the electrum protocol doesn't include ssl fingerprints in peer exchange yet, which might mean a mitm can easily offer you a fake peer network.
this is something that is not too complex to add and can reduce the censorship/difficulty tradeoff for cryptocurrency clients
Almost zero cryptocurrency networks use TLS, that's very bad (and it's called TLS for decade+ now, not SSL), they all should have used it since day one over 13 years ago. Clients should do opportunistic TLS with a TOFU cert learning db, report new keys in user log (because unless the coin network peers are doing PKI or registry no one will have way to verify changes anyway), have one mode to keep locked to TOFU certs, one mode to just accept all cert changes, another mode to accept some number ot percent of cert changes per time period. Since most certs in a p2p net will be selfsigned and not in the root path, and if not Letsencrypt policy will constantly be bumping out your pinned sig forms, and verifying sigs is not as important as catching pubkey swapouts which are the real indicators of actual privkey compromise. So use pubkey pinning, instead of cert_DER pinning, see: curl --pinnedpubkey That will cut the number of pin management interrupts to just privkey swapouts and reinitialized nodes.