Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com
	designates 209.85.220.54 as permitted sender)
	client-ip=209.85.220.54; envelope-from=gappleto97@gmail.com;
	helo=mail-pa0-f54.google.com; 
MIME-Version: 1.0
In-Reply-To: <CAJHLa0PDbxuqRHuGNhsyvLpAaDq=ZHSg_u-Sb7FqNVnYrhFkFg@mail.gmail.com>
References: <CANJO25J1WRHtfQLVXUB2s_sjj39pTPWmixAcXNJ3t-5os8RPmQ@mail.gmail.com>
	<CANJO25JTtfmfsOQYOzJeksJn3CoKE3W8iLGsRko-_xd4XhB3ZA@mail.gmail.com>
	<CAJHLa0O5OxaX5g3u=dnCY6Lz_gK3QZgQEPNcWNVRD4JziwAmvg@mail.gmail.com>
	<20150512171640.GA32606@savin.petertodd.org>
	<CAE-z3OV3VdSoiTSfASwYHr1CjZSqio303sqGq_1Y9yaYgov2sw@mail.gmail.com>
	<CAAS2fgRzGkcJbWbJmFN2-NSJGUcLdPKp0q7FjM0x7WDvHoRq=g@mail.gmail.com>
	<CANJO25+qURmDzsMgnm7+tsw7icFO--gWhmKmQPuNQCoh_R2big@mail.gmail.com>
	<CAJHLa0PDbxuqRHuGNhsyvLpAaDq=ZHSg_u-Sb7FqNVnYrhFkFg@mail.gmail.com>
Date: Tue, 12 May 2015 15:43:45 -0400
Message-ID: <CANJO25JqoidjKEmi1wv-ACBm6eB-B=g3r5kurLK5O0Gx5orJmA@mail.gmail.com>
From: gabe appleton <gappleto97@gmail.com>
To: Jeff Garzik <jgarzik@bitpay.com>
Content-Type: multipart/alternative; boundary=047d7b2e0979650a320515e7b64f
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Proposed additional options for pruned
	nodes
Precedence: list

--047d7b2e0979650a320515e7b64f
Content-Type: text/plain; charset=UTF-8

Yet this holds true in our current assumptions of the network as well: that
it will become a collection of pruned nodes with a few storage nodes.

A hybrid option makes this better, because it spreads the risk, rather than
concentrating it in full nodes.
On May 12, 2015 3:38 PM, "Jeff Garzik" <jgarzik@bitpay.com> wrote:

> One general problem is that security is weakened when an attacker can DoS
> a small part of the chain by DoS'ing a small number of nodes - yet the
> impact is a network-wide DoS because nobody can complete a sync.
>
>
> On Tue, May 12, 2015 at 12:24 PM, gabe appleton <gappleto97@gmail.com>
> wrote:
>
>> 0, 1, 3, 4, 5, 6 can be solved by looking at chunks chronologically. Ie,
>> give the signed (by sender) hash of the first and last block in your range.
>> This is less data dense than the idea above, but it might work better.
>>
>> That said, this is likely a less secure way to do it. To improve upon
>> that, a node could request a block of random height within that range and
>> verify it, but that violates point 2. And the scheme in itself definitely
>> violates point 7.
>> On May 12, 2015 3:07 PM, "Gregory Maxwell" <gmaxwell@gmail.com> wrote:
>>
>>> It's a little frustrating to see this just repeated without even
>>> paying attention to the desirable characteristics from the prior
>>> discussions.
>>>
>>> Summarizing from memory:
>>>
>>> (0) Block coverage should have locality; historical blocks are
>>> (almost) always needed in contiguous ranges.   Having random peers
>>> with totally random blocks would be horrific for performance; as you'd
>>> have to hunt down a working peer and make a connection for each block
>>> with high probability.
>>>
>>> (1) Block storage on nodes with a fraction of the history should not
>>> depend on believing random peers; because listening to peers can
>>> easily create attacks (e.g. someone could break the network; by
>>> convincing nodes to become unbalanced) and not useful-- it's not like
>>> the blockchain is substantially different for anyone; if you're to the
>>> point of needing to know coverage to fill then something is wrong.
>>> Gaps would be handled by archive nodes, so there is no reason to
>>> increase vulnerability by doing anything but behaving uniformly.
>>>
>>> (2) The decision to contact a node should need O(1) communications,
>>> not just because of the delay of chasing around just to find who has
>>> someone; but because that chasing process usually makes the process
>>> _highly_ sybil vulnerable.
>>>
>>> (3) The expression of what blocks a node has should be compact (e.g.
>>> not a dense list of blocks) so it can be rumored efficiently.
>>>
>>> (4) Figuring out what block (ranges) a peer has given should be
>>> computationally efficient.
>>>
>>> (5) The communication about what blocks a node has should be compact.
>>>
>>> (6) The coverage created by the network should be uniform, and should
>>> remain uniform as the blockchain grows; ideally it you shouldn't need
>>> to update your state to know what blocks a peer will store in the
>>> future, assuming that it doesn't change the amount of data its
>>> planning to use. (What Tier Nolan proposes sounds like it fails this
>>> point)
>>>
>>> (7) Growth of the blockchain shouldn't cause much (or any) need to
>>> refetch old blocks.
>>>
>>> I've previously proposed schemes which come close but fail one of the
>>> above.
>>>
>>> (e.g. a scheme based on reservoir sampling that gives uniform
>>> selection of contiguous ranges, communicating only 64 bits of data to
>>> know what blocks a node claims to have, remaining totally uniform as
>>> the chain grows, without any need to refetch -- but needs O(height)
>>> work to figure out what blocks a peer has from the data it
>>> communicated.;   or another scheme based on consistent hashes that has
>>> log(height) computation; but sometimes may result in a node needing to
>>> go refetch an old block range it previously didn't store-- creating
>>> re-balancing traffic.)
>>>
>>> So far something that meets all those criteria (and/or whatever ones
>>> I'm not remembering) has not been discovered; but I don't really think
>>> much time has been spent on it. I think its very likely possible.
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> One dashboard for servers and applications across Physical-Virtual-Cloud
>>> Widest out-of-the-box monitoring support with 50+ applications
>>> Performance metrics, stats and reports that give you Actionable Insights
>>> Deep dive visibility with transaction tracing using APM Insight.
>>> http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
>>> _______________________________________________
>>> Bitcoin-development mailing list
>>> Bitcoin-development@lists.sourceforge.net
>>> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>>>
>>
>>
>> ------------------------------------------------------------------------------
>> One dashboard for servers and applications across Physical-Virtual-Cloud
>> Widest out-of-the-box monitoring support with 50+ applications
>> Performance metrics, stats and reports that give you Actionable Insights
>> Deep dive visibility with transaction tracing using APM Insight.
>> http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
>> _______________________________________________
>> Bitcoin-development mailing list
>> Bitcoin-development@lists.sourceforge.net
>> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
>>
>>
>
>
> --
> Jeff Garzik
> Bitcoin core developer and open source evangelist
> BitPay, Inc.      https://bitpay.com/
>

