Published on: 2013-05-09T00:57:42+00:00
In a discussion about the usefulness of the blockchain, it has been argued that there are transactions which do not require its double-spend protection. For example, when Facebook bought Instagram or when an employer pays an employee their salary, the legal system is enough to ensure payments are honored. Small payments may also not benefit from the blockchain if the cost of double spending exceeds what the payment is worth. However, for large transactions that are not big enough to justify expensive cross-jurisdictional legal action or where identity verification costs are too high, the blockchain is valuable. In most online transactions today, the blockchain falls within this category.The conversation also delves into various ways to improve the accountability and security of the Bitcoin network. Suggestions include making node identities expensive to obtain, implementing SSL transport for secure peer communication, and creating reputations for nodes based on their reliability and trustworthiness. Non-repudiation is seen as a valuable feature to tie reputation to good behavior, although its implementation at the protocol level is debated. The importance of considering different security measures and their potential implications in the development of protocols like Bitcoin is emphasized.There are also discussions about the vulnerability of the Bitcoin network to network attacks that can induce network splits and lower difficulty to trick a local area of the network into accepting an orphan branch as the true block chain. To protect against such attacks, discovering peers through multiple network routes and steganographic protocols is suggested. Implementing SSL encryption for connections is recommended, but it is noted that SSL alone does not provide non-repudiation. The concept of per-node identity keypairs is proposed as a step towards non-repudiation, although caution is needed to avoid deanonymizing use over Tor. Overall, the conversations highlight the ongoing efforts to enhance the security and effectiveness of the Bitcoin network.In a discussion between Bitcoin developers Peter Todd, Jeff Garzik, and Mike Hearn, various suggestions are made to improve the security and privacy of Bitcoin transactions.Peter Todd recommends working with The Guardian Project to implement Tor on Android phones for improved privacy. He also suggests using torchat, which bundles a special tor build and runs a hidden service.Jeff Garzik agrees with implementing an internal Tor hidden service node for secure communication, stating that it would be more secure than a proxy server approach in certain scenarios.Mike Hearn proposes several ideas to enhance transaction security. He suggests making it clear in the user interface that payments from untrusted sources should not be accepted when connected to WiFi. He also recommends establishing end-to-end encryption through Tor or another method of obfuscation. Additionally, he suggests adding keys to nodes and implementing a protocol message that asks the node to sign the accumulated hash of messages sent on a connection.The conversation also touches on the security of DNS seeds in the Bitcoinj implementation. Garzik suggests selecting peers from a wider pool to reduce effort and notes that Bitcoinj needs fixing regarding over-reliance on DNS seeds. He proposes encrypting and signing node-to-node communication and having seeds return the pubkey for communication.Issues related to delays in finding peers on Android phones and optimizing performance are discussed. Peter Todd suggests using dedicated nodes backed by fast hardware for faster startup. He also proposes discouraging non-Simplified Payment Verification (SPV) use by refusing to relay full blocks. Todd suggests vouching for trusted special servers with SSL certificates. Mike Hearn highlights the weaker security of SPV nodes compared to full nodes and suggests building better SPV-specific systems with dedicated nodes. He believes this could improve security and suggests having trusted individuals vouch for these servers. He acknowledges the challenges of moving away from DNS seeding for SPV clients due to sensitivity to startup time.Overall, the discussions focus on improving privacy, security, and performance in Bitcoin transactions through the implementation of Tor, encryption, signing, and careful selection of peers.
Updated on: 2023-08-01T04:49:38.079464+00:00