summaryrefslogtreecommitdiff
path: root/99/290ee44bb49a9170fb580f2703aa39b6ba3573
blob: a936a71297861d0d2bcb417e29602c2059212b98 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
Return-Path: <eric@voskuil.org>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id 25AD98EB
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Thu,  5 Nov 2015 23:33:32 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-pa0-f54.google.com (mail-pa0-f54.google.com
	[209.85.220.54])
	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 965FFF4
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Thu,  5 Nov 2015 23:33:31 +0000 (UTC)
Received: by padhx2 with SMTP id hx2so93325741pad.1
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Thu, 05 Nov 2015 15:33:31 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=voskuil_org.20150623.gappssmtp.com; s=20150623;
	h=message-id:date:from:user-agent:mime-version:to:subject:references
	:in-reply-to:content-type;
	bh=Upnqz9XN1j/LFZtp370199EtEf8jRnjOaTFD4BOL5vo=;
	b=mTJnOf/v7wDLYZm3bk7NJB/iY0asKIN2dleYD4nXHoM++I1vgndFYT3raqvN/dy9L+
	O3ImqSXe3g5ZbpcZ5U4BhCAWq9BddPmvVjmDq8eijuHvEOhEJ22leAbwwWO5CAWM33uV
	ksXoXHXYBXRbhMoNC09c9pzssLrrwIrjkNxwv/E8kJHcb0gFhrRes4cZeqNl6qNYRupN
	St504mg6+YH7TlKnjiDG6NWlSZTJnsoy7HGGwMYbDvKjSpovxh+vFlgNKOftj8yi159e
	bvKnWRCYSxmzXyiGPFAWERuCxjceRtbE6LzMHIhJAPD9zGWDz7t/VZFArhIiersqtJoR
	R6aA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20130820;
	h=x-gm-message-state:message-id:date:from:user-agent:mime-version:to
	:subject:references:in-reply-to:content-type;
	bh=Upnqz9XN1j/LFZtp370199EtEf8jRnjOaTFD4BOL5vo=;
	b=U8wz/bNOuAxAFXff7o5FHGWSrUvVIwkK92HgbQx8CXZyh2u9xv41Pw1c9h4Yqkd9AJ
	xdIFnnvpSLm9IGIXGYb6aaotSiAMCmdaW2hHOonEl1K3WAx7l3VoE2Kkr769vGOlJzuz
	Tzw4s5ZJWJruPWdO8S9CXrce5oyWAF3q13qTww42jIUFDtJyOC9q4Bvqcm75u4qvS36R
	9Vr3H5DOhSRPyaSMzMk2YGp1K2cycZNIdNcz9ms+YlRzdXCwCWtbCy3MCXIUQESmJC3r
	EF3uJVEN2FzOzOhLmnrruRb3rKS0ry/Kgsyh/NNvl3FTjl89XXk5ptQnD+dEu8yWDY66
	Gc7g==
X-Gm-Message-State: ALoCoQkw6vDk8gDGlA1rqfJLynT0/Ir6lW17ZyVwzlvJVTD+1wHBqW6/N7x9iOK0Bn/zuDpaM2LC
X-Received: by 10.67.3.167 with SMTP id bx7mr12670852pad.57.1446766411293;
	Thu, 05 Nov 2015 15:33:31 -0800 (PST)
Received: from ?IPv6:2601:600:9001:8060:bd6e:9536:44ac:95ad?
	([2601:600:9001:8060:bd6e:9536:44ac:95ad])
	by smtp.googlemail.com with ESMTPSA id
	bz2sm9908329pad.32.2015.11.05.15.33.29
	(version=TLSv1/SSLv3 cipher=OTHER);
	Thu, 05 Nov 2015 15:33:30 -0800 (PST)
Message-ID: <563BE746.5030406@voskuil.org>
Date: Thu, 05 Nov 2015 15:33:26 -0800
From: Eric Voskuil <eric@voskuil.org>
User-Agent: Mozilla/5.0 (X11; Linux x86_64;
	rv:31.0) Gecko/20100101 Thunderbird/31.2.0
MIME-Version: 1.0
To: Adam Back <adam@cypherspace.org>, 
	Bitcoin Dev <bitcoin-dev@lists.linuxfoundation.org>
References: <CALqxMTE1JDsT8fSoDZVTUWfnw4Cmb9LkDa+B-XUyXGPxAYernA@mail.gmail.com>
In-Reply-To: <CALqxMTE1JDsT8fSoDZVTUWfnw4Cmb9LkDa+B-XUyXGPxAYernA@mail.gmail.com>
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature";
	boundary="oEAsmcSk4FO4v0KkW0W7NQQ6OTnOJcq2c"
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
X-Mailman-Approved-At: Thu, 05 Nov 2015 23:41:43 +0000
Subject: Re: [bitcoin-dev] summarising security assumptions (re cost metrics)
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Development Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Thu, 05 Nov 2015 23:33:32 -0000

This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--oEAsmcSk4FO4v0KkW0W7NQQ6OTnOJcq2c
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: quoted-printable

On 11/05/2015 03:03 PM, Adam Back via bitcoin-dev wrote:
> ...
> Validators: Economically dependent full nodes are an important part of
> Bitcoin's security model because they assure Bitcoin security by
> enforcing consensus rules.  While full nodes do not have orphan
> risk, we also dont want maliciously crafted blocks with pathological
> validation cost to erode security by knocking reasonable spec full
> nodes off the network on CPU (or bandwidth grounds).
> ...
> Validators vs Miner decentralisation balance:
>=20
> There is a tradeoff where we can tolerate weak miner decentralisation
> if we can rely on good validator decentralisation or vice versa.  But
> both being weak is risky.  Currently given mining centralisation
> itself is weak, that makes validator decentralisation a critical
> remaining defence - ie security depends more on validator
> decentralisation than it would if mining decentralisation was in a
> better shape.

This side of the security model seems underappreciated, if not poorly
understood. Weakening is not just occurring because of the proliferation
of non-validating wallet software and centralized (web) wallets, but
also centralized Bitcoin APIs.

Over time developers tend to settle on a couple of API providers for a
given problem. Bing and Google for search and mapping, for example. All
applications and users of them, depending on an API service, reduce to a
single validator. Imagine most Bitcoin applications built on the
equivalent of Bing and Google.

e


--oEAsmcSk4FO4v0KkW0W7NQQ6OTnOJcq2c
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQEcBAEBAgAGBQJWO+dGAAoJEDzYwH8LXOFODyoIAI1GO19Rbuh2E+lvcRqjTDRu
ZoNvBtfMgEvdhLdH8OFxPz//S19kTxhmZbs6VyKiAzAIN0+XDac0J85QWVQ/scHv
9ZvVug60t2Bdra0Miz8H82m2WxbW6r7yFStnUuDvDwI45/sI+inuBzTEc38xI1ev
TL4AK+fwWNcdABbSP7oLzIFBjmKXp99WO9ieMGXqC+DJdjE9zMR9114Yk85dddc5
AqylAPS3AQMe6DG1Bnh6gWHVFB54qbNNu68XHUCUeET/Hxqou25lWVsxwSsdV/jy
KDLhKq1evqZz0VJrfUwuo2IFk5cuReBGCKL9Ito23ia/rCt5L6KTIEZiootvfI8=
=nhxV
-----END PGP SIGNATURE-----

--oEAsmcSk4FO4v0KkW0W7NQQ6OTnOJcq2c--