Jeff Garzik [ARCHIVE] on Nostr: 📅 Original date posted:2013-05-06 📝 Original message:On Mon, May 6, 2013 at ...
📅 Original date posted:2013-05-06
📝 Original message:On Mon, May 6, 2013 at 12:12 PM, Peter Todd <pete at petertodd.org> wrote:
> I've noticed on my Android phone how it often takes quite awhile to find
> a peer that will actually accept an incoming connection, which isn't
> surprising really: why should a regular node care about responding to
> SPV nodes quickly?
>
> For fast startup you would be better served with dedicated nodes that
> are backed by fast hardware and high bandwidth internet connections.
> You can discourage non-SPV use by refusing to relay full blocks.
>
> You can have trusted individuals vouch for these special servers with
> SSL certificates so you run less of a risk of connecting to a malicious
> one trying to limit what information you see. For the initial
> implementation, maybe just make a quick SSL accessible service with HTTP
> GET so you don't have to integrate SSL into the network protocol and
> have a couple of these HTTP GETable servers running. (IE, the trust is
> actually that the SPV seed is honest)
>
> Security will be no worse than before - if any one server/seed is honest
> you're ok - and hopefully better due to the accountability. Obviously
Indeed, the DNS seeds are just servers run by trusted individuals anyway.
In either case, bitcoinj definitely wants fixing for its over-reliance
on DNS seeds. This has been noted as a problem for a while.
--
Jeff Garzik
exMULTI, Inc.
jgarzik at exmulti.com
Published at
2023-06-07 15:01:16Event JSON
{
"id": "025d57555ef7fc7788566506fc9f316cb031d7dd8655aa42f25177e9c9e6ad9e",
"pubkey": "b25e10e25d470d9b215521b50da0dfe7a209bec7fedeb53860c3e180ffdc8c11",
"created_at": 1686150076,
"kind": 1,
"tags": [
[
"e",
"8f17d7252b4579422dc7433ef0a4296b9c4b424214e310c8a705de524992f8e1",
"",
"root"
],
[
"e",
"953a78953318427e75ee61638cf6a2ffe8ffea747feea72fe4be2dd531cb911a",
"",
"reply"
],
[
"p",
"daa2fc676a25e3b5b45644540bcbd1e1168b111427cd0e3cf19c56194fb231aa"
]
],
"content": "📅 Original date posted:2013-05-06\n📝 Original message:On Mon, May 6, 2013 at 12:12 PM, Peter Todd \u003cpete at petertodd.org\u003e wrote:\n\u003e I've noticed on my Android phone how it often takes quite awhile to find\n\u003e a peer that will actually accept an incoming connection, which isn't\n\u003e surprising really: why should a regular node care about responding to\n\u003e SPV nodes quickly?\n\u003e\n\u003e For fast startup you would be better served with dedicated nodes that\n\u003e are backed by fast hardware and high bandwidth internet connections.\n\u003e You can discourage non-SPV use by refusing to relay full blocks.\n\u003e\n\u003e You can have trusted individuals vouch for these special servers with\n\u003e SSL certificates so you run less of a risk of connecting to a malicious\n\u003e one trying to limit what information you see. For the initial\n\u003e implementation, maybe just make a quick SSL accessible service with HTTP\n\u003e GET so you don't have to integrate SSL into the network protocol and\n\u003e have a couple of these HTTP GETable servers running. (IE, the trust is\n\u003e actually that the SPV seed is honest)\n\u003e\n\u003e Security will be no worse than before - if any one server/seed is honest\n\u003e you're ok - and hopefully better due to the accountability. Obviously\n\nIndeed, the DNS seeds are just servers run by trusted individuals anyway.\n\nIn either case, bitcoinj definitely wants fixing for its over-reliance\non DNS seeds. This has been noted as a problem for a while.\n\n-- \nJeff Garzik\nexMULTI, Inc.\njgarzik at exmulti.com",
"sig": "82f573d9cc833f1bb5b9d5b401e087df204f23129ec541cb164e40a36332d8041751076993b4632fae2ea6305fdcdf4b4f84a47eff765de6934ec4b7b91af618"
}