Topic: Anyone have more information on the status of CoinPrune (Read 290 times)

Technically Fast and light node are different. I think @gmaxwell following ethereum node definition from geth software,

Well they can validate going forward ... so you could argue that it's a middle ground security because it's a single point in time exposure... assuming that the usage isn't what the ethereum usage has become:  In ethereum its normal for nodes to get stuck and fall behind, and people automatically have it fast sync in response (there is even setting in standard node software to do this!).  So, we've seen in practice that that middle ground doesn't appear to be stable.

OK. The same as the "light nodes" of Ethereum, which aren't real nodes, don't validate, but actually depends, amd connects to actual full nodes that validate.


In short, it doesn't solve anything. I don't believe there's a security trade-off, because you're giving up ALL of it.

Not the OP but I read the paper. It's like "fast sync" almost all ethereum nodes use: it is intended to allow replacing full nodes with nodes that trust that the majority of coinprune participating miners were honest about correct utxo set.

Assuming you were okay with that security property it would remove most of the bandwidth required for synchronization but not at runtime. ... though if you're okay with a very strong assumption on the honesty of miners it opens the question of why not using a spv client.

OP, does CoinPrune's proposal raise the issue of scaling the network out to, increase the number of full nodes that validate? From the name "CoinPrune", I believe they only raised a solution for the storage issue, not the bandwidth issue.

Zero hits for it in my email, on the Bitcoin mailing lists, or on BCT, ... seems like the authors didn't care if the Bitcoin community ever saw it.

The idea is pretty similar to other commited utxo models.  It takes for form of periodically electing a block to have its utxo snapshotted (at considerable cost to nodes, hopefully offset by being infrequent) which (presumably after some delay) is included in unverified miner commitments.  Its not clear to me what advantage the paper's commitment structure has over proposals that use a rolling commitment which can be affirmed (and validated) at every block very cheaply plus a non-consensus-normative decision of what snapshots to keep.

The paper provides no meaningful security analysis and asserts that it maintains security but as far as I can determine it does not: It proposes something with SPV like security:  Users of it blindly trust miners to not, say, collectively reassign all the unspent coins from the first year to themselves.  It assumes "an honest majority of CoinPrune miners" but is silent on why the majority would be honest or what would happen if they're not.

As far as I can tell it's a somewhat worse than SPV security model, because miners blocks are not rejected by full nodes for committing to faithless snapshots, which would mean it lacks even the limited economic incentive argument for the security of SPV.

Whitepaper: https://arxiv.org/pdf/2004.06911.pdf

GitHub: https://github.com/COMSYS/coinprune

Youtube talk: https://www.youtube.com/watch?v=RuO34yT8j-g

Just found the whitepaper when researching scaling and it looks like they have a working implementation, but other than that nothing. Anyone have more info or thoughts on this?