Difference between revisions of "Thin Client Security"
Eldentyrell (talk | contribs) |
Eldentyrell (talk | contribs) |
||
Line 1: | Line 1: | ||
Recently there have been a number of proposals for bitcoin clients which do not store a copy of the entire block chain. I will refer to all such clients as "thin clients". This page is meant to be a place to try to make sense of the security and trust implications of the various schemes. | Recently there have been a number of proposals for bitcoin clients which do not store a copy of the entire block chain. I will refer to all such clients as "thin clients". This page is meant to be a place to try to make sense of the security and trust implications of the various schemes. | ||
+ | == Thin Client Strategies == | ||
− | == Other | + | === Simplified Payment Verification === |
+ | |||
+ | This scheme is described in section 8 of the [http://bitcoin.org/bitcoin.pdf original bitcoin whitepaper]. | ||
+ | |||
+ | === BCCAPI === | ||
+ | |||
+ | Clients are vulnerable to a double-spend attack against them by the server. Therefore, they are implicitly trusting it. | ||
+ | |||
+ | === Electrum === | ||
+ | |||
+ | Clients are vulnerable to a double-spend attack against them by the server. Therefore, they are implicitly trusting it. | ||
+ | |||
+ | == Other == | ||
* A [http://sourceforge.net/mailarchive/message.php?msg_id=28633866 thread] on bitcoin-dev | * A [http://sourceforge.net/mailarchive/message.php?msg_id=28633866 thread] on bitcoin-dev |
Revision as of 00:29, 15 January 2012
Recently there have been a number of proposals for bitcoin clients which do not store a copy of the entire block chain. I will refer to all such clients as "thin clients". This page is meant to be a place to try to make sense of the security and trust implications of the various schemes.
Contents
Thin Client Strategies
Simplified Payment Verification
This scheme is described in section 8 of the original bitcoin whitepaper.
BCCAPI
Clients are vulnerable to a double-spend attack against them by the server. Therefore, they are implicitly trusting it.
Electrum
Clients are vulnerable to a double-spend attack against them by the server. Therefore, they are implicitly trusting it.
Other
- A thread on bitcoin-dev