17
6
I try to understand a SPV implementation.
I read the wiki pages on Protocol Specification and Thin Client Security as well as the white-paper's chapter 8 .
What I don't understand:
Assume user A has Bitcoin address X.
User A can do getheaders and load all block headers and then have all block hashes and timestamps.
So: how does a SPV client then find possible transactions to the user's Bitcoin address X without loading all blocks (and all transactions)?
19
You are right that SPV as described in the Bitcoin paper does not explain how to discover payments to yourself, without downloading full blocks. My guess is that Satoshi either planned to develop this later, or that he assumed you'd just be told about payments to yourself (pay-to-IP, as existed next to pay-to-pubkeyhash as is used now).
Practical implementations of SPV nodes today however use a protocol extension called bloom filters, described in BIP 37. They use getheaders to fetch block information prior to their wallet's birth timestamp, and request filtered blocks afterwards. To do so, they submit a bloom filter that describes the addresses and transactions they are interested in to the peer. The peer then only includes the relevant transactions in blocks it submits, together with their Merkle paths to prove that these transactions were indeed part of said block.
6
If it helps https://gist.github.com/TOMOAKI12345/7e0aa1c6b8ace4a70ca6
Breadwallet source code is really good source to learn about the network protocol of SPV wallet.
3
Just found something in bitcoinj sourcecode:
/**
* The "getheaders" command is structurally identical to "getblocks", but has different meaning. On receiving this
* message a Bitcoin node returns matching blocks up to the limit, but without the bodies. It is useful as an
* optimization: when your wallet does not contain any keys created before a particular time, you don't have to download
* the bodies for those blocks because you know there are no relevant transactions.
*/
1
In addition to above answers, You could refer to this diagram if it helps from this link.
-4
I think SPV is only meant to verify transactions, not calculate a balance or list of all transactions to a certain address.
1But how does Multibit (a SPV thin-client) check for incomming payments so fast? – Jonas Schnelli – 2013-05-20T06:48:31.383
@Jonas, Multibit uses bloom filters, that why it can check for incomming payments that fast. – rdymac – 2013-05-20T20:53:47.460
2I downvoted. Verifying transaction is exactly the thing SPV does not do: it only verifies the block chain, not the transactions in it. – Pieter Wuille – 2013-06-19T09:36:02.127
SPV clients can calculate balances and can list transactions to certain addresses by requesting filtered blocks. SPV clients also verify transaction validity by verifying the signatures; what SPV does not verify is inclusion of outputs in the utxo, so double spending is possible. – dionyziz – 2016-01-25T00:02:33.470
@dionyziz SPV clients cannot verify signatures, as they don't have the UTXO entries to know what to verify against. – Pieter Wuille – 2016-09-05T17:17:31.367
@Pieter Thanks for clarifying, you are correct. – dionyziz – 2016-09-06T00:11:59.277