Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194]
	helo=mx.sourceforge.net)
	by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <gappleto97@gmail.com>) id 1YsGzM-0004dW-Ug
	for bitcoin-development@lists.sourceforge.net;
	Tue, 12 May 2015 20:41:16 +0000
Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com
	designates 209.85.213.177 as permitted sender)
	client-ip=209.85.213.177; envelope-from=gappleto97@gmail.com;
	helo=mail-ig0-f177.google.com; 
Received: from mail-ig0-f177.google.com ([209.85.213.177])
	by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
	(Exim 4.76) id 1YsGzL-0006bx-RP
	for bitcoin-development@lists.sourceforge.net;
	Tue, 12 May 2015 20:41:16 +0000
Received: by igbpi8 with SMTP id pi8so120345031igb.1
	for <bitcoin-development@lists.sourceforge.net>;
	Tue, 12 May 2015 13:41:10 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.50.176.137 with SMTP id ci9mr6296916igc.2.1431463270474;
	Tue, 12 May 2015 13:41:10 -0700 (PDT)
Received: by 10.107.165.21 with HTTP; Tue, 12 May 2015 13:41:10 -0700 (PDT)
Received: by 10.107.165.21 with HTTP; Tue, 12 May 2015 13:41:10 -0700 (PDT)
In-Reply-To: <CAJHLa0O3fgmg4AFAM9+4RRkhSo8ekATs2Ks+Ry7ooQafjQ-4qw@mail.gmail.com>
References: <CANJO25J1WRHtfQLVXUB2s_sjj39pTPWmixAcXNJ3t-5os8RPmQ@mail.gmail.com>
	<CANJO25JTtfmfsOQYOzJeksJn3CoKE3W8iLGsRko-_xd4XhB3ZA@mail.gmail.com>
	<CAJHLa0O5OxaX5g3u=dnCY6Lz_gK3QZgQEPNcWNVRD4JziwAmvg@mail.gmail.com>
	<20150512171640.GA32606@savin.petertodd.org>
	<CAE-z3OV3VdSoiTSfASwYHr1CjZSqio303sqGq_1Y9yaYgov2sw@mail.gmail.com>
	<CAAS2fgRzGkcJbWbJmFN2-NSJGUcLdPKp0q7FjM0x7WDvHoRq=g@mail.gmail.com>
	<CANJO25+qURmDzsMgnm7+tsw7icFO--gWhmKmQPuNQCoh_R2big@mail.gmail.com>
	<CAJHLa0PDbxuqRHuGNhsyvLpAaDq=ZHSg_u-Sb7FqNVnYrhFkFg@mail.gmail.com>
	<CAAS2fgTCMeNdcmMxURxaoAJn8=XZnTP8Gp6PbRk5w7KXAZ8t3g@mail.gmail.com>
	<CAJHLa0O3fgmg4AFAM9+4RRkhSo8ekATs2Ks+Ry7ooQafjQ-4qw@mail.gmail.com>
Date: Tue, 12 May 2015 16:41:10 -0400
Message-ID: <CANJO25+yXnkQm8ATq694PurDKGBPTkCcJzD4fJaPS4Jy9HmbTg@mail.gmail.com>
From: gabe appleton <gappleto97@gmail.com>
To: Jeff Garzik <jgarzik@bitpay.com>
Content-Type: multipart/alternative; boundary=089e0111e0dabf1a560515e88382
X-Spam-Score: -0.3 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
	-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
	sender-domain
	0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
	(gappleto97[at]gmail.com)
	-0.0 SPF_PASS               SPF: sender matches SPF record
	0.2 FREEMAIL_ENVFROM_END_DIGIT Envelope-from freemail username ends in
	digit (gappleto97[at]gmail.com)
	1.0 HTML_MESSAGE           BODY: HTML included in message
	-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
	author's domain
	0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
	not necessarily valid
	-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1YsGzL-0006bx-RP
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Proposed additional options for pruned
	nodes
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Tue, 12 May 2015 20:41:17 -0000

--089e0111e0dabf1a560515e88382
Content-Type: text/plain; charset=UTF-8

I suppose this begs two questions:

1) why not have a partial archive store the most recent X% of the
blockchain by default?

2) why not include some sort of torrent in QT, to mitigate this risk? I
don't think this is necessarily a good idea, but I'd like to hear the
reasoning.
On May 12, 2015 4:11 PM, "Jeff Garzik" <jgarzik@bitpay.com> wrote:

