Is there a lightweight fork of Bitcoin Core?

ABCbits

legendary

Activity: 2870

Merit: 7490

Crypto Swap Exchange

Quote from: takuma sato on September 11, 2024, 03:39:40 PM

Quote from: HeRetiK on August 04, 2024, 08:44:47 AM

What is it you're worried about, specifically? If security is a concern, you'd probably gain more by setting up cold storage or getting a hardware wallet. Having the logic for Taproot support as part of your wallet's code should not affect your ability to send regular transactions in any way, let alone open up any new security holes (with using a hot wallet in itself being by far the largest security concern).

I already use cold storage on a laptop. My question is, I wanted to have a Bitcoin Core feature that does the bare minimum. Like Bitcoin Core would be Ubuntu, what I would like is Xubuntu, this way you still contribute to the network, keep a full copy of the blockchain, and you are able to use the nice Coin Control feature, keep watch only features to check your funds and broadcast transaction, but you would get rid of anything else that I consider to be too fancy.

Such thing doesn't exist. Bitcoin Knots is the only alive fork of Bitcoin Core, which actually has more feature.

Quote from: takuma sato on September 11, 2024, 03:39:40 PM

In addition, you don't want to use a hardware wallet at all, this has always been my philosophy, for an obvious reason. When you own a hardware wallet, you are a target. When a thief finds it, he has an insane incentive to try to bruteforce it, exploit it and so on, compared to some old laptop, in principle, it's irrelevant.

Here's more:
https://blog.merklescience.com/general/dark-skippy-a-new-threat-to-hardware-wallets

If the attacker could install malicious firmware on your hardware, it's likely the attacker also have full control over your device (such as computer) anyway.

takuma sato

sr. member

Activity: 317

Merit: 448

Quote from: HeRetiK on August 04, 2024, 08:44:47 AM

What is it you're worried about, specifically? If security is a concern, you'd probably gain more by setting up cold storage or getting a hardware wallet. Having the logic for Taproot support as part of your wallet's code should not affect your ability to send regular transactions in any way, let alone open up any new security holes (with using a hot wallet in itself being by far the largest security concern).

I already use cold storage on a laptop. My question is, I wanted to have a Bitcoin Core feature that does the bare minimum. Like Bitcoin Core would be Ubuntu, what I would like is Xubuntu, this way you still contribute to the network, keep a full copy of the blockchain, and you are able to use the nice Coin Control feature, keep watch only features to check your funds and broadcast transaction, but you would get rid of anything else that I consider to be too fancy.

In addition, you don't want to use a hardware wallet at all, this has always been my philosophy, for an obvious reason. When you own a hardware wallet, you are a target. When a thief finds it, he has an insane incentive to try to bruteforce it, exploit it and so on, compared to some old laptop, in principle, it's irrelevant.

Here's more:
https://blog.merklescience.com/general/dark-skippy-a-new-threat-to-hardware-wallets

As exploits and hacks become better, you don't want to give anyone the chance to try that on your shinny device. Just use a boring laptop in my opinion. If you want to transact on the move, use a phone or some other smaller device where you only carry a small amount.

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: Synchronice on August 14, 2024, 02:21:23 PM

I wouldn't trust Laptop because god knows whether there are backdoors in hardware or not.

That's why you use a cold wallet setup, and check the transaction before signing.

Quote

Hardware wallet looks to be easier work compared to PC/Laptop components.

True. A hardware wallet is usually recommended to Newbies instead of creating your own airgapped cold wallet.

Quote

To be honest, I have said it many times that if you don't hold thousands of Bitcoins, you are most likely safe. What's going happen if you hold 1 Bitcoin on Coldcard wallet at home? Anyone is going to hack it? Really?

You're talking about targeted attacks. In reality, it's mostly automated malware that steals any amount it can.

Synchronice

hero member

Activity: 882

Merit: 792

Watch Bitcoin Documentary - https://t.ly/v0Nim

Quote from: takuma sato on August 11, 2024, 11:19:37 AM

I don't trust hardware wallets, I use a 2 laptop setup with 2 Bitcoin Core instances, one used as cold wallet and another as hot wallet with watch only addresses.
If most of the network uses code that eventually adds some sort of exploit or bug with all that experimental creativity being added you will care as you see the price crash irrespective of how you are holding the coins.

