Author: Eric Voskuil 2016-06-30 12:27:30
Published on: 2016-06-30T12:27:30+00:00
The discussion is centered around the risks and benefits of BIP151, a proposed solution to mitigate man-in-the-middle (MITM) attacks. The proposed construction is said to be comparable in complexity to Bitcoin itself. While it is not prohibitive, it is worthy of consideration. A question arises whether decentralized anonymous credentials is applicable to the authentication problem posed by BIP151. According to Jonas Schnelli, it is not. The core problem posed by BIP151 is a MITM attack which requires that a peer trusts that another is not an attacker. BIP151 would increase the risks for MITM attackers. Although MITM attacks are possible today, they would become more difficult and costly with BIP151. The proposed tool-set can effectively reduce the risks of being MITMled. However, the risks and benefits of BIP151 should be focused on and not dragged into the realm of authentication. The only valid risk mentioned is the false sense of security. Countermeasures could include deploying BIP151 together with the simplest form of authentication and making it clear that it won't solve the privacy/MITM problem without additional authentication. The group is encouraged to elaborate on why using BIP151 would make things worse, without stepping into the realm of authentication/MITM, which is not part of the BIP or possible already today.
Updated on: 2023-06-11T18:58:29.352957+00:00