[Electrum-discuss] To slush, about Stratum

[Amir T. <zg...@ya...>]

Slush asked me about the problems with Stratum (namely starvation attacks).

I thought I'd just enumerate them here.

Basically each request (like get_history) is too large. If you imagine that on the backend that it is composed of many smaller requests. Therefore requesting the history for 1VayNert or some other address means a huge amount of backend operations.

I believe the correct way to resolve this is by having each request split into many smaller requests. Thomas disagrees and thinks you just need better DoS protection on the backend. I'm not so sure that's the entire solution and see it more as a band-aid around a deeper problem.

Also I don't like that the server stores state. Ideally everything should be stateless (see BIP 33).

Lastly line delimited TCP is not secure as Patrick pointed out.

These problems are resolvable and are fixable. It just requires more time for properly thinking them out.

Part of the issue is that Thomas told me that the constraint for mobile devices is not computational resources, but bandwidth. I'm starting to think the way to resolve this would be by having a Spinner type protocol on top of the underlying Stratum one. This would sacrifice privacy for mobiles, but I think that's OK.