--047d7b2e0979650a320515e7b64f
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<p dir=3D"ltr">Yet this holds true in our current assumptions of the networ=
k as well: that it will become a collection of pruned nodes with a few stor=
age nodes. </p>
<p dir=3D"ltr">A hybrid option makes this better, because it spreads the ri=
sk, rather than concentrating it in full nodes. </p>
<div class=3D"gmail_quote">On May 12, 2015 3:38 PM, &quot;Jeff Garzik&quot;=
 &lt;<a href=3D"mailto:jgarzik@bitpay.com">jgarzik@bitpay.com</a>&gt; wrote=
:<br type=3D"attribution"><blockquote class=3D"gmail_quote" style=3D"margin=
:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir=3D"ltr">O=
ne general problem is that security is weakened when an attacker can DoS a =
small part of the chain by DoS&#39;ing a small number of nodes - yet the im=
pact is a network-wide DoS because nobody can complete a sync.<div><br></di=
v></div><div class=3D"gmail_extra"><br><div class=3D"gmail_quote">On Tue, M=
ay 12, 2015 at 12:24 PM, gabe appleton <span dir=3D"ltr">&lt;<a href=3D"mai=
lto:gappleto97@gmail.com" target=3D"_blank">gappleto97@gmail.com</a>&gt;</s=
pan> wrote:<br><blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex=
;border-left:1px #ccc solid;padding-left:1ex"><p dir=3D"ltr">0, 1, 3, 4, 5,=
 6 can be solved by looking at chunks chronologically. Ie, give the signed =
(by sender) hash of the first and last block in your range. This is less da=
ta dense than the idea above, but it might work better. </p>
<p dir=3D"ltr">That said, this is likely a less secure way to do it. To imp=
rove upon that, a node could request a block of random height within that r=
ange and verify it, but that violates point 2. And the scheme in itself def=
initely violates point 7.</p><div><div>
<div class=3D"gmail_quote">On May 12, 2015 3:07 PM, &quot;Gregory Maxwell&q=
uot; &lt;<a href=3D"mailto:gmaxwell@gmail.com" target=3D"_blank">gmaxwell@g=
mail.com</a>&gt; wrote:<br type=3D"attribution"><blockquote class=3D"gmail_=
quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1=
ex">It&#39;s a little frustrating to see this just repeated without even<br=
>
paying attention to the desirable characteristics from the prior<br>
discussions.<br>
<br>
Summarizing from memory:<br>
<br>
(0) Block coverage should have locality; historical blocks are<br>
(almost) always needed in contiguous ranges.=C2=A0 =C2=A0Having random peer=
s<br>
with totally random blocks would be horrific for performance; as you&#39;d<=
br>
have to hunt down a working peer and make a connection for each block<br>
with high probability.<br>
<br>
(1) Block storage on nodes with a fraction of the history should not<br>
depend on believing random peers; because listening to peers can<br>
easily create attacks (e.g. someone could break the network; by<br>
convincing nodes to become unbalanced) and not useful-- it&#39;s not like<b=
r>
the blockchain is substantially different for anyone; if you&#39;re to the<=
br>
point of needing to know coverage to fill then something is wrong.<br>
Gaps would be handled by archive nodes, so there is no reason to<br>
increase vulnerability by doing anything but behaving uniformly.<br>
<br>
(2) The decision to contact a node should need O(1) communications,<br>
not just because of the delay of chasing around just to find who has<br>
someone; but because that chasing process usually makes the process<br>
_highly_ sybil vulnerable.<br>
<br>
(3) The expression of what blocks a node has should be compact (e.g.<br>
not a dense list of blocks) so it can be rumored efficiently.<br>
<br>
(4) Figuring out what block (ranges) a peer has given should be<br>
computationally efficient.<br>
