 gives users the tools to detect such an attack, comparing it to PGP where many users don't properly check keys. However, Voskuil raises concerns about the ability to check a key of an anonymous peer, arguing that authentication is required to actually guard against MITM attacks. Todd counters by stating that anonymous peers aren't always actually anonymous and that in cases where operators manually use -addnode to peer, an out-of-band key check can be used to determine if an attack is occurring. Voskuil notes that this type of key check is not part of BIP151 and requires a secure channel for authentication.
Updated on: 2023-06-11T18:57:59.479695+00:00