Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from <gappleto97@gmail.com>) id 1YsGzM-0004dW-Ug for bitcoin-development@lists.sourceforge.net; Tue, 12 May 2015 20:41:16 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.213.177 as permitted sender) client-ip=209.85.213.177; envelope-from=gappleto97@gmail.com; helo=mail-ig0-f177.google.com; Received: from mail-ig0-f177.google.com ([209.85.213.177]) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1YsGzL-0006bx-RP for bitcoin-development@lists.sourceforge.net; Tue, 12 May 2015 20:41:16 +0000 Received: by igbpi8 with SMTP id pi8so120345031igb.1 for <bitcoin-development@lists.sourceforge.net>; Tue, 12 May 2015 13:41:10 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.50.176.137 with SMTP id ci9mr6296916igc.2.1431463270474; Tue, 12 May 2015 13:41:10 -0700 (PDT) Received: by 10.107.165.21 with HTTP; Tue, 12 May 2015 13:41:10 -0700 (PDT) Received: by 10.107.165.21 with HTTP; Tue, 12 May 2015 13:41:10 -0700 (PDT) In-Reply-To: <CAJHLa0O3fgmg4AFAM9+4RRkhSo8ekATs2Ks+Ry7ooQafjQ-4qw@mail.gmail.com> References: <CANJO25J1WRHtfQLVXUB2s_sjj39pTPWmixAcXNJ3t-5os8RPmQ@mail.gmail.com> <CANJO25JTtfmfsOQYOzJeksJn3CoKE3W8iLGsRko-_xd4XhB3ZA@mail.gmail.com> <CAJHLa0O5OxaX5g3u=dnCY6Lz_gK3QZgQEPNcWNVRD4JziwAmvg@mail.gmail.com> <20150512171640.GA32606@savin.petertodd.org> <CAE-z3OV3VdSoiTSfASwYHr1CjZSqio303sqGq_1Y9yaYgov2sw@mail.gmail.com> <CAAS2fgRzGkcJbWbJmFN2-NSJGUcLdPKp0q7FjM0x7WDvHoRq=g@mail.gmail.com> <CANJO25+qURmDzsMgnm7+tsw7icFO--gWhmKmQPuNQCoh_R2big@mail.gmail.com> <CAJHLa0PDbxuqRHuGNhsyvLpAaDq=ZHSg_u-Sb7FqNVnYrhFkFg@mail.gmail.com> <CAAS2fgTCMeNdcmMxURxaoAJn8=XZnTP8Gp6PbRk5w7KXAZ8t3g@mail.gmail.com> <CAJHLa0O3fgmg4AFAM9+4RRkhSo8ekATs2Ks+Ry7ooQafjQ-4qw@mail.gmail.com> Date: Tue, 12 May 2015 16:41:10 -0400 Message-ID: <CANJO25+yXnkQm8ATq694PurDKGBPTkCcJzD4fJaPS4Jy9HmbTg@mail.gmail.com> From: gabe appleton <gappleto97@gmail.com> To: Jeff Garzik <jgarzik@bitpay.com> Content-Type: multipart/alternative; boundary=089e0111e0dabf1a560515e88382 X-Spam-Score: -0.3 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (gappleto97[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in digit (gappleto97[at]gmail.com) 1.0 HTML_MESSAGE BODY: HTML included in message -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's domain 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1YsGzL-0006bx-RP Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net> Subject: Re: [Bitcoin-development] Proposed additional options for pruned nodes X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: <bitcoin-development.lists.sourceforge.net> List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>, <mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe> List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development> List-Post: <mailto:bitcoin-development@lists.sourceforge.net> List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help> List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>, <mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe> X-List-Received-Date: Tue, 12 May 2015 20:41:17 -0000 --089e0111e0dabf1a560515e88382 Content-Type: text/plain; charset=UTF-8 I suppose this begs two questions: 1) why not have a partial archive store the most recent X% of the blockchain by default? 2) why not include some sort of torrent in QT, to mitigate this risk? I don't think this is necessarily a good idea, but I'd like to hear the reasoning. On May 12, 2015 4:11 PM, "Jeff Garzik" <jgarzik@bitpay.com> wrote: > True. Part of the issue rests on the block sync horizon/cliff. There is > a value X which is the average number of blocks the 90th percentile of > nodes need in order to sync. It is sufficient for the [semi-]pruned nodes > to keep X blocks, after which nodes must fall back to archive nodes for > older data. > > There is simply far, far more demand for recent blocks, and the demand for > old blocks very rapidly falls off. > > There was even a more radical suggestion years ago - refuse to sync if too > old (>2 weeks?), and force the user to download ancient data via torrent. > > > > On Tue, May 12, 2015 at 1:02 PM, Gregory Maxwell <gmaxwell@gmail.com> > wrote: > >> On Tue, May 12, 2015 at 7:38 PM, Jeff Garzik <jgarzik@bitpay.com> wrote: >> > One general problem is that security is weakened when an attacker can >> DoS a >> > small part of the chain by DoS'ing a small number of nodes - yet the >> impact >> > is