Difference between revisions of "Talk:Thin Client Security"

From Bitcoin Wiki
Jump to: navigation, search
(response to Luke-Jr)
Line 26: Line 26:
  
 
* Good point, I have partitioned "full-chain" into two separate subtypes (those which do and those which don't retain blocks after validating)
 
* Good point, I have partitioned "full-chain" into two separate subtypes (those which do and those which don't retain blocks after validating)
* SPV clients do not verify block height.  I can always take the existing 345308-block bitcoin blockchain, append a single block that re-spends coins I sent two years ago, and use that 345309-block chain to fool an SPV client.  This attack costs as much as one block reward.  I cannot fool the Satoshi client this way even with the hashpower of the entire network at my disposal.
+
* SPV clients do not verify block height.  I can take the existing 345308-block bitcoin blockchain, append a single block that re-spends coins I sent two years ago, and use that 345309-block chain to fool an SPV client.  This attack costs as much as one block reward.  I cannot fool the Satoshi client this way even with the hashpower of the entire network at my disposal.
 
* True.  I think you may have hastily misread "transaction validity" as "block validity".
 
* True.  I think you may have hastily misread "transaction validity" as "block validity".
 
* True.  I think you may have hastily misread "transaction validity" as "block validity".
 
* True.  I think you may have hastily misread "transaction validity" as "block validity".

Revision as of 23:19, 26 February 2015

Lapp0, please stop deleting my content, which has been on this wiki page for over three years now. If you think it's suddenly no longer true, discuss here first. In particular, you wrote:

  Transactions don't become more valid with more block preceding it's proof.

Chains become more trustworthy as they become (difficultywise-)longer. This is the most basic principle of blockchain consensus.

I have to keep putting that "(difficultywise-)" in there so pedantic people don't pounce on me... a 100,000-block chain all at difficulty=1 is "difficultywise-shorter" than a 100-block chain at current difficulty levels (or a one-block chain for that matter). It's not the number of blocks, but their total difficulty.

You also wrote:

 The vagueness of what Full-chain is should be elaborated on probably explaining it uses SPV proofs

No, full-chain clients such as the Satoshi client do not use SPV in any way, shape, or form. A full-chain client is a client that implements the main algorithm outlined in Satoshi's whitepaper.

Eldentyrell (talk) 03:05, 26 February 2015 (UTC)

This page looks very confused/wrong in many respects. I'm not sure how it can be fixed easily, since it is unclear what exactly it intends to say.

  • Generally "thin clients" do not include pruned full nodes, which have processed every block, but afterward discarded (and no longer store) them.
  • Even thin clients generally verify block heights as well as depth.
  • Thin clients never (neither for height nor depth) check blocks are valid ("well-formed"?). This is the fundamental difference between full nodes vs thin clients.
  • Transaction validity is independent of its inclusion in any blockchain.

--Luke-jr (talk) 07:58, 26 February 2015 (UTC)


Luke, thanks for your thoughts. Regarding your points,

  • Good point, I have partitioned "full-chain" into two separate subtypes (those which do and those which don't retain blocks after validating)
  • SPV clients do not verify block height. I can take the existing 345308-block bitcoin blockchain, append a single block that re-spends coins I sent two years ago, and use that 345309-block chain to fool an SPV client. This attack costs as much as one block reward. I cannot fool the Satoshi client this way even with the hashpower of the entire network at my disposal.
  • True. I think you may have hastily misread "transaction validity" as "block validity".
  • True. I think you may have hastily misread "transaction validity" as "block validity".

Thanks again!

Eldentyrell (talk) 23:14, 26 February 2015 (UTC)

Full-chain is not well defined and isn't common terminology. If you are saying the Satoshi client is full-chain, then you probably mean full node. "full network node" or "full node" is common terminology and is used in the original Bitcoin whitepaper.

Your definition of transaction validity isn't common and is even incompatible with the Bitcoin whitepaper.

You added "A full-chain client trusts the difficultywise-longest block chain it can find." which is only true for SPV clients, so you can see why I would be confused as to what this poorly defined "full-chain" client does.

I don't think the bitcoin wiki is an appropriate place to redefine terminology.

Finally, I am not deleting your content, I am deleting the wikis content because it is wrong. Please stop blindly reverting my edits, you removing spelling corrections indicates that you don't care about the accuracy of the wiki as much as maximizing the amount of text written by you on the wiki. --Lapp0 (talk)