Author: Nick ODell 2016-06-29 00:06:41
Published on: 2016-06-29T00:06:41+00:00
The discussion on bitcoin-dev mailing list revolves around the two types of security: link-level and node-level. Link-level security requires encryption and authentication while node-level security requires identity authentication to prevent connection to an "evil node". Bitcoin is designed to assume that some connected nodes may be evil, but it does not mean that it should avoid protecting users from such nodes. The concern is raised about the issue of authentication in a mesh network as it is one of the unsolved problems in computer science. However, using a secure side channel can enable widespread authentication. BIP151 doesn't aim to protect against connecting to evil Bitcoin nodes, which require identity authentication. In summary, unauthenticated encryption should be prioritized to force attackers to use active attacks, and session ID in BIP151 is used for out-of-band key check authentication.
Updated on: 2023-06-11T19:00:13.904607+00:00