[Bitcoin-development] Deanonymisation of clients in Bitcoin P2P network paper

[Mike Hearn]

>
> [As an aside I agree that there are lots of things to improve here,
> but the fact that users can in theory be forced off of tor via DOS
> attacks is not immediately concerning to me because its a conscious
> choice users would make to abandon their privacy


Bitcoin already has a large population of users who have little or no
technical skill, it wouldn't surprise me at all if it was found to be the
clear majority by now. Assuming success and growth in future, very few
users will make any decisions at all about their privacy, they will just
accept the defaults. In such a world no consumer wallet is going to
directly expose Tor to end users - if used at all it'll just be used behind
the scenes. So automated fallback or control over exits would be a concern
for such wallets.

My gut feeling about this stuff has changed over time. I don't think it'd
be a great idea to tie Bitcoin to Tor too deeply, convenient though its
infrastructure is. Most apps don't need a whole lot of onion routing - a
small amount built in to the p2p layer would be sufficient. Tor is huge,
complicated and could be a liability in future.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20141127/506b3fb5/attachment.html>