a network-wide DoS because nobody can complete a sync. >> >> It might be more interesting to think of that attack as a bandwidth >> exhaustion DOS attack on the archive nodes... if you can't get a copy >> without them, thats where you'll go. >> >> So the question arises: does the option make some nodes that would >> have been archive not be? Probably some-- but would it do so much that >> it would offset the gain of additional copies of the data when those >> attacks are not going no. I suspect not. >> >> It's also useful to give people incremental ways to participate even >> when they can't swollow the whole pill; or choose to provide the >> resource thats cheap for them to provide. In particular, if there is >> only two kinds of full nodes-- archive and pruned; then the archive >> nodes take both a huge disk and bandwidth cost; where as if there are >> fractional then archives take low(er) bandwidth unless the fractionals >> get DOS attacked. >> > > > > -- > Jeff Garzik > Bitcoin core developer and open source evangelist > BitPay, Inc. https://bitpay.com/ > --089e0111e0dabf1a560515e88382 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable <p dir=3D"ltr">I suppose this begs two questions:</p> <p dir=3D"ltr">1) why not have a partial archive store the most recent X% o= f the blockchain by default?</p> <p dir=3D"ltr">2) why not include some sort of torrent in QT, to mitigate t= his risk? I don't think this is necessarily a good idea, but I'd li= ke to hear the reasoning. </p> <div class=3D"gmail_quote">On May 12, 2015 4:11 PM, "Jeff Garzik"= <<a href=3D"mailto:jgarzik@bitpay.com">jgarzik@bitpay.com</a>> wrote= :<br type=3D"attribution"><blockquote class=3D"gmail_quote" style=3D"margin= :0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir=3D"ltr">T= rue.=C2=A0 Part of the issue rests on the block sync horizon/cliff.=C2=A0 T= here is a value X which is the average number of blocks the 90th percentile= of nodes need in order to sync.=C2=A0 It is sufficient for the [semi-]prun= ed nodes to keep X blocks, after which nodes must fall back to archive node= s for older data.<div><br></div><div>There is simply far, far more demand f= or recent blocks, and the demand for old blocks very rapidly falls off.<br>= <div><br></div><div>There was even a more radical suggestion years ago - re= fuse to sync if too old (>2 weeks?), and force the user to download anci= ent data via torrent.</div><div><br></div><div><br></div></div></div><div c= lass=3D"gmail_extra"><br><div class=3D"gmail_quote">On Tue, May 12, 2015 at= 1:02 PM, Gregory Maxwell <span dir=3D"ltr"><<a href=3D"mailto:gmaxwell@= gmail.com" target=3D"_blank">gmaxwell@gmail.com</a>></span> wrote:<br><b= lockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px = #ccc solid;padding-left:1ex"><span>On Tue, May 12, 2015 at 7:38 PM, Jeff Ga= rzik <<a href=3D"mailto:jgarzik@bitpay.com" target=3D"_blank">jgarzik@bi= tpay.com</a>> wrote:<br> > One general problem is that security is weakened when an attacker can = DoS a<br> > small part of the chain by DoS'ing a small number of nodes - yet t= he impact<br> > is a network-wide DoS because nobody can complete a sync.<br> <br> </span>It might be more interesting to think of that attack as a bandwidth<= br> exhaustion DOS attack on the archive nodes... if you can't get a copy<b= r> without them, thats where you'll go.<br> <br> So the question arises: does the option make some nodes that would<br> have been archive not be? Probably some-- but would it do so much that<br> it would offset the gain of additional copies of the data when those<br> attacks are not going no. I suspect not.<br> <br> It's also useful to give people incremental ways to participate even<br= > when they can't swollow the whole pill; or choose to provide the<br> resource thats cheap for them to provide.=C2=A0 In particular, if there is<= br> only two kinds of full nodes-- archive and pruned; then the archive<br> nodes take both a huge disk and bandwidth cost; where as if there are<br> fractional then archives take low(er) bandwidth unless the fractionals<br> get DOS attacked.<br> </blockquote></div><br><br clear=3D"all"><div><br></div>-- <br><div>Jeff Ga= rzik<br>Bitcoin core developer and open source evangelist<br>BitPay, Inc. = =C2=A0 =C2=A0 =C2=A0<a href=3D"https://bitpay.com/" target=3D"_blank">https= ://bitpay.com/</a></div> </div> </blockquote></div> --089e0111e0dabf1a560515e88382--