Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 6C3DFE6E for ; Thu, 17 May 2018 18:34:49 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-ua0-f181.google.com (mail-ua0-f181.google.com [209.85.217.181]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id C47E86D2 for ; Thu, 17 May 2018 18:34:47 +0000 (UTC) Received: by mail-ua0-f181.google.com with SMTP id j5-v6so3621059uak.12 for ; Thu, 17 May 2018 11:34:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:sender:in-reply-to:references:from:date:message-id :subject:to:cc; bh=WkRERrfrM+p9UFIeLWhfLH5bRHn/aoxSsjfaAgXBslA=; b=kbnUsL58F1bIMN0G9ehCsmOC93CxKKIKlHZ2Jei5cxQhxNKr+8keRKlzX9OA143BzX LjpsVjRp1DFPDUc9YTWFUXvQvzYkyasVXH/uDPnrtc9h7QoBWAsFQ0jq5Abkth7qNbS9 YlylnXO8NNYSpp0S19zw9Jaf6kCe3YTiseR+tjR4D9RvpHpPAj20itwGLvAuwGJYx18Q pU7f6iLSV3QyNzG9yTCuPa0IZdI4lQWjaOcH7cmeQiuuRe/WI89CH+Qi6CuDMyWCzd9m OspNSgvoTznOTccjmTWvNlZhnuft6CmqUUXTzNgesP46elqmtjUE86zfdYQtsxlCVuXq gCtA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc; bh=WkRERrfrM+p9UFIeLWhfLH5bRHn/aoxSsjfaAgXBslA=; b=s7hJRlxFodeSqEJHhzS+qHx2AV9y+jd5AxQz7HKw9/h7A3nrZlVVM/L787DWQRdYUf Cl8yFTCTfvXBoCxDta8WWXw97WOWDPm+ATYvThVTDqjHybU7B5PpLUZ2Q/V5TpaXe4Gf MURLfo4q59oBOaoCwvi4dKCQns9kA4OeZEZg9SWDfGFKWjCCmjZN3h/AGAB18Zi4Tr90 h2drdkbS2plx+qH1FfV6dIT8RKlFpZSlQ8F8Fun+9+lDV6xZk2uXj2vMPfGcfYJLNg5D vYNEBrZNafBYdpl1NLmtdhPW0HaJcEXVKIs9HKIW3AxWn5tBvHW2/0difSvRTVro9YXI Zj0Q== X-Gm-Message-State: ALKqPwePHowHtORAR6YMFyAtINyyb6rB3J5V9RSJe/etZumtz6tpu+dt ruq2EF2CDZnBXQPIYno6LXKWgbT0aHMSUeE3rks= X-Google-Smtp-Source: AB8JxZpHHAg4CtmUt/XPRpFbU/ljSaqtAbeqmlg49lRXDE05RxWzDivhv24ltXb8iM7ZZywoyCRtpqu5wjtw4+pjzYk= X-Received: by 2002:ab0:1b6c:: with SMTP id n44-v6mr5113562uai.194.1526582086915; Thu, 17 May 2018 11:34:46 -0700 (PDT) MIME-Version: 1.0 Sender: gmaxwell@gmail.com Received: by 10.103.81.132 with HTTP; Thu, 17 May 2018 11:34:45 -0700 (PDT) In-Reply-To: <22d375c7-a032-8691-98dc-0e6ee87a4b08@mattcorallo.com> References: <22d375c7-a032-8691-98dc-0e6ee87a4b08@mattcorallo.com> From: Gregory Maxwell Date: Thu, 17 May 2018 18:34:45 +0000 X-Google-Sender-Auth: a8GHH6McH6-IMwmq6Bh2_bsHxEI Message-ID: To: Matt Corallo Content-Type: text/plain; charset="UTF-8" X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,FREEMAIL_FROM,RCVD_IN_DNSWL_NONE autolearn=unavailable version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Cc: Bitcoin Protocol Discussion Subject: Re: [bitcoin-dev] BIP 158 Flexibility and Filter Size X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 17 May 2018 18:34:49 -0000 On Thu, May 17, 2018 at 4:59 PM, Matt Corallo wrote: > Yea I generally would really prefer something like that but it > significantly complicates the download logic - currently clients can > easily cross-check [...] Maybe > there is some other reasonable download logic to replace it with, however. I think lite clients cross checking is something which very likely will never be implemented by anyone, and probably not stay working (due to under-usage) if it is implemented. This thought is driven by three things (1) the bandwidth overhead of performing the check, (2) thinking about the network-interacting-state-machine complexity of it, and by the multitude of sanity checks that lite clients already don't implement (e.g. when a lite client noticed a split tip it could ask peers for the respective blocks and check at least the stateless checks, but none has ever done that), and... (3) that kind of checking would be moot if the filters were committed and validated... and the commitment would be both much simpler to check for lite clients and provide much stronger protection against malicious peers. My expectation is that eventually one of these filter-map designs would become committed-- not after we already had it deployed and had worked out the design to the n-th generation (just as your proposed revisions are doing to the initial proposal), but eventually. Also, even without this change clients can still do that "are multiple peers telling me the same thing or different things" kind of checking, which I expect is the strongest testing we'd actually see them implement absent a commitment.