Why Every Bitcoin User Should Understand “SPV Security”
You don’t need to understand how an engine works to drive a car. Similarly, you don’t need to understand how Bitcoin works ‘under the hood’ in order to use it.
However, if you are going to participate in the public dialogue, or even have an opinion on the future of Bitcoin, there’s a few things you should know.
The Great Scaling Debate
If you weren’t already aware, there is somewhat of a civil war going on between Bitcoin developers, businesses, miners, and investors. The issue is over how to “scale” the network.
In simplistic terms: One side wants to follow the original Bitcoin idea of peer to peer cash and a plan to have bigger blocks; the other side wants to keep blocks small while transforming bitcoin into a settlement network.
Your Opinion Matters More Than You Think
Bitcoin is a multi-billion dollar ecosystem. It would be naive to assume that powerful corporate interests wouldn’t try to manipulate it in any way they could.
So, where do you come in?
A serious quote from comedian George Carlin is appropriate here. What do powerful special interests want?
They want more for themselves and less for everybody else. But I’ll tell you what they don’t want. They don’t want a population of citizens capable of critical thinking. They don’t want well-informed, well-educated people… They’re not interested in that. That doesn’t help them. That’s against their interests. — George Carlin
The Small Blockers’ House of Cards
From Wikipedia: “House of cards” is an expression that dates back to 1645, meaning a structure or argument built on a shaky foundation or one that will collapse if a necessary element is removed.
The Bitcoin-as-Settlement-Network argument depends on a logic chain that goes something like this:
“Most users on the network should be running a full node, therefore running a full node should be affordable, therefore we need to limit bandwidth and storage costs, therefore we have no choice but to keep blocks small.”
Most Users Do NOT Need to Run a Full Node
If we debunk the underlying assumption, the house of cards collapses.
The arguments in favor of “most users should be running a full node” can be broadly categorized into two groups: a) its good for the network, and b) its necessary for the security of the user.
We will address the former group of arguments in a separate article. For now, let’s simply challenge the assumption from a user’s viewpoint.
Simplified Payment Verification (SPV) Existed from the Beginning
First of all, SPV is nothing new. It was described in section 8 of Satoshi Nakamoto’s original whitepaper — Bitcoin: A Peer-to-Peer Electronic Cash System. Bitcoin wallets like Electrum have been using SPV successfully for years without any problems, and they save users the hassles of maintaining a full network node.
How Does SPV Work?
In a nutshell, SPV lets you validate YOUR transactions without having to worry about anybody else’s transactions.
SPV provides the 2 critical ingredients: a) It ensures your transactions are in a block, and b) it provides confirmations (proof of work) that additional blocks are being added to the chain.
That’s really all you need to know if a transaction is valid or not.¹
What Are SPV’s Security Limitations? Is There Any Benefit to a User That Runs a Full-Node?
Since an SPV wallet doesn’t check any of the other transactions in the block, theoretically the block could be invalid. 99.99% of the time, this is not a problem because we can connect to many different nodes and make sure that everyone agrees on the same chain of blocks.
Occasionally there could be an unusual situation. For example, a new consensus rule is adopted and a relatively large group of nodes doesn’t use the new rule because they forgot to upgrade.
It would not take long for those non-compliant nodes to be forked off the network, but during that event, the SPV client could be temporarily fooled into thinking the non-upgraded nodes had the correct longest chain. (After a few more blocks, the longest valid chain would become apparent again.)
This is why running a full node is said to provide ‘quicker’ security — because if you can validate all transactions yourself, there is no need to wait for extra confirmations that resolve these kinds of rare cases.
Also, running a full node theoretically provides greater privacy since the SPV client must talk to full nodes and request information about specific addresses and transactions.
Can an SPV Wallet User Be Intentionally Attacked?
This is practically impossible (there are no documented cases).
Theoretically, an attacker would have to set up a large number of rogue nodes, and prevent you from finding any honest node in the ‘real’ Bitcoin network.
If your SPV wallet finds even a single honest node, the attack will be foiled since it will be able to verify that the honest node contains the longest proof of work chain.
Furthermore, to sustain the attack, the attacker would have to keep mining blocks at the current difficulty level to continue extending their chain. This would require huge amounts of hashing power, which is very expensive and therefore economically infeasible.
Two More Bits of Good News
- It’s important to realize that an SPV wallet does not merely rely on the other network nodes to determine the longest chain of blocks. It looks at the best header chain: the chain of valid block headers that has the most cumulative proof of work. A good SPV implementation also ensures that this proof of work is of the appropriate hashing difficulty level. Those who are inclined can examine the Electrum code to see this in action.
- And of course, the kind of wallet you run has zero impact on the security of your private keys.
What Are These “SPV Fraud Proofs” I Keep Hearing About?
Fraud Proof proposals attempt to increase security in those cases where a ‘non-compliant chain contains more proof of work than the compliant chain’ as described above.
But since those cases are few and far between, the security improvement would be marginal.
It is plainly false to claim that SPV fraud proofs are required to keep users secure.
Tomas van der Wansem, author of a recent fraud proof proposal using spend trees, agrees:
Contrary to popular belief, Fraud Proof SPV and Full Nodes are not significantly more secure then SPV nodes…I am afraid that the current stagnation and abandonment of Bitcoin’s original scaling model is not induced by the absence of Fraud Proofs, but instead by a misunderstanding of Bitcoin’s security and scaling model.
SPV wallets provide a high level of security, and most users do not need to run full nodes. Armed with this information, you can enjoy peace-of-mind about your bitcoin wallet… and you can also help to defeat some of the nefarious arguments coming from false assumptions.
¹ An SPV wallet also needs to “listen” for incoming transactions to your addresses. It can do this using bloom filters, or with the help of a server holding a UTXO set.
This article is available in several foreign language formats: