[bitcoin-dev] Unique node identifiers
pieter.wuille at gmail.com
Wed Mar 8 23:12:01 UTC 2017
On Wed, Mar 8, 2017 at 1:20 PM, Jonas Schnelli via bitcoin-dev
<bitcoin-dev at lists.linuxfoundation.org> wrote:
>> Am 08.03.2017 um 22:09 schrieb Eric Voskuil <eric at voskuil.org>:
>> On 03/08/2017 11:47 AM, Jonas Schnelli wrote:
>>>>> Nodes are by design not supposed to be identifiable in any way
>>>> This is of course my objection to BIP150 ("a way for peers to ...
>>>> guarantee node ownership“).
I believe this discussion is getting sidetracked.
There is a difference between identification/fingerprinting (who are
you?) and proving identity (prove that you are who I think you are?).
BIP150 only facilitates the second, not the first. I don't think you
disagree about that, but I want to make it clear for anyone else
following the discussion.
The question is whether it encourages people to establish known and
pre-shared identities for nodes. Perhaps, but not in any way that
IP/onion addresses don't already. Think about it:
* If you know an IP/onion address, you can verify whether some node
has it. If you know an IP/onion address + BIP150 PSK, you can verify
whether some node has it.
* If you know 2 IP/onion addresses, you cannot figure out whether they
correspond to the same node (and if you can, that is a bug, not by
design). If you know 2 (IP/onion addresses, BIP150 PSK) pairs, you
cannot figure out whether they correspond to the same node (and if you
can, that is a bug, not by design).
* If you receive a connection from a node, you cannot know what their
onion address is. If you receive a connection from a node, you cannot
figure out what their PSK is.
In that way, I see BIP150 as an extension of IP addresses, except more
secure against network-level attackers. If you believe the concept of
people establishing links along existing trust lines is a problem, you
should be arguing against features in Bitcoin software that allows
configuring preferred IP addresses to connect to as well (-addnode and
-connect in Bitcoin Core, for example).
More information about the bitcoin-dev