Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 25AD98EB for ; Thu, 5 Nov 2015 23:33:32 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-pa0-f54.google.com (mail-pa0-f54.google.com [209.85.220.54]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 965FFF4 for ; Thu, 5 Nov 2015 23:33:31 +0000 (UTC) Received: by padhx2 with SMTP id hx2so93325741pad.1 for ; Thu, 05 Nov 2015 15:33:31 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=voskuil_org.20150623.gappssmtp.com; s=20150623; h=message-id:date:from:user-agent:mime-version:to:subject:references :in-reply-to:content-type; bh=Upnqz9XN1j/LFZtp370199EtEf8jRnjOaTFD4BOL5vo=; b=mTJnOf/v7wDLYZm3bk7NJB/iY0asKIN2dleYD4nXHoM++I1vgndFYT3raqvN/dy9L+ O3ImqSXe3g5ZbpcZ5U4BhCAWq9BddPmvVjmDq8eijuHvEOhEJ22leAbwwWO5CAWM33uV ksXoXHXYBXRbhMoNC09c9pzssLrrwIrjkNxwv/E8kJHcb0gFhrRes4cZeqNl6qNYRupN St504mg6+YH7TlKnjiDG6NWlSZTJnsoy7HGGwMYbDvKjSpovxh+vFlgNKOftj8yi159e bvKnWRCYSxmzXyiGPFAWERuCxjceRtbE6LzMHIhJAPD9zGWDz7t/VZFArhIiersqtJoR R6aA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to :subject:references:in-reply-to:content-type; bh=Upnqz9XN1j/LFZtp370199EtEf8jRnjOaTFD4BOL5vo=; b=U8wz/bNOuAxAFXff7o5FHGWSrUvVIwkK92HgbQx8CXZyh2u9xv41Pw1c9h4Yqkd9AJ xdIFnnvpSLm9IGIXGYb6aaotSiAMCmdaW2hHOonEl1K3WAx7l3VoE2Kkr769vGOlJzuz Tzw4s5ZJWJruPWdO8S9CXrce5oyWAF3q13qTww42jIUFDtJyOC9q4Bvqcm75u4qvS36R 9Vr3H5DOhSRPyaSMzMk2YGp1K2cycZNIdNcz9ms+YlRzdXCwCWtbCy3MCXIUQESmJC3r EF3uJVEN2FzOzOhLmnrruRb3rKS0ry/Kgsyh/NNvl3FTjl89XXk5ptQnD+dEu8yWDY66 Gc7g== X-Gm-Message-State: ALoCoQkw6vDk8gDGlA1rqfJLynT0/Ir6lW17ZyVwzlvJVTD+1wHBqW6/N7x9iOK0Bn/zuDpaM2LC X-Received: by 10.67.3.167 with SMTP id bx7mr12670852pad.57.1446766411293; Thu, 05 Nov 2015 15:33:31 -0800 (PST) Received: from ?IPv6:2601:600:9001:8060:bd6e:9536:44ac:95ad? ([2601:600:9001:8060:bd6e:9536:44ac:95ad]) by smtp.googlemail.com with ESMTPSA id bz2sm9908329pad.32.2015.11.05.15.33.29 (version=TLSv1/SSLv3 cipher=OTHER); Thu, 05 Nov 2015 15:33:30 -0800 (PST) Message-ID: <563BE746.5030406@voskuil.org> Date: Thu, 05 Nov 2015 15:33:26 -0800 From: Eric Voskuil User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:31.0) Gecko/20100101 Thunderbird/31.2.0 MIME-Version: 1.0 To: Adam Back , Bitcoin Dev References: In-Reply-To: Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="oEAsmcSk4FO4v0KkW0W7NQQ6OTnOJcq2c" X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Mailman-Approved-At: Thu, 05 Nov 2015 23:41:43 +0000 Subject: Re: [bitcoin-dev] summarising security assumptions (re cost metrics) X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Development Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 05 Nov 2015 23:33:32 -0000 This is an OpenPGP/MIME signed message (RFC 4880 and 3156) --oEAsmcSk4FO4v0KkW0W7NQQ6OTnOJcq2c Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: quoted-printable On 11/05/2015 03:03 PM, Adam Back via bitcoin-dev wrote: > ... > Validators: Economically dependent full nodes are an important part of > Bitcoin's security model because they assure Bitcoin security by > enforcing consensus rules. While full nodes do not have orphan > risk, we also dont want maliciously crafted blocks with pathological > validation cost to erode security by knocking reasonable spec full > nodes off the network on CPU (or bandwidth grounds). > ... > Validators vs Miner decentralisation balance: >=20 > There is a tradeoff where we can tolerate weak miner decentralisation > if we can rely on good validator decentralisation or vice versa. But > both being weak is risky. Currently given mining centralisation > itself is weak, that makes validator decentralisation a critical > remaining defence - ie security depends more on validator > decentralisation than it would if mining decentralisation was in a > better shape. This side of the security model seems underappreciated, if not poorly understood. Weakening is not just occurring because of the proliferation of non-validating wallet software and centralized (web) wallets, but also centralized Bitcoin APIs. Over time developers tend to settle on a couple of API providers for a given problem. Bing and Google for search and mapping, for example. All applications and users of them, depending on an API service, reduce to a single validator. Imagine most Bitcoin applications built on the equivalent of Bing and Google. e --oEAsmcSk4FO4v0KkW0W7NQQ6OTnOJcq2c Content-Type: application/pgp-signature; name="signature.asc" Content-Description: OpenPGP digital signature Content-Disposition: attachment; filename="signature.asc" -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQEcBAEBAgAGBQJWO+dGAAoJEDzYwH8LXOFODyoIAI1GO19Rbuh2E+lvcRqjTDRu ZoNvBtfMgEvdhLdH8OFxPz//S19kTxhmZbs6VyKiAzAIN0+XDac0J85QWVQ/scHv 9ZvVug60t2Bdra0Miz8H82m2WxbW6r7yFStnUuDvDwI45/sI+inuBzTEc38xI1ev TL4AK+fwWNcdABbSP7oLzIFBjmKXp99WO9ieMGXqC+DJdjE9zMR9114Yk85dddc5 AqylAPS3AQMe6DG1Bnh6gWHVFB54qbNNu68XHUCUeET/Hxqou25lWVsxwSsdV/jy KDLhKq1evqZz0VJrfUwuo2IFk5cuReBGCKL9Ito23ia/rCt5L6KTIEZiootvfI8= =nhxV -----END PGP SIGNATURE----- --oEAsmcSk4FO4v0KkW0W7NQQ6OTnOJcq2c--