> True.  Part of the issue rests on the block sync horizon/cliff.  There is
> a value X which is the average number of blocks the 90th percentile of
> nodes need in order to sync.  It is sufficient for the [semi-]pruned nodes
> to keep X blocks, after which nodes must fall back to archive nodes for
> older data.
>
> There is simply far, far more demand for recent blocks, and the demand for
> old blocks very rapidly falls off.
>
> There was even a more radical suggestion years ago - refuse to sync if too
> old (>2 weeks?), and force the user to download ancient data via torrent.
>
>
>
> On Tue, May 12, 2015 at 1:02 PM, Gregory Maxwell <gmaxwell@gmail.com>
> wrote:
>
>> On Tue, May 12, 2015 at 7:38 PM, Jeff Garzik <jgarzik@bitpay.com> wrote:
>> > One general problem is that security is weakened when an attacker can
>> DoS a
>> > small part of the chain by DoS'ing a small number of nodes - yet the
>> impact
>> > is a network-wide DoS because nobody can complete a sync.
>>
>> It might be more interesting to think of that attack as a bandwidth
>> exhaustion DOS attack on the archive nodes... if you can't get a copy
>> without them, thats where you'll go.
>>
>> So the question arises: does the option make some nodes that would
>> have been archive not be? Probably some-- but would it do so much that
>> it would offset the gain of additional copies of the data when those
>> attacks are not going no. I suspect not.
>>
>> It's also useful to give people incremental ways to participate even
>> when they can't swollow the whole pill; or choose to provide the
>> resource thats cheap for them to provide.  In particular, if there is
>> only two kinds of full nodes-- archive and pruned; then the archive
>> nodes take both a huge disk and bandwidth cost; where as if there are
>> fractional then archives take low(er) bandwidth unless the fractionals
>> get DOS attacked.
>>
>
>
>
> --
> Jeff Garzik
> Bitcoin core developer and open source evangelist
> BitPay, Inc.      https://bitpay.com/
>

--089e0111e0dabf1a560515e88382
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<p dir=3D"ltr">I suppose this begs two questions:</p>
<p dir=3D"ltr">1) why not have a partial archive store the most recent X% o=
f the blockchain by default?</p>
<p dir=3D"ltr">2) why not include some sort of torrent in QT, to mitigate t=
his risk? I don&#39;t think this is necessarily a good idea, but I&#39;d li=
ke to hear the reasoning. </p>
<div class=3D"gmail_quote">On May 12, 2015 4:11 PM, &quot;Jeff Garzik&quot;=
 &lt;<a href=3D"mailto:jgarzik@bitpay.com">jgarzik@bitpay.com</a>&gt; wrote=
:<br type=3D"attribution"><blockquote class=3D"gmail_quote" style=3D"margin=
:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir=3D"ltr">T=
rue.=C2=A0 Part of the issue rests on the block sync horizon/cliff.=C2=A0 T=
here is a value X which is the average number of blocks the 90th percentile=
 of nodes need in order to sync.=C2=A0 It is sufficient for the [semi-]prun=
ed nodes to keep X blocks, after which nodes must fall back to archive node=
s for older data.<div><br></div><div>There is simply far, far more demand f=
or recent blocks, and the demand for old blocks very rapidly falls off.<br>=
<div><br></div><div>There was even a more radical suggestion years ago - re=
fuse to sync if too old (&gt;2 weeks?), and force the user to download anci=
ent data via torrent.</div><div><br></div><div><br></div></div></div><div c=
lass=3D"gmail_extra"><br><div class=3D"gmail_quote">On Tue, May 12, 2015 at=
 1:02 PM, Gregory Maxwell <span dir=3D"ltr">&lt;<a href=3D"mailto:gmaxwell@=
gmail.com" target=3D"_blank">gmaxwell@gmail.com</a>&gt;</span> wrote:<br><b=
lockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px =
#ccc solid;padding-left:1ex"><span>On Tue, May 12, 2015 at 7:38 PM, Jeff Ga=
rzik &lt;<a href=3D"mailto:jgarzik@bitpay.com" target=3D"_blank">jgarzik@bi=
tpay.com</a>&gt; wrote:<br>
&gt; One general problem is that security is weakened when an attacker can =
DoS a<br>
&gt; small part of the chain by DoS&#39;ing a small number of nodes - yet t=
he impact<br>
&gt; is a network-wide DoS because nobody can complete a sync.<br>
<br>
</span>It might be more interesting to think of that attack as a bandwidth<=
br>
exhaustion DOS attack on the archive nodes... if you can&#39;t get a copy<b=
r>
without them, thats where you&#39;ll go.<br>
<br>
So the question arises: does the option make some nodes that would<br>
have been archive not be? Probably some-- but would it do so much that<br>
it would offset the gain of additional copies of the data when those<br>
attacks are not going no. I suspect not.<br>
<br>
It&#39;s also useful to give people incremental ways to participate even<br=
>
when they can&#39;t swollow the whole pill; or choose to provide the<br>
resource thats cheap for them to provide.=C2=A0 In particular, if there is<=
br>
only two kinds of full nodes-- archive and pruned; then the archive<br>
nodes take both a huge disk and bandwidth cost; where as if there are<br>
fractional then archives take low(er) bandwidth unless the fractionals<br>
get DOS attacked.<br>
</blockquote></div><br><br clear=3D"all"><div><br></div>-- <br><div>Jeff Ga=
rzik<br>Bitcoin core developer and open source evangelist<br>BitPay, Inc. =
=C2=A0 =C2=A0 =C2=A0<a href=3D"https://bitpay.com/" target=3D"_blank">https=
://bitpay.com/</a></div>
</div>
</blockquote></div>

--089e0111e0dabf1a560515e88382--