bitcoin-p2p协议
需要握手之后才能发送其他命令,握手流程如下:
version<--->verack |
0.8.6 版本
version<--->verack |
Message structure
| Field Size | Description | Data type | Comments |
|---|---|---|---|
| 4 | magic | uint32_t | Magic value indicating message origin network, and used to seek to next message when stream state is unknown |
| 12 | command | char[12] | ASCII string identifying the packet content, NULL padded (non-NULL padding results in packet rejected) |
| 4 | length | uint32_t | Length of payload in number of bytes |
| 4 | checksum | uint32_t | First 4 bytes of sha256(sha256(payload)) |
| ? | payload | uchar[] | The actual data |
getheaders
| Field Size | Description | Data type | Comments |
|---|---|---|---|
| 4 | version | uint32_t | the protocol version |
| 1+ | hash count | var_int | number of block locator hash entries |
| 32+ | block locator hashes | char[32] | block locator object; newest back to genesis block (dense to start, but then sparse) |
| 32 | hash_stop | char[32] | hash of the last desired block header; set to zero to get as many blocks as possible (2000) |
API wallet
A wallet that relies on a central server like Electrum could be called an API wallet. This wallet will only connect to one or more servers and speak to the server using the API there. It will implicitly trust what the servers tell it and it won’t download the whole blockchain.
Autotip chrome extension. It’s similar to SPV in that it doesn’t download the whole blockchain, but is different in that not even headers are downloaded.
When an API wallet wants to send bitcoin the following process occurs:
- Call to UTXO source (via blockchain.info/blockr.io/blocktrail/etc)
- Pass desired UTXO into Transaction library (such as Bitcore or Moneywagon)
- Pass in private key to transaction library to sign desired inputs from step 2
- Decode transaction object from JS/python/C#/whatever type to hex type.
- Send hex data of transaction through PushTX (via blockchain.info/blockr.io/etc)
- Short Poll “unconfirmed transaction” until your newly pushed TX gets confirmed.
- You are done!
SPV wallet
spv 操作
只下载 headers
SPV verification
https://www.reddit.com/r/Bitcoin/comments/2feox9/electrum_securityprivacy_model/
I am the main developer of Electrum. The original post contains statements that are not true. Electrum does indeed connect to a single server in order to fetch transactions and address histories. However, it also connects to MANY servers in order to fetch block headers, find and verify the longest chain, and verify that all the transactions in its history are consistent with the blockchain, using SPV.
SPV is a way to check that all transactions received by the client are in the blockchain. However, SPV is not a proof of completeness: the client has no proof that it received all the transactions that are relevant to its wallet (the nodes you are talking to could be lying by omission). Electrum currently does not have a way to verify completeness of its history (although this will be addressed soon). Note that clients using bloom filters (Multibit) have exactly the same weakness: they can verify the transactions they receive (using spv), but they lack a proof of completeness too.
One security advantage of Electrumis that servers are authenticated using SSL; this provides protection against MITM attacks, which is a problem for thin clients, including bloom filter clients. However, this advantage comes at the cost of privacy, because the main Electrum server you use knowns which addresses you are using; bloom filter clients have more privacy (although I believe the default setting in Multibit is to favor speed at the expense of privacy).