Author: Luke Dashjr 2016-03-24 02:16:55
Published on: 2016-03-24T02:16:55+00:00
On March 23, 2016, Jonas Schnelli submitted a draft version of two Bitcoin Improvement Proposals (BIPs) to the bitcoin-dev mailing list. The BIPs involve p2p authentication for peers. Each peer that supports p2p authentication must provide two user editable databases, and a peer can send an authenticate message by wrapping the desired message into an auth-message-wrapper to the remote peer. Responding peers must ignore - rather than ban - the requesting peer after five unsuccessfully authentication tries to avoid resource attacks. Peers should display the identity-pubkey as an identity-address to the users, which is a base58-check encoded ripemd160(sha256) hash. The proposal is backward compatible, so non-supporting peers will ignore the auth message. Encrypting traffic between peers is already possible with VPN, Tor, stunnel, curveCP, or any other encryption mechanism on a deeper OSI level. However, most mechanisms are not practical for SPV or other DHCP/NAT environments and will require significant know-how in how to set up a secure channel.The responding peer will set a session timeout time-interval, and the default must be 1,800 seconds. The proposal is backward compatible, so non-supporting peers will ignore the enc* messages. If this becomes a general-purpose identity system, it will need more than a simple EC keypair. At the very least, it should probably use a HD chain and use a new key for every signature.
Updated on: 2023-06-11T04:35:28.437477+00:00