|
Title: SPV with simple Fraud Hints Post by: tomtomtom7 on May 16, 2017, 10:17:31 AM I would like to better understand the problem of fraud proofs and false flagging fraud hints with normal SPV (headers only+merkle branch).
I understand the two difficult cases: * A transaction included that references a non-existing output. Absence of the referenced tx cannot be proven. * A TXID included of a non-existent transaction, and a transaction is included that references it. This also cannot be proven. Now both these cases can only be *hinted*, and it is said that to verify such (cheaply faked) hints, the SPV falls back to full node. But what if the SPV simply registers the hint for a transaction in block N, and uses this hint to ensure every received transaction in block >= N must request all ancestors up to block N-1 for verification? Requesting ancestors seems no bad practice, so this makes both false flagging attacks as well as attacks using invalid blocks unfeasible, and protected by normal anti-DoS measures. What am I missing here? Why does the SPV need to fall back to full node? Title: Re: SPV with simple Fraud Hints Post by: tomtomtom7 on May 18, 2017, 08:45:34 AM Can anybody help me with this?
I think we even make it standard for SPV nodes to require the ancestors up to N blocks in the past, to further the diminish costs of false flags. I don't understand how either false hinting, or invalid blocks by tx withholding can harm that way. Doesn't this make SPV fully resilient to any miner attack? |