BitDevs Wiki

Source

Transcript

BIP324: Hiding from a Global Passive Observer (Bitcoin Core Dev Tech, May 2026)

Bitcoin Core Dev Tech 2026 (notes via Bitcoin Transcripts)May 7, 2026

Added to the wiki June 17, 2026 at 06:14 PM UTC · full text archived June 17, 2026 at 06:14 PM UTC

BIP 324 encrypts Bitcoin's peer-to-peer transport, but a passive observer can still infer things from packet size and timing. The session laid out a threat-model spectrum — local firewall, ISP, low-sophistication active observer, and global passive observer ("record now, analyze later") — and the harms in scope: being blocked, being detected running Bitcoin at all, and leaking application data such as which transactions a node originates.

The prevailing view was not to reinvent Tor-style traffic shaping (a plausible framing being "if you need strong anonymity, use Tor") but to pursue targeted measures: shaping transaction relay specifically (cheap, and barely affecting latency-sensitive miners), replacing variable-size INV with a uniform data stream, and fixing the fixed-port problem by picking and persisting a random port on first startup so blocking 8333 doesn't trivially work. A noted upper bound: whatever a passive attacker can learn is bounded by what an attacker running their own node could already learn, since node addresses are relayed on the network.

Appears in