pull down to refresh
So, for that to be possible, you’d have to assume that the faulty transaction was accepted verbatim by the entire network and months of proof-of-work were heaped on top of it after it got confirmed.
Yes. This is what I'm saying is the security model of an SPV node. I may have misunderstand how they work though.
No, an SPV node does not have the UTXO set, nor has it checked the entire blockchain. It relies purely on a transaction being confirmed in the blockchain and accepts it as confirmed solely on basis of the header chain and proof-of-work. It cannot do script validation because it doesn’t have the UTXOs to validate inputs. It can be fooled by a single invalid block, if it accepts a transaction with a single confirmation.
An assumevalid node has processed the entire blockchain, checked every byte of every transaction and block, and has built the entire UTXO set by processing transactions. It didn’t check the outcome of the scripts, but it checked that they were all present and it had the same as everyone else before it.
Thank you. This is very helpful.
Having the UTXO set is only good if every spend has been valid. Does the assumevalid node have any other guarantee than that the majority of the network is/was honest?
In my mind, the security of a non assumevalid node is that there is at least one honest node on the network. This node will be able to tell if the majority of the network is lying to it. But the assumevalid node may not be able to tell.
However, I'm seeing your point here: the time when the majority of the network could lie was before the assumed valid block, but at that time a lower block was assumed valid and so other nodes were validating. So clearly, an invalid transaction would have been noticed.
But still, how should I talk about this difference between the 1 of n trust assumption for non-assumevalid nodes and assumevalid nodes?
Every block was the chaintip when it was freshly mined. For the assumevalid assumption to fail, you must assume that the entire network accepted an invalid transaction in a new block without anyone noticing that mistake, or someone switched out parts of the blockchain in everyone’s copies of the blockchain without anyone noticing. I guess, yeah, that’s the assumption that there is at least "one honest node that would have raised alarm", and you always have the option to be that node yourself by turning off assumevalid.
Couldn't assumevalid fail if the majority of hashrate built on an invalid block for long enough that everyone who knew it was invalid gave up and left and then those who remained set a new `assumevalid block at a higher height?
I realize this is starting to sound a little ridiculous, but I'm trying to figure out where the downside is.
It almost sounds too good to be true that nodes can safely skip validating script before an assumed valid block. Just like pruning can be really awesome, but comes at the cost of needing to resync if the node trues to load a new wallet.
I'm curious what the price that an assumevalid node pays for the benefit.
Couldn't assumevalid fail if the majority of hashrate built on an invalid block for long enough that everyone who knew it was invalid gave up and left and then those who remained set a new `assumevalid block at a higher height?
Then any user running a full validation with assumevalid disabled or set to a lower block than the offending would reject the best chain. Hopefully one of them would raise an alarm. Also, if a block had been invalid and people got forked off, how would the grand conspiracy have kept thousands of naturally suspicious and widely distributed Bitcoiners from getting that message out?
No, because it still checks that the transaction contents hash to the txids and the Merkle roots commit to all txids of the transactions in the block, and each block header commits to the predecessor, so your IBD would fail if there were any change to a transaction compared to the ones that were accepted by the network originally.
So, for it to be possible that someone includes a failty transaction in the blockchain that your node is validating to be possible, you’d have to assume that the faulty transaction was accepted verbatim by the entire network and months of proof-of-work were heaped on top of it after it got confirmed.