<br>
(5) The communication about what blocks a node has should be compact.<br>
<br>
(6) The coverage created by the network should be uniform, and should<br>
remain uniform as the blockchain grows; ideally it you shouldn&#39;t need<b=
r>
to update your state to know what blocks a peer will store in the<br>
future, assuming that it doesn&#39;t change the amount of data its<br>
planning to use. (What Tier Nolan proposes sounds like it fails this<br>
point)<br>
<br>
(7) Growth of the blockchain shouldn&#39;t cause much (or any) need to<br>
refetch old blocks.<br>
<br>
I&#39;ve previously proposed schemes which come close but fail one of the a=
bove.<br>
<br>
(e.g. a scheme based on reservoir sampling that gives uniform<br>
selection of contiguous ranges, communicating only 64 bits of data to<br>
know what blocks a node claims to have, remaining totally uniform as<br>
the chain grows, without any need to refetch -- but needs O(height)<br>
work to figure out what blocks a peer has from the data it<br>
communicated.;=C2=A0 =C2=A0or another scheme based on consistent hashes tha=
t has<br>
log(height) computation; but sometimes may result in a node needing to<br>
go refetch an old block range it previously didn&#39;t store-- creating<br>
re-balancing traffic.)<br>
<br>
So far something that meets all those criteria (and/or whatever ones<br>
I&#39;m not remembering) has not been discovered; but I don&#39;t really th=
ink<br>
much time has been spent on it. I think its very likely possible.<br>
<br>
---------------------------------------------------------------------------=
---<br>
One dashboard for servers and applications across Physical-Virtual-Cloud<br=
>
Widest out-of-the-box monitoring support with 50+ applications<br>
Performance metrics, stats and reports that give you Actionable Insights<br=
>
Deep dive visibility with transaction tracing using APM Insight.<br>
<a href=3D"http://ad.doubleclick.net/ddm/clk/290420510;117567292;y" target=
=3D"_blank">http://ad.doubleclick.net/ddm/clk/290420510;117567292;y</a><br>
_______________________________________________<br>
Bitcoin-development mailing list<br>
<a href=3D"mailto:Bitcoin-development@lists.sourceforge.net" target=3D"_bla=
nk">Bitcoin-development@lists.sourceforge.net</a><br>
<a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-development=
" target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-de=
velopment</a><br>
</blockquote></div>
</div></div><br>-----------------------------------------------------------=
-------------------<br>
One dashboard for servers and applications across Physical-Virtual-Cloud<br=
>
Widest out-of-the-box monitoring support with 50+ applications<br>
Performance metrics, stats and reports that give you Actionable Insights<br=
>
Deep dive visibility with transaction tracing using APM Insight.<br>
<a href=3D"http://ad.doubleclick.net/ddm/clk/290420510;117567292;y" target=
=3D"_blank">http://ad.doubleclick.net/ddm/clk/290420510;117567292;y</a><br>=
_______________________________________________<br>
Bitcoin-development mailing list<br>
<a href=3D"mailto:Bitcoin-development@lists.sourceforge.net" target=3D"_bla=
nk">Bitcoin-development@lists.sourceforge.net</a><br>
<a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-development=
" target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-de=
velopment</a><br>
<br></blockquote></div><br><br clear=3D"all"><div><br></div>-- <br><div>Jef=
f Garzik<br>Bitcoin core developer and open source evangelist<br>BitPay, In=
c. =C2=A0 =C2=A0 =C2=A0<a href=3D"https://bitpay.com/" target=3D"_blank">ht=
tps://bitpay.com/</a></div>
</div>
</blockquote></div>

--047d7b2e0979650a320515e7b64f--