Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192]
	helo=mx.sourceforge.net)
	by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <pete@petertodd.org>) id 1V1ZBh-0002Xo-Df
	for bitcoin-development@lists.sourceforge.net;
	Tue, 23 Jul 2013 09:47:21 +0000
Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of petertodd.org
	designates 62.13.148.113 as permitted sender)
	client-ip=62.13.148.113; envelope-from=pete@petertodd.org;
	helo=outmail148113.authsmtp.com; 
Received: from outmail148113.authsmtp.com ([62.13.148.113])
	by sog-mx-2.v43.ch3.sourceforge.com with esmtp (Exim 4.76)
	id 1V1ZBd-0006hj-SE for bitcoin-development@lists.sourceforge.net;
	Tue, 23 Jul 2013 09:47:21 +0000
Received: from mail-c226.authsmtp.com (mail-c226.authsmtp.com [62.13.128.226])
	by punt10.authsmtp.com (8.14.2/8.14.2/Kp) with ESMTP id
	r6N9lAxJ050761; Tue, 23 Jul 2013 10:47:10 +0100 (BST)
Received: from savin (76-10-178-109.dsl.teksavvy.com [76.10.178.109])
	(authenticated bits=128)
	by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id r6N9l4Xc029751
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO);
	Tue, 23 Jul 2013 10:47:06 +0100 (BST)
Date: Tue, 23 Jul 2013 05:47:03 -0400
From: Peter Todd <pete@petertodd.org>
To: Andy Parkins <andyparkins@gmail.com>,
	Andreas Schildbach <andreas@schildbach.de>
Message-ID: <20130723094703.GA25900@savin>
References: <CAJHLa0Ou1xF=LeLVu_wH1-XgJ1PavDV7_NHoDevo3R9+4z-ZfQ@mail.gmail.com>
	<201307231030.14139.andyparkins@gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature"; boundary="HcAYCG3uE/tztfnV"
Content-Disposition: inline
In-Reply-To: <201307231030.14139.andyparkins@gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-Server-Quench: d68b90ea-f37c-11e2-98a9-0025907ec6c5
X-AuthReport-Spam: If SPAM / abuse - report it at:
	http://www.authsmtp.com/abuse
X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR
	aQdMdAEUEkAYAgsB AmUbWlReVFp7WWQ7 bAxPbAVDY01GQQRq
	WVdMSlVNFUsqB2II Whp2ARlwfgJDeTBx Z05qXj4PWkwofEYo
	E1MCFmpVeGZhPWIC WUgJfh5UcAFPdx9C PwN5B3ZDAzANdhES
	HhM4ODE3eDlSNilR RRkIIFQOdA4rIgIE DyovJglnNHUkDys0
	NVQsK0IXG0cXPi0A 
X-Authentic-SMTP: 61633532353630.1020:706
X-AuthFastPath: 0 (Was 255)
X-AuthSMTP-Origin: 76.10.178.109/587
X-AuthVirus-Status: No virus detected - but ensure you scan with your own
	anti-virus system.
X-Spam-Score: -1.5 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
	-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
	sender-domain
	-0.0 SPF_PASS               SPF: sender matches SPF record
X-Headers-End: 1V1ZBd-0006hj-SE
Cc: bitcoin-development@lists.sourceforge.net
Subject: Re: [Bitcoin-development] HTTP REST API for bitcoind
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Tue, 23 Jul 2013 09:47:21 -0000


--HcAYCG3uE/tztfnV
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Tue, Jul 23, 2013 at 10:30:13AM +0100, Andy Parkins wrote:
> One additional URL makes this pretty much perfect:
>=20
>   GET /rest/block-with-tx/TX-HASH
>=20
> Construction of the transaction-hash-to-block database is something the f=
ull=20
> client's have to do anyway, so this query is no harder than the others fo=
r=20
> them to supply; but suddenly makes it possible for an SPV client to trace=
 the=20
> providence of any transaction without needing to maintain the entire chai=
n.

On Tue, Jul 23, 2013 at 10:27:19AM +0200, Andreas Schildbach wrote:
> On 07/22/2013 09:42 PM, Jeff Garzik wrote:
>=20
> > The general goal of the HTTP REST interface is to access
> > unauthenticated, public blockchain information.  There is no plan to
> > add wallet interfacing/manipulation via this API.
>=20
> Is it planned to expose the UXTO set of a given address? That would be
> useful for SPV wallets to be able to swipe a previously unknown private
> key (e.g. paper wallet).

The REST API has nothing to do with SPV clients; it's similar to the RPC
interface and won't be exposed to the network as a whole.

Increasing the resource usage by SPV clients on full nodes is undesirable; =
we
have a lot of work to do regarding DoS attacks. John Dillon's comments here=
 on
using micro-transactions to compensate full-nodes for maintaining expensive
blockchain indexes are worth reading:
https://github.com/bitcoin/bitcoin/pull/2802#issuecomment-20232958

In any case UTXO data currently requires you to have full trust in
whomever is providing you with it, and that situation will continue
until UTXO commitments are implemented - if they are implemented.

--=20
'peter'[:-1]@petertodd.org
000000000000007bea8b46717ec4acb05830bcb6222497366dd72b02ddc80569

--HcAYCG3uE/tztfnV
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)

iQEcBAEBCAAGBQJR7lEXAAoJECSBQD2l8JH74I0IAKv4W7HT1NhMI2x/QQTUnZyM
gauA76c2a9fGXpaQ4j41fKIGDBylK4DfOLHSm4AQXr1H94u3ZXslbP2ylrmP8/6j
T9xYtrOCE7Av+PDbc5SVb17GoEtTIRbGsazlbt/qhXlJZy1CAGmdRAEMvKq3pRcW
GtapZGA1+RCuEmxzZIluhSI/TWabiRYJtO6N8KO1GzrMw0TelAIiXd3rp4b+o3GR
lxw1yroSjHz34OjPeAvMZSYrXzjiSmHjK1ntamIAU547sAjYxxKEMeCU625xUhGF
VdcgImdy9aezUqu0eeWWo5hhZFFgKTbjij3YKeCbEBvLQABu+nfs86HHux6/v8c=
=RPd/
-----END PGP SIGNATURE-----

--HcAYCG3uE/tztfnV--