Jonas Schnelli [ARCHIVE] on Nostr: 📅 Original date posted:2017-02-14 📝 Original message:>> - If you use one of the ...
📅 Original date posted:2017-02-14
📝 Original message:>> - If you use one of the todays available SPV clients, you will reveal
>> your complete wallet content („~all your addresses") to every network
>> observer between you and the node you have connected to. This means, if
>> you pay for a coffee (while being on the owners WIFI), the coffee owner
>> and all the involved ISPs can correlate your wallet with your other
>> internet behavior. Same is true for your cellphone provider if you use
>> cellular.
> What about allowing trusted users connecting on a different connection. Much
> like the RPC one.
> Make that one encrypted. Different usecase, different connection.
>
- What protocol would you use? The same p2p protocol but different port
and/or different process? Why?
- If not the p2p protocol, how would you form a standard? Would it be
worth doing a standard?
- Could you fall back to the current SPV model against random untrusted
peers if you additional channel is not available?
- What are the downsides using current p2p network?
- Would this also solve the security problem of creating designated
channels between peers (the "addnode" thing is based on IPs)?
</jonas>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20170214/1e198586/attachment-0001.sig>
📝 Original message:>> - If you use one of the todays available SPV clients, you will reveal
>> your complete wallet content („~all your addresses") to every network
>> observer between you and the node you have connected to. This means, if
>> you pay for a coffee (while being on the owners WIFI), the coffee owner
>> and all the involved ISPs can correlate your wallet with your other
>> internet behavior. Same is true for your cellphone provider if you use
>> cellular.
> What about allowing trusted users connecting on a different connection. Much
> like the RPC one.
> Make that one encrypted. Different usecase, different connection.
>
- What protocol would you use? The same p2p protocol but different port
and/or different process? Why?
- If not the p2p protocol, how would you form a standard? Would it be
worth doing a standard?
- Could you fall back to the current SPV model against random untrusted
peers if you additional channel is not available?
- What are the downsides using current p2p network?
- Would this also solve the security problem of creating designated
channels between peers (the "addnode" thing is based on IPs)?
</jonas>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 833 bytes
Desc: OpenPGP digital signature
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20170214/1e198586/attachment-0001.sig>