[bitcoin-dev] Committed bloom filters for improved wallet performance and SPV security

Eric Voskuil eric at voskuil.org
Fri Jan 6 21:50:47 UTC 2017


It is a useful aspect of discussion at this level as it helps higher lever developers understand the actual tradeoffs. Clearly some do not. The market will eventually sort them out, but the discussion both gives developers the necessary information.

It also helps core development prioritize resources. I personally would not prioritize core work to facilitate zero conf. I would even spend time to discourage it, as others have done.

I think the cautions in this thread about doing privacy and system security damaging things (like checking mining pools for zero conf transactions) will prevent some wasted time, which benefits everyone.

e

> On Jan 6, 2017, at 1:35 PM, James MacWhyte via bitcoin-dev <bitcoin-dev at lists.linuxfoundation.org> wrote:
> 
> It's my opinion that the purpose of this list and bitcoin protocol development in general is to build the base functionality that other companies and individuals require to provide usability to the end-user. The 0-conf debate is a UX issue. If end users shouldn't rely on 0-conf, it is up to wallet developers to hide 0-conf transactions or mark them appropriately. Instead of using this list to debate what wallet designers should or shouldn't do, we should just provide the tools and "let the market sort it out". If wallet developers start getting inundated with complaints that 0-conf transactions are causing confusion and loss, they will find a solution. If the tools they require for the solution don't exist, they will come to this list to request action.
> 
> Am I wrong?
> 
> On Fri, Jan 6, 2017 at 12:16 PM Chris Priest via bitcoin-dev <bitcoin-dev at lists.linuxfoundation.org> wrote:
>> Its a method for determining the probability that a valid tx will be
>> mined in a block before that tx actually gets mined, which is useful
>> when accepting payments in situations when you can't wait for the full
>> confirmation. No one is saying all tx validation should be performed
>> by querying miners mempools, that's ridiculous. Obviously once the tx
>> gets it's first confirmation, you go back to determining validity the
>> way you always have. There is no "security catastrophe".
>> 
>> Even if you're running a full node, you can't know for certain that
>> any given tx will make it into a future block. You can't be certain
>> the future miner who finally does mine that tx will mine your TXID or
>> another TXID that spends the same inputs to another address (a double
>> spend). The only way to actually know for certain is to query every
>> single large hashpower mempool.
>> 
>> On 1/4/17, Eric Voskuil <eric at voskuil.org> wrote:
>> > On 01/04/2017 11:06 PM, Chris Priest via bitcoin-dev wrote:
>> >> On 1/3/17, Jonas Schnelli via bitcoin-dev
>> >> <bitcoin-dev at lists.linuxfoundation.org> wrote:
>> >>>
>> >>> There are plenty, more sane options. If you can't run your own full-node
>> >>> as a merchant (trivial), maybe co-use a wallet-service with centralized
>> >>> verification (maybe use two of them), I guess Copay would be one of
>> >>> those wallets (as an example). Use them in watch-only mode.
>> >>
>> >> The best way is to connect to the mempool of each miner and check to
>> >> see if they have your txid in their mempool.
>> >>
>> >> https://www.antpool.com/api/is_in_mempool?txid=334847bb...
>> >> https://www.f2pool.com/api/is_in_mempool?txid=334847bb...
>> >> https://bw.com/api/is_in_mempool?txid=334847bb...
>> >> https://bitfury.com/api/is_in_mempool?txid=334847bb...
>> >> https://btcc.com/api/is_in_mempool?txid=334847bb...
>> >>
>> >> If each of these services return "True", and you know those services
>> >> so not engage in RBF, then you can assume with great confidence that
>> >> your transaction will be in the next block, or in a block very soon.
>> >> If any one of those services return "False", then you must assume that
>> >> it is possible that there is a double spend floating around, and that
>> >> you should wait to see if that tx gets confirmed. The problem is that
>> >> not every pool runs such a service to check the contents of their
>> >> mempool...
>> >>
>> >> This is an example of mining centralization increasing the security of
>> >> zero confirm.
>> >
>> > A world connected up to a few web services to determine payment validity
>> > is an example of a bitcoin security catastrophe.
>> >
>> > e
>> >
>> >
>> _______________________________________________
>> bitcoin-dev mailing list
>> bitcoin-dev at lists.linuxfoundation.org
>> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev at lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20170106/0a3b8a1f/attachment-0001.html>


More information about the bitcoin-dev mailing list