Possible trust loss and details of Blockstack's SNV

#1
  • What are the technical details of it? How does it work? (Is there a paper yet on what’s different to SPV? Or does it work exactly the same with replacing all payment with name?
  • Is there a trust loss in SNV/SPV? If so, how much? Could this get improved somehow?
  • Is SNV implemented yet in (a|the) client (or a “proof of concept” one)?

Thanks!


SPV refers to “simple payment verification”, a technique to verify a transaction without needing the full blockchain history.
SNV (“simple name verification”) is Blockstack’s equivalent, more here.


Related:

1 Like
How do lightweight blockstack nodes operate a SNV protocol
Trusting Blockstack nodes for name resolution
#2

I read and thought some more about Bitcoin’s SPV and Blockstack’s SNV. Please correct me if there’s something wrong, something unclear, etc. And please don’t consider all these things as true :smiley:

When using SPV for validating transactions in Bitcoin, the client requests the block (with the transaction to validate) and the headers of the following blocks (depending on how much confirmation it wants to see). These headers are easy to check, and scale linearly in contrast to download the bigger and bigger blocks.
The check happens with a merkle tree, with the consensus hash at the root. With each block built on top of the transaction’s block the amount of work required for a successful attack increases.
When having no idea about the current state of the network (from a client’s perspective), there’s the danger getting wrong data from the server (lying on purpose, got spoofed, …). To encounter this, it’s necessary to ask some nodes in the network for their current state (and ensuring that there’s a consent). As of now, there aren’t that many nodes, I guess[1]. So it’s probably difficult to solve this that way. Is there another way?

Is this the reason why @light wrote that it’s necessary to have a trusted node?

Couldn’t Blockstack’s SNV use fully the diversity and mass of nodes from Bitcoin to ensure validity? All name actions get embedded into the blockchain, so adding a Blockstack node on top, shouldn’t change something with the trust.

And another remaining question: What’s different from SPV to SNV?


For more reference, there are some more information in the docs:


[1] https://github.com/blockstack/blockstack-core/issues/262, maybe the forum is a better place for this?

#3

Is this the reason why @light wrote that it’s necessary to have a trusted node?

The goal of SNV (Simplified Name Verification) is to make it possible to answer the question “Does name X belong to key Y?” without having to run a full Blockstack node. @light is correct that you need a trusted node to do this.

Recall that Blockstack maintains a “virtual blockchain” within Bitcoin. Bitcoin nodes do not verify that a given transaction is a valid Blockstack transaction. Instead, full Blockstack nodes verify that they are in the same fork-set as others by checking that they calculate the same consensus hash as their peers (if you haven’t read it yet, I recommend you read the virtualchain paper here: https://blockstack.org/virtualchain.pdf). By construction, if you know the current consensus hash, you can use it to verify any prior name operation that went into calculating it (you get the current consensus hash from a trusted node).

This lets us break the question of “Does name X belong to key Y?” question into two sub-questions: “Did name X get assigned to key Y with the name operation in transaction Z?” and “Is transaction Z the most recent name operation on X?”

Suppose I have a trusted consensus hash from the current block, and I have the latest SPV headers from the Bitcoin blockchain. When I look up name X from an untrusted Blockstack node, I get back transaction Z as the claimed last transaction that affected X. I can use my SPV headers to verify that transaction Z was incorporated into the main Bitcoin blockchain. I can use the consensus hash to verify that transaction Z was accepted into Blockstack’s virtual blockchain, and assigned name X to key Y. This answers the first-subquestion.

However, I still have to verify that the name operation in transaction Z was the last name operation to affect name X (i.e. X wasn’t later assigned to a different key Y’ by a subsequent accepted transaction Z’). We’re still working on a way to do this entirely within Blockstack. Today, you can do this if you have a trusted UTXO server: you simply verify that the owner output from Z is unspent. In the future, I’d like to modify the consensus hash to incorporate a “current owner” set that would let SNV clients verify that a given name was owned by a given address at the time the consensus hash was generated.

4 Likes
What does "blockstack lookup" really do?
#4

So I guess this comes down to asking some (random) servers for their view and comparing the results to get a neutral and decentral-derived view?

How many Blockstack nodes are there? And how many run “independently” from yours?

I think many people of the community would like to run one, to get that decentralized. Maybe a pool of servers is something nice to have :slight_smile:

#7

I agree, it would be great to have many people running Blockstack nodes. I think a worthwhile project would be to create a version of Blockstack that runs on Sandstorm, a platform that makes it easy for people to run self-hosted, open-source server applications. Blockstack seems a perfect fit for this.