From d850cc3414766949720794be09d4dfdadc264175 Mon Sep 17 00:00:00 2001 From: "David A. Harding" Date: Thu, 18 May 2023 14:06:10 -1000 Subject: [PATCH] CH10: network privacy: drop BIP150/151 Those particular BIPs are abandoned. BIP324 takes the place of BIP151, but a lot of this section refers to authentication, which is not in BIP324. Also, this section mentions implementation, but BIP324 has not been deployed as of this writing. --- ch08.asciidoc | 47 +++++------------------------------------------ 1 file changed, 5 insertions(+), 42 deletions(-) diff --git a/ch08.asciidoc b/ch08.asciidoc index 43c0ac46..f1e3753f 100644 --- a/ch08.asciidoc +++ b/ch08.asciidoc @@ -1149,14 +1149,13 @@ client. ((("Bitcoin network", "encrypted connections")))((("encryption")))((("authentication")))Most new users of Bitcoin assume that the network communications of a Bitcoin node are -encrypted. In fact, the original implementation of bitcoin communicates -entirely in the clear. While this is not a major privacy concern for -full nodes, it is a big problem for SPV clients. +encrypted. In fact, the original implementation of Bitcoin communicates +entirely in the clear, as does the modern implementation of Bitcoin Core +at the time of writing. As a way to increase the privacy and security of the Bitcoin P2P -network, there are two solutions that provide encryption of the -communications: _Tor Transport_ and _P2P Authentication and Encryption_ -with BIP-150/151. +network, there is a solution that provides encryption of the +communications: _Tor Transport_. ==== Tor Transport @@ -1189,42 +1188,6 @@ You can find more instructions on running Bitcoin Core as a Tor hidden service in the Bitcoin Core documentation (_docs/tor.md_) and various online tutorials. -==== Peer-to-Peer Authentication and Encryption - -((("Peer-to-Peer authentication and encryption")))((("bitcoin -improvement proposals", "Peer Authentication (BIP-150)")))((("bitcoin -improvement proposals", "Peer-to-Peer Communication Encryption -(BIP-151)")))Two Bitcoin Improvement Proposals, BIP-150 and BIP-151, add -support for P2P authentication and encryption in the Bitcoin P2P -network. These two BIPs define optional services that may be offered by -compatible Bitcoin nodes. BIP-151 enables negotiated encryption for all -communications between two nodes that support BIP-151. BIP-150 offers -optional peer authentication that allows nodes to authenticate each -other's identity using ECDSA and private keys. BIP-150 requires that -prior to authentication the two nodes have established encrypted -communications as per BIP-151. - -As of January 2017, BIP-150 and BIP-151 are not implemented in Bitcoin -Core. However, the two proposals have been implemented by at least one -alternative Bitcoin client named bcoin. - -BIP-150 and BIP-151 allow users to run SPV clients that connect to a -trusted full node, using encryption and authentication to protect the -privacy of the SPV client. - -Additionally, authentication can be used to create networks of trusted -Bitcoin nodes and prevent Man-in-the-Middle attacks. Finally, P2P -encryption, if deployed broadly, would strengthen the resistance of -Bitcoin to traffic analysis and privacy-eroding surveillance, especially -in totalitarian countries where internet use is heavily controlled and -monitored. - -((("", startref="BNospv08")))((("", startref="privacy08")))((("", -startref="Sprivacy08")))The standard is defined in -https://github.com/bitcoin/bips/blob/master/bip-0150.mediawiki[BIP-150 -(Peer Authentication)] and -https://github.com/bitcoin/bips/blob/master/bip-0151.mediawiki[BIP-151 -(Peer-to-Peer Communication Encryption)]. === Transaction Pools