Author: Alex Mizrahi 2015-05-13 12:26:17
Published on: 2015-05-13T12:26:17+00:00
Consider the example of a user who wants to accept Bitcoin payments from his customers. He downloads the recent version of Bitcoin Core and syncs it for several hours or days. After syncing, he gives his address to the customer who pays, and the user waits for 10 confirmations before shipping the goods. However, some time later, he finds out that his router or ISP's router was hijacked, and his Bitcoin node couldn't connect to any legitimate nodes, resulting in fake bitcoins. The issue is that Bitcoin Core did a poor job of confirming transactions and couldn't identify the fake ones due to the hack. If a node connects to 99 dishonest nodes and one honest node, it can still sync with the main network, but it's not suitable against network-level attacks like the router hack. This attack is plausible, and if SSL could be hacked by hacking the router, people wouldn't use it. Checkpoints add extra security as they make it hard to impossible to perform an attack scenario.Without checkpoints, an attacker could prepare a fork for $10, but with them, it would cost at least $1000, making a significant difference. While some may debate the reasons behind adding checkpoints, they do make it difficult to perform such attacks. Without checkpoints, a laptop is enough to perform this attack, while with checkpoints, access to significant amounts of mining ASICs is necessary.
Updated on: 2023-06-09T20:44:17.375324+00:00