Author: Peter Todd 2013-05-06 16:12:16
Published on: 2013-05-06T16:12:16+00:00
In an email from 2013, Mike Hearn discusses the weaker security of Simplified Payment Verification (SPV) nodes compared to constantly operating full nodes. He suggests building a better SPV-specific system with dedicated nodes backed by fast hardware and high bandwidth internet connections to discourage non-SPV use. These special servers could be vouched for by trusted individuals with SSL certificates to reduce the risk of connecting to malicious ones. Hearn believes that implementing this would not worsen security and could potentially improve it due to accountability. The regular DNS seeds can optimize the other way by accepting that some nodes may turn out to be evil and returning peers from the widest pool possible to limit damage. Hearn also notes that SPV clients are very sensitive to startup time, making it complicated to move away from DNS seeding as a source of IPs for P2P network connections. Implementing a known fresh source of IPs like a DNS seed response and later on bringing up connections to the P2P network from that is difficult and would require partitioning nodes so that seed peers are separated from the peers found via address broadcasts. Hearn hopes that network nodes will be stable enough in the future to always obtain at least one or two connections if a user tries to connect to 30 at once.
Updated on: 2023-06-06T16:10:07.619417+00:00