1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
|
Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191]
helo=mx.sourceforge.net)
by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <decker.christian@gmail.com>) id 1RdOlR-0000UF-Tc
for bitcoin-development@lists.sourceforge.net;
Wed, 21 Dec 2011 16:11:33 +0000
Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of gmail.com
designates 209.85.212.175 as permitted sender)
client-ip=209.85.212.175;
envelope-from=decker.christian@gmail.com;
helo=mail-wi0-f175.google.com;
Received: from mail-wi0-f175.google.com ([209.85.212.175])
by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1RdOlQ-0001fU-D9
for bitcoin-development@lists.sourceforge.net;
Wed, 21 Dec 2011 16:11:33 +0000
Received: by wibhq7 with SMTP id hq7so2986239wib.34
for <bitcoin-development@lists.sourceforge.net>;
Wed, 21 Dec 2011 08:11:26 -0800 (PST)
Received: by 10.180.83.69 with SMTP id o5mr15664407wiy.1.1324483886187; Wed,
21 Dec 2011 08:11:26 -0800 (PST)
MIME-Version: 1.0
Received: by 10.227.159.201 with HTTP; Wed, 21 Dec 2011 08:10:45 -0800 (PST)
In-Reply-To: <028C9CB5-A7C9-4042-BC00-269046E2DD19@ceptacle.com>
References: <CABr1YTebhitO4g-SarZ7H=aoG9a8zW1wd0rfR32o8i0vODbLJw@mail.gmail.com>
<82659F61-0449-47BB-88DC-497E0D02F8A1@ceptacle.com>
<CALxbBHUXEJLRDZ=RS1vuvkm7rDjFUPir0sU__f6TJXiTTQxWzA@mail.gmail.com>
<4EEE58CA.5090902@justmoon.de>
<67FAA76C-1734-471D-A3D8-31E5216DD512@ceptacle.com>
<CABr1YTdUQeAuw2vwZS=VvDU1dTrN+eqjHRXMsZp2axcxbTsO8A@mail.gmail.com>
<028C9CB5-A7C9-4042-BC00-269046E2DD19@ceptacle.com>
From: Christian Decker <decker.christian@gmail.com>
Date: Wed, 21 Dec 2011 17:10:45 +0100
Message-ID: <CALxbBHW4v2FohtaFi0MRey5RoBQodEK5kPsGCAv5xVmmDOOjZQ@mail.gmail.com>
To: =?ISO-8859-1?Q?Michael_Gr=F8nager?= <gronager@ceptacle.com>
Content-Type: multipart/alternative; boundary=f46d044288908c062c04b49c6fbc
X-Spam-Score: -0.6 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(decker.christian[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
1.0 HTML_MESSAGE BODY: HTML included in message
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1RdOlQ-0001fU-D9
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Protocol extensions
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Wed, 21 Dec 2011 16:11:34 -0000
--f46d044288908c062c04b49c6fbc
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
For the future evolution without considering DHTs:
While I think we will sooner or later have supernodes, I don't think they
will need to be trusted too much.
Supernodes will be those nodes that verify all transactions and make them
available to miners. Since miners will become more and more specialized
these supernodes are likely to be owned by the miners themself. To be a
miner either you need to verify all the transactions you include (otherwise
others might be able to find an error in your block and thus drop it) or
have someone that verifies them for you. In the end I think we'll end up
with a hierarchical network, with the miners/supernodes tighly
interconnected at the top and the lightweight clients that simply verify
transactions (or their inputs to be precise) that are destined for them at
the bottom.
As for the DHT we had a few brainstorming sessions a while back on the
forum http://bit.ly/sc2RLZ (gmaxwell didn't like it then either :D)
Forcing someone to participate in a fixed position in the block storage
network is a good way to reduce the risk of a sybil attack as Michael said.
The hash should include only information that cannot be changed by the
user, so IP can be used, but including the port is risky.
Broadcasting the transactions would not need to be done, since miners fetch
them from their storage place, alternatively we could use the inv broadcast
to notify peers about a new block/transaction and let it retrieve them from
the permanent storage (DHT or block storage network). If we route traffic
internally in the DHT we could even start caching at nodes leading to the
real location, since announcements would lead to flashcrowds, putting heavy
load on the responsible nodes. Caching is not a risk since the hash of the
object to be retrieved is already known.
Regards,
Chris
On Wed, Dec 21, 2011 at 1:41 PM, Michael Gr=F8nager <gronager@ceptacle.com>=
wrote:
> I find it likely that we will at some point have supernodes. If we have
> browser based wallets then the server for these automatically becomes
> supernodes. Further, if we move along that direction, it becomes much
> simpler to use both the scheme I proposed or to use a a lot of other
> schemes for sharing the validation work on a farm constituting the
> supernode.
