[bitcoin-dev] Unique node identifiers
pieter.wuille at gmail.com
Thu Mar 9 01:55:32 UTC 2017
On Wed, Mar 8, 2017 at 5:16 PM, Eric Voskuil <eric at voskuil.org> wrote:
> On 03/08/2017 03:12 PM, Pieter Wuille wrote:
>> In that way, I see BIP150 as an extension of IP addresses, except more
>> secure against network-level attackers. If you believe the concept of
>> people establishing links along existing trust lines is a problem, you
>> should be arguing against features in Bitcoin software that allows
>> configuring preferred IP addresses to connect to as well (-addnode and
>> -connect in Bitcoin Core, for example).
> Weak identity is insufficient to produce the problem scenario that is at
> the heart of my concern (excluding people). It is this "[same] except
> more secure" distinction that is the problem. You brush past that as if
> it did not exist.
So you're saying that a -onlyacceptconnectionsfrom=IP option wouldn't
be a concern to you because it can't exclude people? Of course it can
exclude people - just not your ISP or a state-level attacker.
Please, Eric. I think I understand your concern, but this argument
isn't constructive either.
The proposal here is to introduce visible node identities on the
network. I think that's misguided as node count is irrelevant and
trivial to fake anyway. But you bringing up BIP150 here isn't useful
either. I know that you equate the concept of having verifiable
identity keys in the P2P with a step towards making every node
identifiable, but they are not the same. It's just a cryptographic
tool to keep a certain class of attackers from bypassing restrictions
that people can already make.
More information about the bitcoin-dev