Author: Gregory Maxwell 2018-05-17 20:45:33
Published on: 2018-05-17T20:45:33+00:00
Jim Posen has expressed his opinion that designing the protocol in an insecure way because some light clients have historically taken shortcuts is overly pessimistic. He believes any non-committed form is inherently insecure and can be mooted by a nearby network attacker or an eclipse attacker. Jim argues that non-comparison based validation doesn't seem useful without mooting all the bandwidth improvements. According to him, no implementation of these measures exists in any cryptocurrency ever, and this isn't just a matter of 'some lite clients.' Jim suggests that the protocol should provide clients with additional security options if possible. However, he questions what the cost of this additional security would be and whether it would translate into a meaningful increase in delivered security for any particular application. Jim thinks that a reduction in filter bandwidth could be achieved by considering his trade-off suggestion, which allows a lite client to verify that multiple parties are offering the same map for a given block, among other things.Although Jim's proposal would still allow downloading a block and verifying that all the outpoints in the block were included, it would not permit a lite client to download a whole block and completely verify the filter. Instead, they could only tell if the filter at least told them about all the outputs in the block, but if extra bits were set or inputs were omitted, they couldn't tell. However, the filters for a given FP rate would be about half the current size, making it worthwhile to consider the trade-off.Monitoring inputs by scriptPubkey vs input-txid also has a massive advantage for parallel filtering, according to Jim. Peter's point that filtering by txid of spending transaction may be preferable to filtering by outpoint spend in many cases is valid. However, this wouldn't work for malleable transactions. Jim thinks that dropping txids as Matt suggests is an obvious win that costs nothing. Replacing inputs with scripts as Jim suggested has some trade-offs.
Updated on: 2023-05-20T08:30:37.541144+00:00