Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id E4E93A3F for ; Mon, 24 Aug 2015 15:21:48 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-ig0-f173.google.com (mail-ig0-f173.google.com [209.85.213.173]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id C889F178 for ; Mon, 24 Aug 2015 15:21:47 +0000 (UTC) Received: by igbjg10 with SMTP id jg10so63812917igb.0 for ; Mon, 24 Aug 2015 08:21:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=vinumeris.com; s=google; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; bh=Es3/gxxB0yczcM4q86DwMfppf78OZ9QZL2VP6psxUzs=; b=PLImgnUaDuEcoiGwqoXmW15zsVdG/0cwoVyn1gezm/xuTO8V90ObGZ25gmDh32P2eN eM28mV72xYpoqXy43Liwj5cuKbUdttYs6qIDjFemuOVNDy6c5DeP/HY546kUNWQX5S9b lideDWsgvLw8o1MLmM1hJicB0vU0zCQMKAohQ= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:date :message-id:subject:from:to:cc:content-type; bh=Es3/gxxB0yczcM4q86DwMfppf78OZ9QZL2VP6psxUzs=; b=Londfic//3Cxm6ubnyWAZ36X0Q2U72i0Ymjt8nXZWyRiAbq08TNskwWDW4fWgRgEBs YRITWgWcl71D5YEdPIPHVBEdTYTIFfl5zauOl8nFNU1ZCPy1W4dpQnHtJLNGi5I3eLRZ gsCO3Pfc3vomweDJQ24j1DHo3o1zbKltRXgvBVz1vMkX6HczQMjyA7IvppfIv3ebzedI HhLCuApAcIF/mln16N1Ldzy1OB/r4WZqN6BUu0/DO8Js9fAu+G/S4GUZp3kn0zPCGwoo rgAaXl9lLTJTcfvrXdF2loI/fpAqSVZ7ledlDCjgj9opHlQ77bEUzR2oP4oW+WTfvQx1 mbtA== X-Gm-Message-State: ALoCoQkWaVN8CDm797JAL2+7l2CnPsJr6HQMxZxw/phOQVSHP7E3ELVAutCGQqe4hrzbsVahN9Xo MIME-Version: 1.0 X-Received: by 10.50.12.34 with SMTP id v2mr9181937igb.69.1440429707152; Mon, 24 Aug 2015 08:21:47 -0700 (PDT) Received: by 10.50.208.7 with HTTP; Mon, 24 Aug 2015 08:21:47 -0700 (PDT) In-Reply-To: <55D7AF85.2020707@thinlink.com> References: <55D6AD19.10305@mattcorallo.com> <20150821055534.GA27259@muck> <20150821060716.GA31674@muck> <55D7AF85.2020707@thinlink.com> Date: Mon, 24 Aug 2015 17:21:47 +0200 Message-ID: From: Mike Hearn To: Tom Harding Content-Type: multipart/alternative; boundary=089e0122efea04f6b0051e102d2a X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,HTML_MESSAGE,RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Cc: Bitcoin Dev Subject: Re: [bitcoin-dev] Revisiting NODE_BLOOM: Proposed BIP X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Development Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 24 Aug 2015 15:21:49 -0000 --089e0122efea04f6b0051e102d2a Content-Type: text/plain; charset=UTF-8 NACK: stated rationales are invalid: both privacy and DoS (see below for experimental data). 1 - Bloom filtering doesn't add privacy for node operators, it adds privacy for lightweight wallets. And in fact, with a high FP rate it does do that. Most users want both low bandwidth usage *and* query scrambling, which is harder to do but not impossible. There is a clear roadmap for how to implement that with smarter clients: no protocol changes are needed. So the first stated rationale is spurious: disabling Bloom filtering doesn't improve privacy for anyone. It can only hurt. 2 - SPV usage is rising, not falling. Peter's data is flawed because he ignored the fact that SPV clients tend to connect, sync, then disconnect. They don't remain connected all the time. So merely examining a random snapshot of what's connected at a single point in time will give wildly varying and almost random results. A more scientifically valid approach is to check the number of actual connections over a long span of time. Here's the data from my node: mike@plan99:~/.bitcoin$ grep -Po 'receive version message: ([^:]*):' debug.log |sort |uniq -c|sort -n|tac|head -n 10 11027 receive version message: /getaddr.bitnodes.io: 6264 receive version message: /bitcoinseeder: 4944 receive version message: /bitcoinj: 2531 receive version message: /Snoopy: 2362 receive version message: /breadwallet: 1127 receive version message: /Satoshi: 204 receive version message: /Bitcoin XT: 128 receive version message: /BitCoinJ: 97 receive version message: /Bither1.3.8/: 82 receive version message: /Bitaps: Once crawlers are removed, SPV wallets (bitcoinj, breadwallet) make up the bulk of all P2P clients. This is very far from 1% and falling, as Todd wrongly suggests. 3 - It is said that there is a DoS attack possible. This claim does not seem to have been researched. I decided to test it out for real, so I implemented a DoS attack similar to the one we've seen against XT nodes: it sends getdata for large (1mb) filtered blocks over and over again as fast as possible. As was reported and makes sense, CPU usage goes to 100%. However I couldn't see any other effects. RPCs still react immediately, the Qt GUI is fully responsive, I was even able to sync another SPV client to that node and it proceeded at full speed. It's actually pretty nice to see how well it held up. Most importantly transactions and blocks continued to be relayed without delay. I saw my VPS node receive a block only eight seconds after my local node, which is well within normal propagation delays. There's another very important point here: I profiled my local node whilst it was under this attack. It turns out that Bloom filtering is extremely fast. 90% of the CPU time is spent on loading and deserializing the data from disk. Only 10% of the CPU time was spent actually filtering. Thus you can easily trigger exactly the same DoS attack by just using regular getdata requests on large blocks over and over. You don't need Bloom filtering. If you don't want to actually download the blocks just don't TCP ACK the packets and then FIN after a few seconds .... the data will all have been loaded and be sitting in the send buffers. So even if I refine the attack and find a way to actually deny service to someone, the fix would have to apply to regular non-filtered block fetches too, which cannot be disabled. In summary: this BIP doesn't solve anything, but does create a big upgrade headache. --089e0122efea04f6b0051e102d2a Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable
NACK: stated rationales are inv= alid: both privacy and DoS (see below for experimental data).


