Author: Jim Posen 2018-06-02 02:02:38
Published on: 2018-06-02T02:02:38+00:00
The context talks about the security model for light clients in the Bitcoin network. The author suggests that requiring authenticated connections to semi-trusted peers and selecting a set of servers that will not collude to attack can provide good security guarantees even if the local network is compromised by an attacker. BIP 150 can be used for this purpose. Clients can also require a certain number of connections to peers that have served them filters honestly in the past, which is similar to trust-on-first-use. However, this scheme would require nodes to advertise a pubkey per address, which is not supported by BIP 150/151 at present. The author believes that this security model is acceptable for light clients as it allows them to continue syncing even in the presence of a malicious peer.The other concern raised by Greg is regarding using a filter for P2P communications that might be replaced in the future. The author is open to defining two filter types in the BIP, one for output script + outpoint and the other for output script + prev script. But some people may object to the idea of full nodes storing two different filters that overlap in contents. If only one filter type has to be picked, the author strongly supports output script + outpoint so that BIP 157 can be deployed without a consensus change. It is possible that better filter design might be discovered through deployment and adoption.
Updated on: 2023-06-13T02:30:46.535674+00:00