>
> However, if we want to keep bitcoin in a real p2p setup and enable
> scalability in terms of ensuring both thin and fat client to connect then
> we need to go along the path I propose.
>
> Actually, after thinking a bit more about the possible new attack vector =
I
> don't find it that alarming - if you still require 7 confirmations of any
> bigger transaction before you, as receiver accepts the transaction as pay=
ed
> you will not risk anything. The question is then if it is sufficiently ea=
sy
> to fake small transaction to e.g. gain access to micropayment based web
> services. I would again say no - the requirement that you have ok from e.=
g.
> 8 different A.B nodes will make it extremely difficult to cheat, and that
> would even require you to gain some level of control over the network tha=
t
> the service you want to cheat is connected through.
>
> This means that you should not divide the hash space more finely than you
> would at all times be able to find 8 different A.B nodes. As the number o=
f
> clients grows you can then divide the hash space further. (with 100000
> nodes today and a division into 512 parts you would have approx 200 nodes
> to choose from).
>
> Cheers,
>
> M
>
>
>
> On 21/12/2011, at 12:42, Eric Lombrozo wrote:
>
> > Is it just me or does it seem inevitable that at some point supernodes
> > will emerge that other nodes trust to validate transactions for them?
> > Supernodes needn't even store the entire block chain and transaction
> > pool...it would be sufficient that they keep lists of IP addresses of
> > other trustworthy nodes and partition them into a hashspace.
> >
> > Anonymous peers have no reputation to defend...but a trusted supernode
> > would, which could provide just enough incentive for the supernode to
> > do its best to ensure the nodes it vouches for are indeed legit. Of
> > course, unless the supernode is validating the entire block chain and
> > transaction pool itself, it could only assess the trustworthiness of
> > other nodes by performing random sampling.
> >
> > Michael, I really like your ideas and the clarity you bring to the
> > issue. Regarding the potential attack vector you mention, would it be
> > possible to partition the hashspace to minimize the risk that an
> > attacker can manage to disproportionately gain control over a part of
> > the hashspace?
> >
> >
> -------------------------------------------------------------------------=
-----
> > Write once. Port to many.
> > Get the SDK and tools to simplify cross-platform app development. Creat=
e
> > new or port existing apps to sell to consumers worldwide. Explore the
> > Intel AppUpSM program developer opportunity. appdeveloper.intel.com/joi=
n
> > http://p.sf.net/sfu/intel-appdev
> > _______________________________________________
> > Bitcoin-development mailing list
> > Bitcoin-development@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
>
>
>
>
>
> -------------------------------------------------------------------------=
-----
> Write once. Port to many.
> Get the SDK and tools to simplify cross-platform app development. Create
> new or port existing apps to sell to consumers worldwide. Explore the
> Intel AppUpSM program developer opportunity. appdeveloper.intel.com/join
> http://p.sf.net/sfu/intel-appdev
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>
--f46d044288908c062c04b49c6fbc
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
For the future evolution without considering DHTs:<br>While I think we will=
sooner or later have supernodes, I don't think they will need to be tr=
usted too much.<br>Supernodes will be those nodes that verify all transacti=
ons and make them available to miners. Since miners will become more and mo=
re specialized these supernodes are likely to be owned by the miners themse=
lf. To be a miner either you need to verify all the transactions you includ=
e (otherwise others might be able to find an error in your block and thus d=
rop it) or have someone that verifies them for you. In the end I think we&#=
39;ll end up with a hierarchical network, with the miners/supernodes tighly=
interconnected at the top and the lightweight clients that simply verify t=
ransactions (or their inputs to be precise) that are destined for them at t=
he bottom.<br>
<br>As for the DHT we had a few brainstorming sessions a while back on the =
forum <a href=3D"http://bit.ly/sc2RLZ">http://bit.ly/sc2RLZ</a> (gmaxwell d=
idn't like it then either :D)<br>Forcing someone to participate in a fi=
xed position in the block storage network is a good way to reduce the risk =
of a sybil attack as Michael said. The hash should include only information=
that cannot be changed by the user, so IP can be used, but including the p=
ort is risky.<br>
<br>Broadcasting the transactions would not need to be done, since miners f=
etch them from their storage place, alternatively we could use the inv broa=
dcast to notify peers about a new block/transaction and let it retrieve the=
m from the permanent storage (DHT or block storage network). If we route tr=
affic internally in the DHT we could even start caching at nodes leading to=
the real location, since announcements would lead to flashcrowds, putting =
