Open in app

Sign in

Write

Sign in

SPV as Implemented Today is EXACTLY As Described In the Bitcoin Whitepaper

Jonald Fyookball
4 min readSep 24, 2017

--

There is still quite a bit of misinformation in the Bitcoin world, and it often comes from people that are supposedly experts.

Recently, Luke-Jr, a “Core” developer, has made some unsettling remarks about SPV or “lite” clients, including that “The Whitepaper’s SPV doesn’t exist”. He also says you’re “not using Bitcoin” if you use a lite wallet.

I take offense to this, NOT just because I am involved in a lite-wallet project called Electron Cash, but much more importantly: because he’s disseminating incorrect information about Bitcoin’s security model.

That Information Is Not Just Incorrect, It’s Being Used To Support an Agenda

It goes like this:

If SPV isn’t secure, that means everyone must run a full node. If everyone must run a full node, then blocks must be kept small. If blocks must be kept small, then Bitcoin can be prevented from scaling.

The end result is that Bitcoin either stagnates, or evolves into a multi-layered system that is a far cry from the Bitcoin we all know and love.

Sadly, that stagnation has been happening for a long time. Thankfully, there is a lifeboat to preserve the ledger as peer to peer money, called Bitcoin Cash.

Back to SPV:

What Does the Whitepaper Actually Say?

SPV (Simplified Payment Verification) is described in section 8 of the Bitcoin Whitepaper.

Let’s take a close look at exactly what the whitepaper says.

The first part of section 8 describes how SPV works:

”It is possible to verify payments without running a full network node. A user only needs to keep a copy of the block headers of the longest proof-of-work chain, which he can get by querying network nodes until he’s convinced he has the longest chain, and obtain the Merkle branch linking the transaction to the block it’s timestamped in. He can’t check the transaction for himself, but by linking it to a place in the chain, he can see that a network node has accepted it, and blocks added after it further confirm the network has accepted it.”

This is precisely what a good SPV client like Electron Cash does. You can look at the code for this specific functionality here.

The Minor Limitations of SPV Are Also Disclosed

The second part of section 8 discusses the (very minor) limitations of SPV.

”As such, the verification is reliable as long as honest nodes control the network, but is more vulnerable if the network is overpowered by an attacker. While network nodes can verify transactions for themselves, the simplified method can be fooled by an attacker’s fabricated transactions for as long as the attacker can continue to overpower the network. One strategy to protect against this would be to accept alerts from network nodes when they detect an invalid block, prompting the user’s software to download the full block and alerted transactions to confirm the inconsistency. Businesses that receive frequent payments will probably still want to run their own nodes for more independent security and quicker verification”

There’s a few important points here.

First, it is acknowledged that SPV isn’t perfect. The whitepaper never said it was, and clearly discloses the theoretical limitations.

Secondly, the condition when SPV becomes unreliable is when “the network is overpowered by an attacker”. How often is the Bitcoin network overpowered by an attacker? If that ever were to happen, even full nodes would not be safe.

Thirdly, the whitepaper hints at how to develop strategies to mitigate against even these unusual cases. The fact that these strategies (which deal with very rare situations) haven’t been perfected doesn’t mean that “the whitepaper SPV’s does not exist” as Luke puts it.

Separating Fact from Myth

It’s pretty amazing how much misinformation can be packed into a few sentences.

Time for some fact checking:

Myth: “Lite clients are not using Bitcoin”
Fact: Lite clients are using Bitcoin exactly as described in section 8 of the Bitcoin whitepaper.

Myth: “Lite clients are not secure”
Fact: Lite clients are quite secure. For almost all users, in almost all practical settings, just as secure as full nodes.

Myth: “If you’re using a Lite client, you might as well be using Paypal”
Fact: Most users (perhaps even 99%) don’t run full nodes, nor should they.

Myth: “The Whitepaper’s SPV does not exist”
Fact: The whitepaper’s description of SPV is implemented in wallets like Electrum and Electron Cash.

Myth: “SPV turned out to be impossible”
Fact: “SPV fraud proofs”, as they are often called, are briefly touched on in the whitepaper, are only relevant in extremely rare scenarios, and are an area of ongoing research.

Be Careful Who You Listen To

In conclusion, be careful where you get your information from, even if its a Core developer.

Wait, scratch that. Especially if its a Core developer.

And especially if its from r/bitcoin, which is infamous for its censorship.

(Hint: try r/btc instead.)

Bitcoin

--

--

Jonald Fyookball

Written by Jonald Fyookball

1.6K Followers

You can tip me at https://sharetip.me/jonald

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams