Author: Tom Zander 2017-03-08 21:25:46
Published on: 2017-03-08T21:25:46+00:00
On March 8th, 2017, Jonas Schnelli wrote a message about BIP150 on bitcoin-dev mailing list. He mentioned that BIP150 has an optional authentication feature which is fingerprint-free and designed to not reveal any node identity without first getting a crypto-proof from another peer who already knows the identity. He also noted that peers can't be identified without having the identity-keys pre-shared by node operators.However, Tom Zander pointed out that the BIP is vulnerable to a similar issue as having an open wifi base station in a public street. The connection process of BIP involves sending the same hash every time you connect to a node, making it trivial to fingerprint and track a peer's activity. Zander suggested using industry standards such as Diffie-Hellman key exchange instead.Zander's concern was related to privacy and tracking, and he used the analogy of an open wifi base station to explain the issue with BIP150's authentication process. Overall, the discussion highlighted potential weaknesses in BIP150's design and suggested alternative solutions.
Updated on: 2023-06-11T22:08:13.498650+00:00