Author: bfd at cock.lu 2017-03-16 00:25:01
Published on: 2017-03-16T00:25:01+00:00
The slides presented gloss over the fact that compact fraud proofs in Bitcoin aren't possible, and that the "Simplified Payment Verification" (SPV) implementation used today differs significantly from the version described in the Bitcoin white paper. In the white paper, SPV clients had the same security as fully validating nodes, while the implementation of BIP37 provides no security except a vague hope that users are not being lied to. The suggested solution does not preclude unconfirmed transactions from being used with a commitment scheme, but their usefulness for those who aren't validating is limited. During the validationless mining failure around the BIP66 activation, miners produced numerous invalid blocks, making it unreasonable to accept anything except multiple confirmations. The true number for safety is probably more like 60 or 120, not 6, 3, or 1 as some Bitcoin exchanges use today. BIP37 is totally decentralized and can be made more secure, private, and scalable without giving up the utility of unconfirmed transactions, according to Tom Harding. He cautioned readers not to interpret his statement as a belief that all transactions should go on the chain or that the security or privacy of BIP37 compare favorably to any other particular thing. An alternative suggestion was made by Jonas Schnelli to co-use a wallet-service with centralized verification in watch-only mode. Chris Priest pointed out that connecting to the mempool of each miner and checking to see if they have users' transaction IDs in their mempool could be a useful way to determine the likelihood of a transaction being confirmed.
Updated on: 2023-06-11T04:57:35.332559+00:00