[bitcoin-dev] A compromise between BIP101 and Pieter's proposal

Adam Back adam at cypherspace.org
Fri Jul 31 13:17:58 UTC 2015

That's all well and fine.  But the pattern of your argument I would
say is "arguing security down" ie saying something is not secure
anyway, nothing is secure, everything could be hacked, so lets forget
that and give up, so that what is left is basically no
decentralisation security.

It is not paranoid to take decentralisation security seriously, it is
necessary because it is critical to Bitcoin.  Security in depth
meaning take what security you can get from available defences.


On 31 July 2015 at 15:07,  <jl2012 at xbt.hk> wrote:
> Yes, data-center operators are bound to follow laws, including NSLs and gag
> orders. How about your ISP? Is it bound to follow laws, including NSLs and
> gag orders?
> https://edri.org/irish_isp_introduces_blocking/
> Do you think everyone should run a full node behind TOR? No way, your
> repressive government could just block TOR:
> http://www.technologyreview.com/view/427413/how-china-blocks-the-tor-anonymity-network/
> Or they could raid your home and seize your Raspberry Pi if they couldn't
> read your encrypted internet traffic. You will have a hard time proving you
> are not using TOR for child porn or cocaine.
> https://en.wikipedia.org/wiki/Encryption_ban_proposal_in_the_United_Kingdom
> If you are living in a country like this, running Bitcoin in an offshore VPS
> could be much easier. Anyway, Bitcoin shouldn't be your first thing to worry
> about. Revolution is probably your only choice.
> Data-centers would get hacked. How about your Raspberry Pi?
> Corrupt data-center employee is probably the only valid concern. However,
> there is nothing (except cost) to stop you from establishing multiple full
> nodes all over the world. If your Raspberry Pi at home could no longer fully
> validate the chain, it could become a header-only node to make sure your VPS
> full nodes are following the correct chaintip. You may even buy hourly
> charged cloud hosting in different countries to run header-only nodes at
> negligible cost.
> There is no single point of failure in a decentralized network. Having
> multiple nodes will also save you from Sybil attack and geopolitical risks.
> Again, if all data-centres and governments in the world are turning against
> Bitcoin, it is delusional to think we could fight against them without using
> any real weapon.
> By the way, I'm quite confident that my current full node at home are
> capable of running at 8MB blocks.
> Quoting Adam Back <adam at cypherspace.org>:
>> I think trust the data-center logic obviously fails, and I was talking
>> about this scenario in the post you are replying to.  You are trusting the
>> data-center operator period.  If one could trust data-centers to run
>> verified code, to not get hacked, filter traffic, respond to court orders
>> without notifying you etc that would be great but that's unfortunately not
>> what happens.
>> Data-center operators are bound to follow laws, including NSLs and gag
>> orders.  They also get hacked, employ humans who can be corrupt,
>> blackmailed, and themselves centralisation points for policy attack.
>> Snowden related disclosures and keeping aware of security show this is
>> very
>> real.
>> This isn't much about bitcoin even, its just security reality for hosting
>> anything intended to be secure via decentralisation, or just hosting in
>> general while at risk of political or policy attack.
>> Adam

More information about the bitcoin-dev mailing list