📅 Original date posted:2019-07-21
📝 Original message:An estimated 10+ million wallets depend on that NODE_BLOOM to be
updated. So far, I haven't heard of an alternative, except reading all
transactions and full blocks.
It goes without saying pulling the rug under that many wallets is a
disastrous idea for the adoption of Bitcoin.
> well-known DoS vectors
I asked many people, even some "core developers" at meetings, but nobody
ever was able to explain the DoS vector. I think this is just a myth.
Yes, you can set an overly blurry filter and thus cause useless traffic,
but it never exceeds just drinking from the full firehose (which this
change doesn't prohibit). So where is the point? An attacker will just
switch filtering off, or in fact has never used it.
> It is not anticipated that
> this will result in a significant lack of availability of
> NODE_BLOOM-enabled nodes in the coming years
Why don't you anticipate that? People almost never change defaults,
especially if it's not for their own immediate benefit. At the same
time, release notes in general recommend updating to the latest version.
I *do* anticipate this will reduce the number of nodes usable by a large
enough amount so that the feature will become unstable.
> clients
> which rely on the availability of NODE_BLOOM-supporting nodes on the
> P2P network should consider the process of migrating
> to a more modern (and less trustful and privacy-violating) alternative
> over the coming years.
There is no such alternative.
I strongly recommend postponing this change until an alternative exists
and then give developers enough time to implement, test and roll out.
I also think as long as we don't have an alternative, we should improve
the current filtering for segwit. E.g. testing the scripts themselves
and each scriptPubKey spent by any input against the filter would do,
and it also fixes the main privacy issue with server-side filtering
(wallets have to add two items per address to the filter).
Andreas Schildbach [ARCHIVE] /
npub1xg…adsv7
2023-06-07 18:19:34
in reply to nevent1q…pr9x
Author Public Key
npub1xg2m84malu0cfm4444r0kysx4rgk27e75aj6sz6538kw8fcz627qeadsv7Published at
2023-06-07 18:19:34Event JSON
{
"id": "97ee371ead7baa37a52c920565efdc70428695bca601423f720a36fd057a9368",
"pubkey": "3215b3d77dff1f84eeb5ad46fb1206a8d1657b3ea765a80b5489ece3a702d2bc",
"created_at": 1686161974,
"kind": 1,
"tags": [
[
"e",
"9984a06ec701a8f6ac2773e4a62741a4d9d15af90b1fce9ee03180b7fd819eec",
"",
"root"
],
[
"e",
"96f450b919bae8403e10de17fb4df7f97875bb2a44ba7a5d85e96fcbac18dcc4",
"",
"reply"
],
[
"p",
"cd753aa8fbc112e14ffe9fe09d3630f0eff76ca68e376e004b8e77b687adddba"
]
],
"content": "📅 Original date posted:2019-07-21\n📝 Original message:An estimated 10+ million wallets depend on that NODE_BLOOM to be\nupdated. So far, I haven't heard of an alternative, except reading all\ntransactions and full blocks.\n\nIt goes without saying pulling the rug under that many wallets is a\ndisastrous idea for the adoption of Bitcoin.\n\n\u003e well-known DoS vectors\n\nI asked many people, even some \"core developers\" at meetings, but nobody\never was able to explain the DoS vector. I think this is just a myth.\n\nYes, you can set an overly blurry filter and thus cause useless traffic,\nbut it never exceeds just drinking from the full firehose (which this\nchange doesn't prohibit). So where is the point? An attacker will just\nswitch filtering off, or in fact has never used it.\n\n\u003e It is not anticipated that\n\u003e this will result in a significant lack of availability of\n\u003e NODE_BLOOM-enabled nodes in the coming years\n\nWhy don't you anticipate that? People almost never change defaults,\nespecially if it's not for their own immediate benefit. At the same\ntime, release notes in general recommend updating to the latest version.\nI *do* anticipate this will reduce the number of nodes usable by a large\nenough amount so that the feature will become unstable.\n\n\u003e clients\n\u003e which rely on the availability of NODE_BLOOM-supporting nodes on the\n\u003e P2P network should consider the process of migrating\n\u003e to a more modern (and less trustful and privacy-violating) alternative\n\u003e over the coming years.\n\nThere is no such alternative.\n\nI strongly recommend postponing this change until an alternative exists\nand then give developers enough time to implement, test and roll out.\n\nI also think as long as we don't have an alternative, we should improve\nthe current filtering for segwit. E.g. testing the scripts themselves\nand each scriptPubKey spent by any input against the filter would do,\nand it also fixes the main privacy issue with server-side filtering\n(wallets have to add two items per address to the filter).",
"sig": "79c76b927692c4953b9dcdb52e85f1f4a0e117cb6f835c4c1376339c0ea2ac49281caffa3093bdea57d3b2419446ed574b345b157b9f1e19a070bc3154394d8b"
}