In our recent feature, we discussed the problem of full nodes in the Bitcoin network, and more likely, why running them may be expensive to a user but grants him or her no monetary reward.
As a brief reminder, a full node is a node in a network that stores the entire copy of the blockchain to verify transactions and blocks. Still, it has to run 24/7 and takes up nearly 250 gigabytes of your hard drive as of the moment of writing. There are options to install it in a separate device as well, yet such gadgets usually cost well over $100. Full nodes are vital for the proper functioning of the Bitcoin network.
The main reason why running full nodes is not rewarded is the risk that someone malevolent may create a pool of full nodes and effectively hijack the entire ecosystem. On the other hand, spending money on devices and power supply without much compensation does not seem fair.
In the wake of our article and in order to settle this question, forklog.media talked with Gleb Naumenko, a Bitcoin Core developer. As it turned out, things are more complicated than they seemed.
The Problem of Full Node Rewards
forklog.media: We understand the theory behind why there is no reward for running a full node. But such nodes are the lifeblood of the network, so maybe there is some way to still reward those who run them?
Gleb Naumenko: There is a reward but it’s not monetary. One of the biggest advantages of running a full node is that you dramatically increase your privacy. If you just use a wallet without a full node, then whoever created that walled can see your IP address and where you send your money. If you have a full node, you don’t have to rely on anybody else. This is actually what “trustless” is about in a sense. So this great privacy is one of the rewards. That’s what Bitcoin has always been about after all.
forklog.media: But have you at Bitcoin Core ever considered changing the situation in some way to bring the full node operators something more than greater privacy and the honor to be one of the ecosystem’s pillars?
Gleb Naumenko: We have never actually discussed bringing up a monetary reward for running a full node. Generally, we think that launching a full node must be as cheap as possible. You want to get a reward because launching a reward takes much effort. What we are after is to make this effort almost unnoticeable while enhancing your understanding that you’re doing something important for the entire network.
Full Node Pool Attack
forklog.media: But even with things going as they go right now, it’s not impossible that some “consortium” might run thousands of full nodes and just dictate which blocks are correct and which are not. Do you know how to resist such an attack?
Gleb Naumenko: Bitcoin is naturally protected against such things because all you have to do in that case is find at least one “honest” node with the longest chain of blocks and spread the news.
forklog.media: That does not seem very viable. Even assuming that someone managed to reach this many people, how can they be sure he or she is not an attacker? So there must be some other way to resist it.
Gleb Naumenko: Right now, there are around 60,000 full nodes, with 8,000 of them running publicly. If someone launches say, 100,000 “bad” nodes, half of the users will connect to them without even knowing that they are bad. We at Bitcoin Core will start working on that as soon as we see such things happening.
forklog.media: But it doesn’t have to happen incrementally. In fact, all I need to run such an attack is to have a powerful server and internet access. Basically, I could do it with just one click. The attack would just happen in a blink of an eye. And what are you going to do? How would you know where the real blockchain is?
Gleb Naumenko: If it does happen, it’s likely that we would launch some “trust system” for a while that would address nodes with some sort of proof. For instance, it could be proof of operation before the attack’s commencement. Or we could make trusted the nodes showing that they have bitcoins minted in 2014. There are different options. We could even take the nodes belonging to Bitcoin developers, which is not good of course but could work as an extreme remedy for the first week of such a crisis.
Again, we could talk directly with miners because the problem here would be to find what miners have actually mined. So I would say that this problem really exists, and there is no easy solution for that. Even more complex solutions are far from perfect. We think all the time how to make it better but the best possible prevention means, in that case, is indeed to make it easier for honest users to run full nodes.
How to Solve the Problem?
forklog.media: Why can’t you divide blockchain into previously verified parts and “freeze them” to create some sort of a golden standard everyone will agree upon, and then move incrementally until the actual state of blockchain?
Gleb Naumenko: In some form, this solution already exists. We have a flag “assume_valid,” which is old, and means that a given hash at a given height is assumed to be correct. When you download software from Bitcoin Core, it’s signed by the developers and other people, and you trust them to have checked the code. It’s the same way here: you trust that the given hash is correct. It’s not perfect as well and may lead to even bigger problems. In Ethereum such trust issues end up resolved with Vitalik’s tweets. Which is obviously far from perfect.
forklog.media: So, in your opinion, the best solution is upscaling, right?
Gleb Naumenko: Yes. But an honest one. The solutions I talked about are not very good compared to that. Someone might just buy out the proofs of age, or just buy those old Bitcoins and run the attack you described once again. And it’s a real problem.
It seems that the theoretical “full node pool” attack may occur even with relatively high entry threshold and no rewards, let alone with the presence of some monetary incentivizing system.
Still, Bitcoin Core does not seem to have a well-developed response plan should this kind of attack occur. One can only hope that in case it does happen, the consequences will not be catastrophic, and the eventual remedy will work, even if it will not be welcomed by some community members.