📅 Original date posted:2018-06-01
📝 Original message:On Sat, Jun 2, 2018 at 12:01 AM, Olaoluwa Osuntokun <laolu32 at gmail.com> wrote:
>> A typical network attacker (e.g. someone on your lan or wifi segmet, or
>> someone who has compromised or operates an upstream router) can be all of
>> your peers.
>
> This is true, but it cannot make us accept any invalid filters unless the
> attacker is also creating invalid blocks w/ valid PoW.
I wish that were the true, but absent commitments that wouldn't be the
case unless you were always downloading all the blocks-- since you
wouldn't have any sign that there was something wrong with the
filter-- and downloading all the blocks would moot using the filters
in the first place. :)
Or have I misunderstood you massively here?
For segwit originally I had proposed adding additional commitments
that would make it possible to efficiently prove invalidity of a
block; but that got stripped because many people were of the view that
the "assume you have at least one honest peer who saw that block and
rejected it to tell you that the block was invalid" security
assumption was of dubious value. Maybe it's more justifiable to make
use of a dubious assumption for a P2P feature than for a consensus
feature? Perhaps, I'd rather have both filter types from day one so
that things not implementing the comparison techniques don't get the
efficiency loss or the extra work to change filter types for a
consensus one.
[I think now that we're much closer to a design that would be worth
making a consensus committed version of than we were a few months ago
now, since we are effectively already on a second generation of the
design with the various improvements lately]
Gregory Maxwell [ARCHIVE] /
npub1f2…crwet
2023-06-07 18:12:38
in reply to nevent1q…pr8j
Author Public Key
npub1f2nvlx49er5c7sqa43src6ssyp6snd4qwvtkwm5avc2l84cs84esecrwetSeen on
wss://relay.noswhere.comPublished at
2023-06-07 18:12:38Event JSON
{
"id": "74628039f0dd99761fc3a2868a0f99d6f1b93ea57dddc05a2fd555db4a0b23e9",
"pubkey": "4aa6cf9aa5c8e98f401dac603c6a10207509b6a07317676e9d6615f3d7103d73",
"created_at": 1686161558,
"kind": 1,
"tags": [
[
"e",
"51a146fc69b159388af76f4dbc680a6d56f40357ab923d85aeb4f302294e74e6",
"",
"root"
],
[
"e",
"2ed0365fb786d74f2cda062b1ab14d3ad1434625a971804c9c31fae3b40e1bee",
"",
"reply"
],
[
"p",
"2df3fc2660459521b852c995d4fc1a93938389a5e085677d0ebb33ef92cc5476"
]
],
"content": "📅 Original date posted:2018-06-01\n📝 Original message:On Sat, Jun 2, 2018 at 12:01 AM, Olaoluwa Osuntokun \u003claolu32 at gmail.com\u003e wrote:\n\u003e\u003e A typical network attacker (e.g. someone on your lan or wifi segmet, or\n\u003e\u003e someone who has compromised or operates an upstream router) can be all of\n\u003e\u003e your peers.\n\u003e\n\u003e This is true, but it cannot make us accept any invalid filters unless the\n\u003e attacker is also creating invalid blocks w/ valid PoW.\n\nI wish that were the true, but absent commitments that wouldn't be the\ncase unless you were always downloading all the blocks-- since you\nwouldn't have any sign that there was something wrong with the\nfilter-- and downloading all the blocks would moot using the filters\nin the first place. :)\n\nOr have I misunderstood you massively here?\n\nFor segwit originally I had proposed adding additional commitments\nthat would make it possible to efficiently prove invalidity of a\nblock; but that got stripped because many people were of the view that\nthe \"assume you have at least one honest peer who saw that block and\nrejected it to tell you that the block was invalid\" security\nassumption was of dubious value. Maybe it's more justifiable to make\nuse of a dubious assumption for a P2P feature than for a consensus\nfeature? Perhaps, I'd rather have both filter types from day one so\nthat things not implementing the comparison techniques don't get the\nefficiency loss or the extra work to change filter types for a\nconsensus one.\n\n[I think now that we're much closer to a design that would be worth\nmaking a consensus committed version of than we were a few months ago\nnow, since we are effectively already on a second generation of the\ndesign with the various improvements lately]",
"sig": "a2b3273ab2e80dfd959200ab63cba39caf78e3f0c069b0f65ae53f3a06b501a7ede01ca9fccea46f41d8b07fc2ac7956d7b69a417c6d09e51d2dcbb745f0841c"
}