[ad_1]
Without any security trade-off vs. running validating nodes, there is no way to create a wallet-service without downloading and validating the blockchain.
If SPV node security trade-offs are acceptable, you may consider running the wallet service with these.
SPV nodes do not fully-validate the blockchain, and only download the longest header-chain. However, since they only validate POW in the header-chain, and do not index all transactions (only those related to the wallet service addresses), they need to obtain a proof that a tx of interest is confirmed via. another full-node peer. This proof can be delivered a merkle-proof, which represents a specific branch of the merlke-tree beginning with the txid of interest, of which the root is committed to each block header.
The security trade-off for SPV nodes is two-fold:
- Privacy: Since the wallet service is interested in tx’s pertaining to specific addresses, some information about addresses will necessarily leak to the queried full-nodes.
- Potential for omission: Peers can always remain silent about specific confirmed transactions without the SPV client being able to prove this, potentially requiring cross-comparison heuristic across validating peers.
- A SPV client does not validate any consensus rules, thereby not knowing whether the chain/branch it is following correctly validates according to the validation rule set the user supports.
[ad_2]
Source link