Is "Reclaiming Disk Space" already implemented? How effective will it be?

Question

Some people are concerned about the scalability of Bitcoin. The blockchain already has reached nearly 1 GB to download and store, which is not exactly in the spirit of a modern thin client, especially in regards to mobile devices.

Now when consulting the Satoshi Paper, it seems they already came up with a solution:

7. Reclaiming Disk Space

Once the latest transaction in a coin is buried under enough blocks, the spent transactions before it can be discarded to save disk space. To facilitate this without breaking the block's hash, transactions are hashed in a Merkle Tree [...], with only the root included in the block's hash. Old blocks can then be compacted by stubbing off branches of the tree. The interior hashes do not need to be stored.

A block header with no transactions would be about 80 bytes. If we suppose blocks are generated every 10 minutes, 80 bytes * 6 * 24 * 365 = 4.2MB per year. With computer systems typically selling with 2GB of RAM as of 2008, and Moore's Law predicting current growth of 1.2GB per year, storage should not be a problem even if the block headers must be kept in memory.

Is this already implemented for the current version? "4.2 MB per year" suggests that no. Is it already on the roadmap? Have the developers met any unforeseen obstacles? Will the solution be as effective as promised?

Satoshi believes that Moores Law predicts a linear growth? — Roland Kofler, Apr 28 '13 at 07:13
@Roo, Satoshi did say "current", which could be interpreted to mean that (s)he was explicitly referring to the linearized approximation. — Tyler, May 04 '14 at 06:30

eldentyrell · Accepted Answer · 2012-01-15T00:42:10.627

The blockchain already has reached nearly 1 GB to download and store,

The proposal in Satoshi's paper does not reduce the download requirements, only the storage requirements (see this post to the bitcoin-dev mailing list). Unless you are able to rely on some trusted third party, you still need to download at least all of the block headers.

If you download only the headers and not the full blocks and treat "buried X blocks deep" as proof that a transaction is valid you are open to a new class of attacks that would not affect a normal full-chain client. The normal client treats "buried X blocks deep" as proof that a transaction will not be reversed later on -- the check to ensure that the transaction's inputs are unspent is completely separate from this. A thin client cannot check that a transaction's inputs are unspent because it has only the block headers -- it does not have a copy of the transactions themselves.

The most worrisome of these new attacks have to come from your ISP, but in this day of wi-fi cafes that isn't such a far-fetched scenario. So, use at your own risk.

I've been picking away at a wiki page dealing with all these issues.

Links in your answer are broken. – jayarjo Oct 22 '17 at 14:28 — jayarjo, Oct 22 '17 at 14:28

score 4 · Answer 2 · answered Jan 14 '12 at 20:37

4

Currently there are no official lighweight clients like that available, nor are they in the making as far as I know. There are, however, a couple unofficial clients, like StrongCoin or Electrum, that hold even less data. Those are, however, working in a server-client mode, not peer-to-peer as the client described by Satoshi.

It is quite possible that such a client will never be created, as storing just the block headers is a bit pointless in itself. You have to rely on the network providing you a valid block chain anyway, you don't get much out of storing the headers, and if lightweight Bitcoin clients relying on servers would become widely available and accepted, you could do with even less data.

answered Jan 14 '12 at 20:37

ThePiachu

43,091
25
139
348

2

thanks, I know there can be architectures that rely on distributed servers, but the more Bitcoin can be decentralized to self-sufficient clients, the better – herzmeister Jan 14 '12 at 21:01
@herzmeister You can always get a virtual server or use a computer with static IP, install full Bitcoin on it and control it through JSON-RPC from basically anywhere. It's not too hard, and you sort of get the best of both worlds. Although after my own experience with redownloading the entire blockchain, I switched to an online wallet. – ThePiachu Jan 14 '12 at 21:45
2

yes of course you and probably even me can do it, but I'm really speaking of the masses – herzmeister Jan 14 '12 at 22:12
Masses will use client-server not knowing about it ;). – ThePiachu Jan 14 '12 at 22:42
2

@ThePiachu, you mean "Masses will get their coins stolen because they trusted a server they shouldn't have". All of the existing "light client" proposals have hidden and dangerous trust relationships that are completely undocumented. Please do not confuse these security-disasters-waiting-to-happen with the Simplified Payment Verification section in Satoshi's paper. – eldentyrell Jan 14 '12 at 23:50
@eldentyrell Same could happen if you use an operating system you don't trust, or exchange, hacked client, etc. Trusting someone to develop a simplified client is just like trusting someone to develop a lightweight client. It's all about trusting to keep the wallet.dat secure, which can be accomplished in both approaches. The only difference would be, that in the latter version the server could trick you into showing you wrong data about your transaction history, which you can verify in a block explorer. All in all, everything about Bitcoin is trust to the developers, core or otherwise. – ThePiachu Jan 15 '12 at 01:43
3

