BanklessTimes
Home News Key Bitcoin Upgrade to Reduce Tampering Risk Goes Live

Key Bitcoin Upgrade to Reduce Tampering Risk Goes Live

Daniela Kirova
Daniela Kirova
Daniela Kirova
Author:
Daniela Kirova
Writer
Daniela is a writer at Bankless Times, covering the latest news on the cryptocurrency market and blockchain industry. She has over 15 years of experience as a writer, having ghostwritten for several online publications in the financial sector.
December 7th, 2023
  • BIP324 aims to secure communication between nodes via encryption
  • This reduces the risks of attacks by minimizing the likelihood of tampering

The most recent upgrade to Bitcoin Core, v26.0, has gone live. Bitcoin Core is the main open-source software linking the Bitcoin blockchain.

The Bitcoin Improvement Proposal 324 (BIP324) aims to secure communication between nodes via encryption, and the v26.0 upgrade contains the relevant experimental support for this. Encryption reduces the risks of attacks by minimizing the likelihood of tampering with transactions.

Upgrade Goals

The stated goals of the upgrade include confidentiality against passive attacks, the possibility to observe active ones, and inability to decrypt past session traffic.

A passive attacker will not be able to determine plaintext node exchange after he has recorded a v2 P2P bytestream without fragmentation and timing info. After recording, he will also be unable to distinguish a pseudorandom from a uniformly random bytestream.

Observability of active attacks

A user derives a session ID identifying the encrypted channel uniquely from a Diffie-Hellman negotiation. An active “middleman” attacker incurs detection risk because peer operators can compare session IDs manually. Future protocol versions may introduce optional authentication methods.

Shapable bytestream

It should be possible to shape the bytestream to increase resistance to traffic analysis (for example, to conceal block propagation), or censorship avoidance after the upgrade.

Protection against eavesdropping

An eavesdropping attacker who intercepts peer session secrets will generally not be able to decrypt past session traffic.

Compatibility and upgradability

V2 clients reduce network partition risk by enabling inbound v1 connections. The proposal involves an upgrade path via transport versioning which operators can use to add authentication, PQC handshake upgrade, etc.

Low costs

Bandwidth and computational cost should not increase with the launch of a new P2P transport protocol. The blockchain still supports the existing V1 transport protocol.

DeFi Attack Risks

The highest number of attacks in 2022 was not on the Bitcoin blockchain, but in the DeFi space. The biggest exploits combined, including the Nomad hack and the Ronin Bridge attack, led to losses of billions of dollars.

One of the biggest attacks in 2023 was against DeFi lender Euler Finance, who suffered a flash loan attack incurring losses of almost $200 million to the protocol.

Contributors

Daniela Kirova
Writer
Daniela is a writer at Bankless Times, covering the latest news on the cryptocurrency market and blockchain industry. She has over 15 years of experience as a writer, having ghostwritten for several online publications in the financial sector.