Cryptography

Protocol

2023-06-02

What is SPV and how does it work in Bitcoin Cash?

Simplified Payment Verification, also known as SPV, is a transaction verification system that allows users of lightweight wallets, i.e. not running full nodes, to have access to transaction history and be able to verify that certain transactions were indeed confirmed and added by miners to the blockchain.

Originally described in section 8 of the whitepaper, SPV is one of the most useful tools for obtaining certainty about transaction history.

Step-by-step operation

The user’s wallet keeps a copy of the headers of all blocks, verifying that it is always the chain with the highest proof of work. The header is a special section of the block that holds, among other information, the root of the Merkle tree of that block, i.e., a cryptographic proof of all transactions that are included in that block. The header occupies 80 bytes of space and the root of the Merkle tree occupies only 32 bytes of space. Maintaining a copy of the headers of all blocks requires about 4.2 megabytes of storage per year.

Thanks to this cryptographic proof, the user requesting to verify the authenticity of a transaction can guarantee with certainty that a transaction has been included within a block and that, since the network has subsequently built new blocks on top of it, it has been considered valid by the network.

Limitations

This system, although described in the original Bitcoin document, has some limitations, which have been mitigated over time.

One possible attack is that the node to which the user connects tells him that the transaction he is requesting does not exist, even though it does exist. To avoid this problem, wallets using this technology make multiple connections to different SPV servers, in order to increase the probability that at least one of them is honest. Servers that have lied can be banned, which, massively applied to all wallets, would discourage their use and consequently the usefulness of running malicious SPV nodes. Since the advantages for an attacker are small, it is very rare to find nodes that hide part of the transaction history from users who request it, unless it is due to a quota limit problem or a configuration error.

Another disadvantage of this system is a decrease in the user’s privacy, since it would be revealing to the servers which transactions the user is interested in and therefore increasing the chances of those servers tracking individual currencies linked to the user. Several of the proposed solutions to this problem have to do with making multiple requests to the servers, in order to obtain information about several unrelated transactions, and then discarding locally those that do not interest the user. Another way to mitigate this problem is to use technologies that anonymize the origin of the request, such as Tor.