You took the quote out of context: "a full node can copy the chain state from someone else, and check that its hash matches what the block chain commits to. It's important to note that this is a strict reduction in security: we're now trusting that the longest chain (with most proof of work) commits to a valid UTXO set (at some point in the past)."
The described synchronization mechanism would be to determine the most-work block header (SPV level of security!), and then sync the UTXO set committed to within that block. This is strictly less security than building the UTXO set yourself because it is susceptible to a 51% attack which violates protocol rules. On 04/10/2014 11:19 AM, Paul Rabahy wrote: > You say UTXO commitments is "a strict reduction in security". If UTXO > commitments were rolled in as a soft fork, I do not see any new attacks > that could happen to a person trusting the committed UTXO + any > remaining blocks to catch up to the head. > > I would imagine the soft fork to proceed similar to the following. > 1. Miners begin including UTXO commitments. > 2. Miners begin rejecting blocks with invalid UTXO commitments. > 3. Miners begin rejecting blocks with no UTXO commitments. > > To start up a fresh client it would follow the following. > 1. Sync headers. > 2. Pick a committed UTXO that is deep enough to not get orphaned. > 3. Sync blocks from commitment to head. > > I would argue that a client following this methodology is strictly more > secure than SPV, and I don't see any attacks that make it less secure > than a full client. It is obviously still susceptible to a 51% attack, > but so is the traditional block chain. I also do not see any sybil > attacks that are strengthened by this change because it is not modifying > the networking code. > > I guess if the soft fork happened, then miners began to not include the > UTXO commitment anymore, it would lower the overall network hash rate, > but this would be self-harming to the miners so they have an incentive > to not do it. > > Please let me know if I have missed something. ------------------------------------------------------------------------------ Put Bad Developers to Shame Dominate Development with Jenkins Continuous Integration Continuously Automate Build, Test & Deployment Start a new project now. Try Jenkins in the cloud. http://p.sf.net/sfu/13600_Cloudbees _______________________________________________ Bitcoin-development mailing list Bitcoin-development@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/bitcoin-development