@ThePiachu, you write "trusting someone to develop a simplified client" indicating that you have clearly confused developing the client software with operating the server component. Software can be digitally signed for integrity and inspected by multiple parties, as the bitcoin client currently is. Servers upon which you rely to handle queries ("the cloud") cannot be easily audited like this. – eldentyrell Jan 15 '12 at 07:23
1

@eldentyrell - I believe Stratum Server is open source, and is architected in a way that a malicious server would not be able to do a lot of damage. It's not even alpha yet, but it's a direction I'd like to see developed. – ripper234 Jan 15 '12 at 09:13
1

@ripper234, regarding "and is architected in a way that a malicious server would not be able to do a lot of damage", nope you're incorrect. The server can perform attacks against the client that a thick client is immune to. The people promoting this "stratum" just do a good job of obscuring the security problems. – eldentyrell Jan 15 '12 at 09:29
1

@eldentyrell - I'm promoting Startum, and I don't believe it to be a major security risk. It's "less secure" than a full client, almost by definition, but I honestly don't believe it is significant for "not huge" amounts of money. – ripper234 Jan 15 '12 at 09:49
1

@ripper234, vague "it iz sekure trust us!!!" comments like yours are the sort of obfuscation I'm referring to. I'm sorry to hear that you are unaware of the security problems and trust issues. Unfortunately the fact that you are unaware of them does not mean they do not exist. Lots of people believed that mybitcoin was safe for "not huge" amounts of money and look what happened... – eldentyrell Jan 15 '12 at 10:56
1

@eldentyrell From what I understand, you will be able to copy the Electrum server, run it yourself and connect your light client only to it, which would be like using standard client and json-rpc. As for "loving the protocol" - same can be said about Bitcoin protocol. It takes a long while for someone to understand how it works, then they figure out they were wrong a couple times in understanding it. Unless you have written your own client from scratch, you don't fully understand the Bitcoin protocol, it has that many nuances to it (it still amazes me half a year later). – ThePiachu Jan 15 '12 at 11:05
3

@eldentyrell - you're spreading FUD. If you have some specific claim why it is not secure, do share (not here - either in the forum, or perhaps in http://chat.stackexchange.com/). If you'd like me to explain why I think it's safe, ask a question and I'll answer it. – ripper234 Jan 15 '12 at 11:12
@ripper234, you're spreading misinformation. I laid out my concerns multiple times in the "stratum" thread, starting here: https://bitcointalk.org/index.php?topic=55842.msg665443#msg665443 I am not going to try to repeat it within the 600-character limits of this comment mechanism. – eldentyrell Jan 16 '12 at 06:02
@ThePiachu, nobody's worried about individuals who run their own copy of the server. As herzmeister pointed out, the vast majority of the users aren't going to do this. – eldentyrell Jan 16 '12 at 06:03
1

@ripper234, by the way, you've already demonstrated that you have no idea how bitcoin works when you posted this (which I and the site admins had to edit in order to fix): http://bitcoin.stackexchange.com/questions/2598/when-did-mtgox-lose-many-thousands-of-bitcoins ... I don't think that makes you a very credible source for advice on what is or isn't secure! – eldentyrell Jan 16 '12 at 06:14
1

@eldentyrell - thanks for the flame. I have reverted your edit on that question. As I wrote above, I will gladly post an answer as to why I think Stratum is secure, if you post a question about it. It should not matter how well I know the intricate low level of Bitcoin protocol - just whether the specific claims I make are right or wrong. If there is a fault, feel free to comment about my answer to the question that I'd like you to ask. Let's stop this thread, and move to Chat if you want. – ripper234 Jan 16 '12 at 07:09
@eldentyrell, see my analysis of Stratum here: http://bitcoin.stackexchange.com/a/2615/78 – ripper234 Jan 17 '12 at 05:49
fyi I created a new question : http://bitcoin.stackexchange.com/questions/3199/read-only-blochain-in-bitcoind-patch-ideas and linked it to this one – neofutur Mar 17 '12 at 05:39

Is "Reclaiming Disk Space" already implemented? How effective will it be?

2 Answers2

Linked

Related