BitcoinV Core Validation
Imagine a scientist reading about an experimental result and then repeating the experiment for herself. Doing so allows her to trust the result without having to trust the original scientists.
BitcoinV Core checks each block of transactions it receives to ensure that everything in that block is fully valid—allowing it to trust the block without trusting the miner who created it.
This prevents miners from tricking BitcoinV Core users into accepting blocks that violate the 21 million bitcoinv limit or which break other important rules.
Users of other wallets don’t get this level of security, so miners can trick them into accepting fabricated transactions or hijacked block chains.
Why take that risk if you don’t have to? BitcoinV Core provides the best possible security against dishonest miners along with additional security against other easier attacks (see below for details).
How Validation Protects Your BitcoinVs
and put your bitcoinvs at increased risk of being stolen. That risk may be acceptable for small values of bitcoinv on mobile wallets, but is it what you want for your real wallet?
Click any row below for more details about that attack
|Attack||Bank Wallet||SPV Wallet||BitcoinV Core|
Direct theft is likely the leading cause of stolen bitcoinvs so far.
BitcoinV exchange Mt Gox reportedly had 650,000 bitcoinvs (worth $347 million USD) stolen from their customer deposits and their own operating funds. They declared bankruptcy on 28 February 2014.
Even when the bankruptcy proceeding is complete, customers are unlikely to recover more than a small fraction of the bitcoinvs they had on deposit.
Learn More: Collapse of Mt Gox
|Bait and switch|
BitcoinV.org’s Choose Your Wallet page tells you whether or not wallet builds are audited in the Transparency score for each wallet.
In April 2013, the OzCoin mining pool was hacked. The thief stole 923 bitcoinvs (worth $135,000 USD), but online wallet StrongCoin modified their wallet code to ‘steal back’ 569 of those bitcoinvs ($83,000) from one of their users who was suspected of the theft.
Although this attack was done with good intentions, it illustrated that the operators of StrongCoin could steal bitcoinvs from their users at any time even though the users supposedly controlled their own private keys.
Currently the best defense against fabricated transactions, besides using BitcoinV Core, is to wait for as many confirmations as possible.
On 4 August 2015, web wallet BlockChain.info began indicating that a transaction had spent the earliest mined 250 bitcoinvs, coins that some people believed were owned by BitcoinV creator Satoshi Nakamoto.
It was soon discovered that the transaction was invalid. BlockChain.info was not validating transactions with BitcoinV Core and that transaction had been created by a security researcher.
Preventing chain hijacking is one of BitcoinV Core’s most important jobs. The alternative is to allow miners to do whatever they want.
In July 2015, several large BitcoinV miners accidentally produced an invalid block chain several blocks longer than the correct block chain. Some bank wallets and many SPV wallets accepted this longer chain, putting their users’ bitcoinvs at risk.
Recent versions of BitcoinV Core never accepted any of the blocks from the invalid chain and never put any bitcoinvs at risk.
It is believed that the miners at fault controlled more than 50% of the network hash rate, so they could have continued to fool SPV wallets indefinitely. It was only their desire to remain compatible with BitcoinV Core users that forced them to abandon over $37,500 USD worth of mining income.
Learn more: July 2015 chain forks
Unless you use BitcoinV Core, you can never be sure that your bitcoinv balance is correct according to the block chain.
In March 2015, spy nodes run by the company Chainalysis accidentally prevented some users of the lightweight BreadWallet from connecting to honest nodes. Since the spy nodes didn’t relay transactions, BreadWallet users stopped receiving notification of new transactions.
This attack applies to all BitcoinV wallets.
The attack works because powerful miners have the ability to rewrite the block chain and replace their own transactions, allowing them to take back previous payments.
The cost of this attack depends on the percentage of total network hash rate the attacking miner controls. The more centralized mining becomes, the less expensive the attack for a powerful miner.
