[Cryptography] Security model of blockchains ?
grarpamp
grarpamp at gmail.com
Sat Jun 2 23:04:55 PDT 2018
On Sat, Jun 2, 2018 at 4:27 PM, John Levine <johnl at iecc.com> wrote:
> In article <b7b2bffa-47ae-3f50-fbf5-08a248c79680 at agner.io> you write:
>>"Hijacking Bitcoin: Routing Attacks on Cryptocurrencies" ->
>>https://btc-hijack.ethz.ch/
>>https://www.marcoagner.org/
>
> Thanks, that was the sort of thing I was looking for, assumptions in
> the security model that may not be true, and bad things happen if they
> are indeed not true.
>
> It is my impression that blockchains generally assume a flat mostly
> reliable connection among nodes. This paper says that 13 ISPs host
> 30% of the whole Bitcoin network, and 60% of connections cross three
> ISPs. I wonder who and where those three are.
Bitcoin Core BTC... and most all other cryptocurrencies... head in sand.
If you're not encrypting end to end over the wire you're just opening
yourself up to so many bad things.
Only a few out of 1000+ among them had a clue to implement mandatory
TLS with operational mode options including Accept All for the Stupid,
fingerprint pinning, TOFU, etc, all with cert logging capabilities for change
debugging, and handy management tools as needed.
There's maybe five decent privacy coins that are using fully encrypted
end to end transports natively, even if not yet offering a full matrix of
possible usage modes therein.
And a similar number known to be additionally supporting interop with
anonymous overlay networks.
And a growing number actually taking privacy tech inside the coin itself
as a necessary fundamental property of the promise of cryptocurrency.
Kudos to them.
The first part of cryptocurrency... is "crypto".
Don't launch without it.
[bcc cpunks because cryptocurrency is banned at metz, lol]
More information about the cypherpunks
mailing list