Published on: 2019-09-16T16:48:21+00:00
Ruben Somsen suggested using Tadge Dryja's utreexo work for implementing PoW fraud proofs in Bitcoin without a soft fork. However, Dave pointed out some potential issues with this approach. One concern is that the worst-case size of UTXO entries that need to be communicated can be over 200 MB, which could lead to DoS attacks on honest SPV clients by lying peers. Another issue is that nodes providing fraud proofs will require significant additional system resources and might be rare, making it easier to eclipse attack an SPV client relying on these proofs. Additionally, SPV clients currently do not implement all the consensus checks that full nodes perform, and even if fraud proofs are widely deployed, retraining SPV users to wait for higher confirmation counts may be necessary.In a discussion between Ruben and ZmnSCPxj, the security differences between committing or not committing the utreexo hash into a block were debated. While Ruben argued that there is no security difference, ZmnSCPxj countered that invalid inflation can fool SPV nodes while full nodes remain unaffected. Ruben agreed but clarified that his goal was to establish that committing the hash adds no security. He also mentioned other weaknesses of SPVs compared to full nodes, such as reliance on a network of utreexo-supporting full nodes, the need for at least one honest block to be mined, and slower consensus due to requiring honest minority participation.ZmnSCPxj highlighted the distinction between full nodes and SPVs during a sybil attack. In such an attack, a full node will stall, mistakenly thinking that the blockchain has no more miners, while an SPV will follow the false blockchain. ZmnSCPxj recommended that automated payment processing systems using full nodes refuse incoming payments during a sybil attack, generating warnings about the possibility of an attack. Implementing a timeout system could alert higher-layer management systems if a full node is unable to see a new block for an extended period. However, automated payment processing systems using SPVs with PoW fraud proofs may not detect a sybil attack, making them vulnerable to double-spending and false payments.The overall discussion revolves around the security concerns related to Sybil attacks on the Bitcoin blockchain. The comparison highlights the differences in behavior between full nodes and SPVs during such attacks, as well as the potential vulnerabilities of automated payment processing systems. The implementation of PoW fraud proofs without a soft fork using utreexo is also discussed, addressing both the committed and non-committed versions and their implications on security and bandwidth.
Updated on: 2023-08-02T01:20:23.514810+00:00