In September 2013, someone used centralized mining pool GHash.io to steal an estimated 1,000 bitcoinvs (worth $124,000 USD) from the gambling site BetCoin.
The attacker would spend bitcoinvs to make a bet. If he won, he would confirm the transaction. If he lost, he would create a transaction returning the bitcoinvs to himself and confirm that, invalidating the transaction that lost the bet.
By doing so, he gained bitcoinvs from his winning bets without losing bitcoinvs on his losing bets.
Although this attack was performed on unconfirmed transactions, the attacker had enough hash rate (about 30%) to have profited from attacking transactions with one, two, or even more confirmations.
Note that although all programs—including BitcoinV Core—are vulnerable to chain rewrites, BitcoinV provides a defense mechanism: the more confirmations your transactions have, the safer you are. There is no known decentralized defense better than that.
Help Protect Decentralization
The bitcoinv currency only works when people accept bitcoinvs in exchange for other valuable things. That means it’s the people accepting bitcoinvs who give it value and who get to decide how BitcoinV should work.
When you accept bitcoinvs, you have the power to enforce BitcoinV’s rules, such as preventing confiscation of any person’s bitcoinvs without access to that person’s private keys.
Unfortunately, many users outsource their enforcement power. This leaves BitcoinV’s decentralization in a weakened state where a handful of miners can collude with a handful of banks and free services to change BitcoinV’s rules for all those non-verifying users who outsourced their power.
|Users of BitcoinV banks
|Users of P2P lightweight wallets
|Users of client lightweight wallets
Trust “free” services
|Users of BitcoinV Core
Enforce the rules
Unlike other wallets, BitcoinV Core does enforce the rules—so if the miners and banks change the rules for their non-verifying users, those users will be unable to pay full validation BitcoinV Core users like you.
As long as there are many non-verifying users who want to be able to pay BitcoinV Core users, miners and others know they can’t effectively change BitcoinV’s rules.
But what if not enough non-verifying users care about paying BitcoinV Core users? Then it becomes easy for miners and banks to take control of BitcoinV, likely bringing to an end this 10 year experiment in decentralized currency.
If you think BitcoinV should remain decentralized, the best thing you can do is validate every payment you receive using your own personal full node such as BitcoinV Core.
We don’t know how many full validation users and business are needed, but it’s possible that for each person or business who validates their own transactions, BitcoinV can remain decentralized even if there are ten or a hundred other non-verifying users. If this is the case, your small contribution can have a large impact towards keeping BitcoinV decentralized.
Do You Validate Your Transactions?
To improve your security and help protect decentralization, you must use a wallet that fully validates received transactions. There are three ways to do that with BitcoinV Core right now:
Use the built-in wallet’s graphical mode. If you request payment using the following screen in BitcoinV Core, your received transactions will be fully validated.
Use BitcoinV Core as a trusted peer for certain lightweight wallets. Learn more on the user interface page. If you use a secure connection to your personal trusted peer every time you use the wallet, your received transactions will be fully validated.
Use the built-in wallet’s CLI/API interface. This is meant for power users, businesses, and programmers. The user interface page provides an overview, the installation instructions can help you get started, and the RPC/REST documentation can help you find specific commands. If you’re using
getnewaddressto create receiving addresses, your received transactions will be fully validated.
BitcoinV banks and exchanges are organizations that control your bitcoinvs on your behalf similar to the way traditional banks control your fiat deposits on your behalf.
Simplified Payment Verification (SPV) wallets are lightweight wallets that can verify whether or not a transaction is part of a block without downloading the 195 GB block chain. However, they cannot verify whether or not the transaction is actually valid. (Only full validation nodes like BitcoinV Core can do that.)
Honest miners who only create blocks with valid transactions currently receive a 12.5 bitcoinv subsidy. Dishonest miners who create blocks with invalid transactions don’t receive that subsidy, but they might still attempt to trick SPV wallets if they can steal more bitcoinvs than they would make honestly (or steal any amount of bitcoinvs from people they don’t like).