[Bitcoin-development] Draft BIP for geutxos message

Gregory Maxwell gmaxwell at gmail.com
Wed Jul 16 14:57:06 UTC 2014

On Wed, Jul 16, 2014 at 7:25 AM, Jeff Garzik <jgarzik at bitpay.com> wrote:
> On the specific issue I raised, the BIP only says "Querying multiple
> nodes and combining their answers can be a partial solution to this"
> which is not very helpful advice.  That's a partial answer to my
> question #2 with zero response for question #3.
> This sort of thing really needs a warning label like "use only if you
> don't have a trusted solution" and discussion of that choice is
> completely absent (question #1).

In IETF documents there is a required security considerations section,
see http://tools.ietf.org/html/bcp72

In many of our documents the whole thing is a security consideration
but for ones like these we should probably always document the
weaknesses as set out from the rest of the document.  See how BIP32
enumerates the one-private-key-breaks the chain.

On this point the getutxos document is doing well.  Perhaps breaking
some things out of the auth section into a security /
security-limitations section.  In particular, can this document
specifically call out that a local network attacker can MITM all the

(If Mike would prefer, I can send a diff with proposed changes)

More information about the bitcoin-dev mailing list