- BIP324 aims to secure communication between nodes via encryption
- This reduces the risks of attacks by minimizing the likelihood of tampering
The most recent upgrade to Bitcoin Core, v26.0, has gone live. Bitcoin Core is the main open-source software linking the Bitcoin blockchain.
The Bitcoin Improvement Proposal 324 (BIP324) aims to secure communication between nodes via encryption, and the v26.0 upgrade contains the relevant experimental support for this. Encryption reduces the risks of attacks by minimizing the likelihood of tampering with transactions.
Upgrade Goals
The stated goals of the upgrade include confidentiality against passive attacks, the possibility to observe active ones, and inability to decrypt past session traffic.
A passive attacker will not be able to determine plaintext node exchange after he has recorded a v2 P2P bytestream without fragmentation and timing info. After recording, he will also be unable to distinguish a pseudorandom from a uniformly random bytestream.
Observability of active attacks
A user derives a session ID identifying the encrypted channel uniquely from a Diffie-Hellman negotiation. An active “middleman” attacker incurs detection risk because peer operators can compare session IDs manually. Future protocol versions may introduce optional authentication methods.
Shapable bytestream
It should be possible to shape the bytestream to increase resistance to traffic analysis (for example, to conceal block propagation), or censorship avoidance after the upgrade.
Protection against eavesdropping
An eavesdropping attacker who intercepts peer session secrets will generally not be able to decrypt past session traffic.
Compatibility and upgradability
V2 clients reduce network partition risk by enabling inbound v1 connections. The proposal involves an upgrade path via transport versioning which operators can use to add authentication, PQC handshake upgrade, etc.
Low costs
Bandwidth and computational cost should not increase with the launch of a new P2P transport protocol. The blockchain still supports the existing V1 transport protocol.
DeFi Attack Risks
The highest number of attacks in 2022 was not on the Bitcoin blockchain, but in the DeFi space. The biggest exploits combined, including the Nomad hack and the Ronin Bridge attack, led to losses of billions of dollars.
One of the biggest attacks in 2023 was against DeFi lender Euler Finance, who suffered a flash loan attack incurring losses of almost $200 million to the protocol.
Contributors
