I had the same concerns regarding Bloq's seed node addition and removed it from Bisq's BitcoinJ fork (https://github.com/bisq-network/bitcoinj/commit/7b2ed972fa09237a79388d39c49f51ee6aa17ac3).
Though there are much more problematic privacy issues with the broken Bloom filter implementation and design. Any full node (operated by a surveillance company like Skry) can find out that all wallet addresses belong to one user and if you don't use Tor they even know your IP address. Unfortunately nobody is working on that to fix that. The chain blindness of BitcoinJ is another major concern not addressed as far I know and will set BitcoinJ users at risk to spend their Bitcoin on a chain which they don't want to support and/or get exposed to replay attacks. Very concerning IMO! Am Freitag, 29. September 2017 03:59:50 UTC-5 schrieb quantu...@gmail.com: > > I was recently made aware on Twitter than Bitcoinj updated its DNS seed > node list to include Jeff Garzik's and Bloq's nodes. I would like to know > why these were added, and why other 2x seed nodes were not. This bothers me > both because of the(though a leap to a degree) concerns over Bloq's > investment in Skry and acquiring its analytics software and techniques, and > the fact that these seed nodes are running BTC1. > > This creates two problems in my mind. 1) It opens up all users of wallets > basing off your version of Bitcoinj to be tagged and identified on a > network level by a company that has directly invested in chain analytics > company. This is a huge privacy risk for users. It also opens up the > potential to be compromised in terms of the Bitcoin network as well as the > seed nodes would decide what nodes to pass the new wallet off to. > > Which leads me to my next issue. These new seed nodes operating BTC1 > creates a huge systemic risk for users in the event the NY Agreement is > fulfilled and there is a fork in November. These new DNS seed additions > could be guaranteeing wallets are connected to both network post-fork and > cause unpredicted/detrimental behavior for users. > > I would ask that these additions be removed, and would like to know why > they were added in the first place, as they introduce two different risk > surfaces for your userbase that would not exist without them. > > Thank you for taking the time to read my concerns. > -- You received this message because you are subscribed to the Google Groups "bitcoinj" group. To unsubscribe from this group and stop receiving emails from it, send an email to bitcoinj+unsubscr...@googlegroups.com. For more options, visit https://groups.google.com/d/optout.