1 - Bloom filtering doesn't add privacy for node oper= ators, it adds privacy for lightweight wallets. And in fact, with a high FP= rate it does do that. Most users want both low bandwidth usage and=C2=A0query scrambling, which is harder to do but not impossible. The= re is a clear roadmap for how to implement that with smarter clients: no pr= otocol changes are needed.=C2=A0

=
So the first stated rationale is spurious: disab= ling Bloom filtering doesn't improve privacy for anyone. It can only hu= rt.


2 -= SPV usage is rising, not falling.

Peter's data is flawed because he ignored = the fact that SPV clients tend to connect, sync, then disconnect. They don&= #39;t remain connected all the time. So merely examining a random snapshot = of what's connected at a single point in time will give wildly varying = and almost random results.

A more scientifically valid approach is to check the n= umber of actual connections over a long span of time. Here's the data f= rom my node:

mike@plan99:~/.bitcoin$ grep -Po 'rec= eive version message: ([^:]*):' debug.log |sort |uniq -c|sort -n|tac|he= ad -n 10
=C2=A0 11027 receive version messa= ge: /getaddr.bitno= des.io:
=C2=A0 =C2=A06264 receive versi= on message: /bitcoinseeder:
=C2=A0 =C2=A049= 44 receive version message: /bitcoinj:
=C2= =A0 =C2=A02531 receive version message: /Snoopy:
=C2=A0 =C2=A02362 receive version message: /breadwallet:
=C2=A0 =C2=A01127 receive version message: /Satoshi:
=C2=A0 =C2=A0 204 receive version message: /B= itcoin XT:
=C2=A0 =C2=A0 128 receive versio= n message: /BitCoinJ:
=C2=A0 =C2=A0 =C2=A09= 7 receive version message: /Bither1.3.8/:
= =C2=A0 =C2=A0 =C2=A082 receive version message: /Bitaps:

Once crawlers are removed, SPV wallets (bitcoinj, breadwallet) make = up the bulk of all P2P clients. This is very far from 1% and falling, as To= dd wrongly suggests.



3 - It is said that there is a DoS attack possible. This claim does not se= em to have been researched.

I decided to test it o= ut for real, so I implemented a DoS attack similar to the one we've see= n against XT nodes: it sends getdata for large (1mb) filtered blocks over a= nd over again as fast as possible.

As was reported= and makes sense, CPU usage goes to 100%. However I couldn't see any ot= her effects. RPCs still react immediately, the Qt GUI is fully responsive, = I was even able to sync another SPV client to that node and it proceeded at= full speed. It's actually pretty nice to see how well it held up.

Most importantly transactions and blocks continued to = be relayed without delay. I saw my VPS node receive a block only eight seco= nds after my local node, which is well within normal propagation delays.

There's another very important point here: I pro= filed my local node whilst it was under this attack. It turns out that Bloo= m filtering is extremely fast. 90% of the CPU time is spent on loading and = deserializing the data from disk. Only 10% of the CPU time was spent actual= ly filtering.

Thus you can easily trigger exactly = the same DoS attack by just using regular getdata requests on large blocks = over and over. You don't need Bloom filtering. If you don't want to= actually download the blocks just don't TCP ACK the packets and then F= IN after a few seconds .... the data will all have been loaded and be sitti= ng in the send buffers.

So even if I refine the at= tack and find a way to actually deny service to someone, the fix would have= to apply to regular non-filtered block fetches too, which cannot be disabl= ed.


In summary: this BIP doesn'= t solve anything, but does create a big upgrade headache.
--089e0122efea04f6b0051e102d2a--