1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
|
Return-Path: <nbvfour@gmail.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id 5E15E268
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 6 Nov 2015 08:05:25 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-qg0-f68.google.com (mail-qg0-f68.google.com
[209.85.192.68])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id CA5CCFD
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 6 Nov 2015 08:05:24 +0000 (UTC)
Received: by qgep3 with SMTP id p3so10082192qge.3
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 06 Nov 2015 00:05:24 -0800 (PST)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=mime-version:sender:in-reply-to:references:date:message-id:subject
:from:to:cc:content-type;
bh=OlkpA/M5W+fqkrfqlXH3lt9Aq1E7m8sfb+ogYQhG3+0=;
b=cdX7OD2MhruHqrMv3MHaX/HJOTGc7Ocai037AW+Zy/6Nc453LF1hLjRrykzBQVsK9x
aWm9sXyUY5QkBE2Iex1vFwGQf59MQ0PNK9sl0FB0KFdfAY5uwQeT2SSLVVKphmSx4tlN
0sJJexHVxvaBhuz/u2fA/iyK28i93DZ8kvHJhJvtzb2hgNB6w5BTFq3jNy5gbV2FZnsn
NVBbBOX69ygMa/3iWfKWVG9XdFIN/J5gug28XiRjWMfO24odGgreN2+v1UyVMANDP4o+
7yNUq4vjOpP7JJy+dp8rwyk4Kz5JRx7Bu0RegHvdqAuXU/bnuMKy3Ard/p/WcdyGvkl/
+ZZA==
MIME-Version: 1.0
X-Received: by 10.140.31.38 with SMTP id e35mr11807978qge.22.1446797123931;
Fri, 06 Nov 2015 00:05:23 -0800 (PST)
Sender: nbvfour@gmail.com
Received: by 10.140.32.118 with HTTP; Fri, 6 Nov 2015 00:05:23 -0800 (PST)
In-Reply-To: <563BE746.5030406@voskuil.org>
References: <CALqxMTE1JDsT8fSoDZVTUWfnw4Cmb9LkDa+B-XUyXGPxAYernA@mail.gmail.com>
<563BE746.5030406@voskuil.org>
Date: Fri, 6 Nov 2015 00:05:23 -0800
X-Google-Sender-Auth: GutLT8b0AWDKRCAcivAJ-vOb3N8
Message-ID: <CAAcC9yv6JwSY-LhWaFc5cF6CkTwTfLLtqFfemwjJ7hKnfzXuLQ@mail.gmail.com>
From: Chris Priest <cp368202@ohiou.edu>
To: Eric Voskuil <eric@voskuil.org>
Content-Type: text/plain; charset=UTF-8
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID, FREEMAIL_FROM, RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
X-Mailman-Approved-At: Fri, 06 Nov 2015 11:11:58 +0000
Cc: Bitcoin Dev <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] summarising security assumptions (re cost metrics)
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Development Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Fri, 06 Nov 2015 08:05:25 -0000
On 11/5/15, Eric Voskuil via bitcoin-dev
<bitcoin-dev@lists.linuxfoundation.org> wrote:
> On 11/05/2015 03:03 PM, Adam Back via bitcoin-dev wrote:
>> ...
>> Validators: Economically dependent full nodes are an important part of
>> Bitcoin's security model because they assure Bitcoin security by
>> enforcing consensus rules. While full nodes do not have orphan
>> risk, we also dont want maliciously crafted blocks with pathological
>> validation cost to erode security by knocking reasonable spec full
>> nodes off the network on CPU (or bandwidth grounds).
>> ...
>> Validators vs Miner decentralisation balance:
>>
>> There is a tradeoff where we can tolerate weak miner decentralisation
>> if we can rely on good validator decentralisation or vice versa. But
>> both being weak is risky. Currently given mining centralisation
>> itself is weak, that makes validator decentralisation a critical
>> remaining defence - ie security depends more on validator
>> decentralisation than it would if mining decentralisation was in a
>> better shape.
>
> This side of the security model seems underappreciated, if not poorly
> understood. Weakening is not just occurring because of the proliferation
> of non-validating wallet software and centralized (web) wallets, but
> also centralized Bitcoin APIs.
>
> Over time developers tend to settle on a couple of API providers for a
> given problem. Bing and Google for search and mapping, for example. All
> applications and users of them, depending on an API service, reduce to a
> single validator. Imagine most Bitcoin applications built on the
> equivalent of Bing and Google.
>
> e
>
>
I disagree. I think blockchain APIs are a good thing for
decentralization. There aren't just 3 or 4 blockexplorer APIs out
there, there are dozens. Each API returns essentially the same data,
so they are all interchangeable. Take a look at this python package:
https://github.com/priestc/moneywagon
|