Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id AC391B92 for ; Thu, 9 Mar 2017 01:55:34 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-wr0-f171.google.com (mail-wr0-f171.google.com [209.85.128.171]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 067C41CB for ; Thu, 9 Mar 2017 01:55:33 +0000 (UTC) Received: by mail-wr0-f171.google.com with SMTP id l37so35377037wrc.1 for ; Wed, 08 Mar 2017 17:55:33 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=IcYhThzOHBzs4Piqo++J5sscx+mORsvhaYe9y2nR7EQ=; b=EiJd+9v1kM5aJwqufCPBkgJl0sIh0YzDecDcCYskJgJTz6066y01/P6NA/uixQvM59 XVX6aPyYb74KPB61SIHIB+1xUaT5hBoZZ9k6a3g2E+boyX1JUPH2KRnIIn2RxAtqzv1f GHgzGyZpwtf5NQQwQ6jlPhp9NUvKYY0N2PXb9lbgrZ5sizIxME3EL7lH1H7c8jCy3erM 2M3FwJzDxsvDV9F99U1ZfQ8O/zycNavyAyHUOP45dZ+jMjEIxRB62/vdPsVBJbZ5tBPX CCXuJR/f9dyp7Pa07bMLhyTUzrMnpqzF8qJCuNZVZtbdPysyIHryd5yuCGiZoVSWd+xT 8d6Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=IcYhThzOHBzs4Piqo++J5sscx+mORsvhaYe9y2nR7EQ=; b=rJNuSAOzOClE1NGNoxqM8alaOsuyOtObRRoVJIBwRhC3wTs94B8I0P+eIHY9i6VxLT GLLvf4sjXeiRckjBIh+kEayPztgsmX31Jjf6mHHYiDMxo1bu+zSoUdafAyqLOegm+LnT 9wDAErRPZ0B+M80OijvFwNPjXxci7Ur90SE99VMvT2uArDFXwHY4qcivp0P6IaQ9QWcS S0xpkfkwjjG8utwOEZuMQr/nWbEC7OiCn9cOMV/KXNMVU68W/uW/8puwz+FzckDUyFhC HBBiUhcvch6vOvVDtqW8w3UBC4C8s+f6A1wwiZ+upBqUGX109zldMiyVQcdUUqJQdDVe 1QaA== X-Gm-Message-State: AMke39mh2qKT29ZqI25tdDbDhslfbFfOi71Rm2QNZtoeFM6nVRTxz4w8yMFtiTSDEC3HHDThgCwSIA66VDXqTQ== X-Received: by 10.223.130.214 with SMTP id 80mr8338598wrc.43.1489024532626; Wed, 08 Mar 2017 17:55:32 -0800 (PST) MIME-Version: 1.0 Received: by 10.80.135.5 with HTTP; Wed, 8 Mar 2017 17:55:32 -0800 (PST) In-Reply-To: <6a5a6a8f-d689-260a-76a9-a91f6bda56c5@voskuil.org> References: <30362205-D0CC-46D9-B924-EFA0A6EA1AC9@jonasschnelli.ch> <31FB94D1-5B5B-43EF-AFD8-2A7508464F7C@jonasschnelli.ch> <6a5a6a8f-d689-260a-76a9-a91f6bda56c5@voskuil.org> From: Pieter Wuille Date: Wed, 8 Mar 2017 17:55:32 -0800 Message-ID: To: Eric Voskuil Content-Type: text/plain; charset=UTF-8 X-Spam-Status: No, score=-1.5 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, RCVD_IN_DNSWL_NONE, RCVD_IN_SORBS_SPAM autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Cc: Bitcoin Protocol Discussion , Libbitcoin Development Subject: Re: [bitcoin-dev] Unique node identifiers X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 09 Mar 2017 01:55:34 -0000 On Wed, Mar 8, 2017 at 5:16 PM, Eric Voskuil wrote: > On 03/08/2017 03:12 PM, Pieter Wuille wrote: >> In that way, I see BIP150 as an extension of IP addresses, except more >> secure against network-level attackers. If you believe the concept of >> people establishing links along existing trust lines is a problem, you >> should be arguing against features in Bitcoin software that allows >> configuring preferred IP addresses to connect to as well (-addnode and >> -connect in Bitcoin Core, for example). > > Weak identity is insufficient to produce the problem scenario that is at > the heart of my concern (excluding people). It is this "[same] except > more secure" distinction that is the problem. You brush past that as if > it did not exist. So you're saying that a -onlyacceptconnectionsfrom=IP option wouldn't be a concern to you because it can't exclude people? Of course it can exclude people - just not your ISP or a state-level attacker. Please, Eric. I think I understand your concern, but this argument isn't constructive either. The proposal here is to introduce visible node identities on the network. I think that's misguided as node count is irrelevant and trivial to fake anyway. But you bringing up BIP150 here isn't useful either. I know that you equate the concept of having verifiable identity keys in the P2P with a step towards making every node identifiable, but they are not the same. It's just a cryptographic tool to keep a certain class of attackers from bypassing restrictions that people can already make. -- Pieter