During the Unconfiscatable conference in Las Vegas over the weekend, the Bitcoin developers panel discussed the use of simplified-payment-verification (SPV) by wallet software. The spark for this particular discussion was a recent conversation on Twitter around whether or not the use of Neutrino, which is a new SPV protocol with additional privacy protections, should be encouraged.
I must be stupid, I fail to see how LN users getting rid of theirs full nodes is an improvement for Bitcoin. LN won't thrive without a strong L1 layer.https://t.co/SyR7vJ9FfY pic.twitter.com/imgWEENVUh— LaurentMT (@LaurentMT) January 19, 2019
This panel was moderated by Programming Blockchain instructor Jimmy Song, and the other participants on the panel were Mempool Partners founder Johnny Dilley, applied cryptography consultant Peter Todd, and Braiins Systems CEO Jan Čapek.
SPV wallets were described by Satoshi Nakamoto in the Bitcoin white paper, although the theoretical fraud proofs that would provide an additional layer of security for this type of wallet have yet to materialize in the real world.
It’s Okay for Users to Have a Choice
When Song first brought up the topic of SPV wallets to the panelists, Dilley noted that the idea of adding opt-in SPV functionality to Bitcoin Core has recently been an area of interest for the project’s contributors.
“The idea [is] that we can get to a kind of middleground where you concede some trust barriers in exchange for being able to lower your resource burden,” explained Dilley. “But there should be no expectation that that concession is something that must apply network wide. You must opt into that concession.”
Dilley made it clear that it’s vital for users to understand the tradeoffs they’re making when they degrade the security of their node to SPV level.
Peter Todd: Professional Party Pooper
Per usual, Todd played the part of pointing out the potential dangers of this type of Bitcoin wallet software.
“Neutrino, purely as a protocol to get information from a peer, has obvious improvements over the status quo,” said Todd. “But light clients are just straight up dangerous for the ecosystem.”
Todd went on to advocate a system where miners are able to add anything they want to blocks in an effort to force users to validate more information about the state of the Bitcoin network on their own.
“This is the client-side validation viewpoint where essentially there are no rules for what is allowed in a block,” explained Todd. “Thus, what a transaction means is something you have to determine purely client side because if you don’t do that, someone can put garbage that makes you think you got paid and you actually didn’t, and that block won’t be rejected.”
“All this stuff about intermediary things where yeah this sort of works but if miners collude you’re really screwed I think creates very, very, very dangerous consequences for Bitcoin,” Todd added.
In Todd’s view, simply trusting a 3rd party, such as Coinbase or Blockstream, with validation is preferable to blindly trusting a majority of miners.
“[SPV validation] is incredibly dangerous because now you have given away this trust to a group of people who can self select by buying a bunch of hardware,” said Todd. “That’s the sort of thing that makes 51% attacks profitable.”
Dilley added a concluding statement on the topic of light wallets:
“I would say it works, but you have dramatically worse trust properties than under [specific] conditions . . . As long as you understand what you’re opting into, then you can do whatever you want. But you have to understand that you’re making direct and known tradeoffs about the characteristics of your payments and your sending and payables or whatever.”