Author: Eric Voskuil 2016-06-30 11:56:42
Published on: 2016-06-30T11:56:42+00:00
In this email correspondence between Eric Voskuil and Alfie John, they discuss the complexity of building a distributed system that requires authentication without identity and central control. Eric proposes that end-to-end encryption should be used between nodes to solve the problem posed by BIP151 - a MITM attack. However, Eric also acknowledges that widespread application of this model is potentially problematic because designing such a distributed system is more challenging than Bitcoin itself. Trust on first use (TOFU) does not solve this problem either. Alfie suggests that the paper "Decentralized Anonymous Credentials" by Christina Garman, Matthew Green, Ian Miers may be useful in the discussion. However, Eric proposes that decentralized anonymous credentials are not applicable to the authentication problem posed by BIP151. The core problem posed by BIP151 is a MITM attack, and the implied solution (BIP151 + authentication) requires that a peer trusts that another is not an attacker. Authentication of an anonymous peer cannot achieve this objective because the identity of a peer must be known to the relying peer, either directly or transitively. DAC is applicable in cases where identity is never required, such as first-come-first-served name registration, where proof that a party in question is the original registrant is needed. All participants are presumed to be "good". Eric believes that a distributed anonymous system is fundamentally at odds with isolation of "good" vs. "bad" participants who comply with protocol rules, and any attempt to resolve this conflict will result in the system no longer allowing anonymous participation. He admits that he hasn't found a way out of this realization yet.
Updated on: 2023-06-11T18:57:46.462878+00:00