heavy load on the responsible nodes. Caching is not a risk since the hash o=
f the object to be retrieved is already known.<br>
<br>Regards,<br>Chris<br><br><div class=3D"gmail_quote">On Wed, Dec 21, 201=
1 at 1:41 PM, Michael Gr=F8nager <span dir=3D"ltr"><<a href=3D"mailto:gr=
onager@ceptacle.com">gronager@ceptacle.com</a>></span> wrote:<br><blockq=
uote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc =
solid;padding-left:1ex">
I find it likely that we will at some point have supernodes. If we have bro=
wser based wallets then the server for these automatically becomes supernod=
es. Further, if we move along that direction, it becomes much simpler to us=
e both the scheme I proposed or to use a a lot of other schemes for sharing=
the validation work on a farm constituting the supernode.<br>
<br>
However, if we want to keep bitcoin in a real p2p setup and enable scalabil=
ity in terms of ensuring both thin and fat client to connect then we need t=
o go along the path I propose.<br>
<br>
Actually, after thinking a bit more about the possible new attack vector I =
don't find it that alarming - if you still require 7 confirmations of a=
ny bigger transaction before you, as receiver accepts the transaction as pa=
yed you will not risk anything. The question is then if it is sufficiently =
easy to fake small transaction to e.g. gain access to micropayment based we=
b services. I would again say no - the requirement that you have ok from e.=
g. 8 different A.B nodes will make it extremely difficult to cheat, and tha=
t would even require you to gain some level of control over the network tha=
t the service you want to cheat is connected through.<br>
<br>
This means that you should not divide the hash space more finely than you w=
ould at all times be able to find 8 different A.B nodes. As the number of c=
lients grows you can then divide the hash space further. (with 100000 nodes=
today and a division into 512 parts you would have approx 200 nodes to cho=
ose from).<br>
<br>
Cheers,<br>
<br>
M<br>
<div class=3D"HOEnZb"><div class=3D"h5"><br>
<br>
<br>
On 21/12/2011, at 12:42, Eric Lombrozo wrote:<br>
<br>
> Is it just me or does it seem inevitable that at some point supernodes=
<br>
> will emerge that other nodes trust to validate transactions for them?<=
br>
> Supernodes needn't even store the entire block chain and transacti=
on<br>
> pool...it would be sufficient that they keep lists of IP addresses of<=
br>
> other trustworthy nodes and partition them into a hashspace.<br>
><br>
> Anonymous peers have no reputation to defend...but a trusted supernode=
<br>
> would, which could provide just enough incentive for the supernode to<=
br>
> do its best to ensure the nodes it vouches for are indeed legit. Of<br=
>
> course, unless the supernode is validating the entire block chain and<=
br>
> transaction pool itself, it could only assess the trustworthiness of<b=
r>
> other nodes by performing random sampling.<br>
><br>
> Michael, I really like your ideas and the clarity you bring to the<br>
> issue. Regarding the potential attack vector you mention, would it be<=
br>
> possible to partition the hashspace to minimize the risk that an<br>
> attacker can manage to disproportionately gain control over a part of<=
br>
> the hashspace?<br>
><br>
> ----------------------------------------------------------------------=
--------<br>
> Write once. Port to many.<br>
> Get the SDK and tools to simplify cross-platform app development. Crea=
te<br>
> new or port existing apps to sell to consumers worldwide. Explore the<=
br>
> Intel AppUpSM program developer opportunity. <a href=3D"http://appdeve=
loper.intel.com/join" target=3D"_blank">appdeveloper.intel.com/join</a><br>
> <a href=3D"http://p.sf.net/sfu/intel-appdev" target=3D"_blank">http://=
p.sf.net/sfu/intel-appdev</a><br>
> _______________________________________________<br>
> Bitcoin-development mailing list<br>
> <a href=3D"mailto:Bitcoin-development@lists.sourceforge.net">Bitcoin-d=
evelopment@lists.sourceforge.net</a><br>
> <a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-develo=
pment" target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitco=
in-development</a><br>
<br>
<br>
<br>
<br>
<br>
---------------------------------------------------------------------------=
---<br>
Write once. Port to many.<br>
Get the SDK and tools to simplify cross-platform app development. Create<br=
>
new or port existing apps to sell to consumers worldwide. Explore the<br>
Intel AppUpSM program developer opportunity. <a href=3D"http://appdeveloper=
.intel.com/join" target=3D"_blank">appdeveloper.intel.com/join</a><br>
<a href=3D"http://p.sf.net/sfu/intel-appdev" target=3D"_blank">http://p.sf.=
net/sfu/intel-appdev</a><br>
_______________________________________________<br>
Bitcoin-development mailing list<br>
<a href=3D"mailto:Bitcoin-development@lists.sourceforge.net">Bitcoin-develo=
pment@lists.sourceforge.net</a><br>
<a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-development=
" target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-de=
velopment</a><br>
</div></div></blockquote></div><br>
--f46d044288908c062c04b49c6fbc--
|