I wouldn't trust Laptop because god knows whether there are backdoors in hardware or not. Hardware wallet looks to be easier work compared to PC/Laptop components.
To be honest, I have said it many times that if you don't hold thousands of Bitcoins, you are most likely safe. What's going happen if you hold 1 Bitcoin on Coldcard wallet at home? Anyone is going to hack it? Really?

Quote from: LoyceV on August 12, 2024, 10:33:36 AM

Quote from: ABCbits on August 12, 2024, 04:25:46 AM

i don't understand why you don't trust hardware wallet. There are some hardware wallet which is fully open source, where you can even build one by yourself.

I can think of a few reasons. The most important one: it's a black box. I have to trust the manufacturer to do what they say they do, and sometimes they turn 180 degrees.

To be honest again Cheesy

most of us have to trust developers. If you can't read a code and aren't a very good software developer or engineer or whatever it is, then you can't be sure that you are safe with any open-source software, you depend on someone else's opinion.

pooya87

legendary

Activity: 3472

Merit: 10611

Quote from: takuma sato on August 11, 2024, 11:19:37 AM

Those are part of the Bitcoin Core's code, your node doesn't need to have any of that if you don't want to and it's still Bitcoin.

Those are part of the Bitcoin consensus rules not just core's code. But it's true that you don't need to verify everything you be using Bitcoin. But you also don't need to download the entire blockchain if you aren't going to verify everything (it won't be a "full node" if you don't), maybe you should look into using a SPV client.

Quote

as well as nonsense usages of block space like ordinals and co.

Well whether you run a full node that can verify new features such as Taproot or run an old client that doesn't verify everything won't change the fact that the abusers will continue spamming.

Quote

the way as such experimental features are added on the most used node software.

Taproot and the Schnorr signatures aren't some "experimental" feature and it wasn't added to this software. It is a solid algorithm that is added to the Bitcoin protocol.

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: ABCbits on August 13, 2024, 04:57:26 AM

At minimum, i do not expect backdoor designed to steal Bitcoin on such general electronic board/module.

That's quite an assumption. I'd prefer a much more generic air-gapped laptop with a generic Linux distribution and Bitcoin Core (or Electrum).

Quote from: takuma sato on August 11, 2024, 11:19:37 AM

I don't need anything that isn't moving money from A to B in a legacy address, any other "features" added after that just add complexity and potential exploits, as well as nonsense usages of block space like ordinals and co.

I don't want Ordinals (spam) either, but as long as it's using Bitcoin blocks, your node will have to verify them.

Quote

Let's just hope no fatal bug is added along the way

Let's assume you switch to much less popular and much less tested software that offers less features than Bitcoin Core. What makes you think that software is less likely to have bugs?

ABCbits

legendary

Activity: 2870

Merit: 7490

Crypto Swap Exchange

Quote from: LoyceV on August 13, 2024, 04:34:29 AM

Quote from: ABCbits on August 13, 2024, 04:20:13 AM

I've seen few people build their own Trezor and Blockstream Jade.

Aren't the components still black boxes? I've seen more discussion about potential bias in dice rolls than about potential problems with hardware wallets.
The fact that it's always recommended to buy directly from the manufacturer makes me think there's a lot of trust involved.

I don't engage much on electronic field. But on some cases, you can choose various electronic board/module, where i expect few of them are fully open source. For example, Blockstream recommend 8 different board/module if you want to build your own Jade[1]. At minimum, i do not expect backdoor designed to steal Bitcoin on such general electronic board/module.

[1] https://github.com/Blockstream/Jade/tree/master/diy

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: ABCbits on August 13, 2024, 04:20:13 AM

I've seen few people build their own Trezor and Blockstream Jade.

Aren't the components still black boxes? I've seen more discussion about potential bias in dice rolls than about potential problems with hardware wallets.
The fact that it's always recommended to buy directly from the manufacturer makes me think there's a lot of trust involved.

ABCbits

legendary

Activity: 2870

Merit: 7490

Crypto Swap Exchange

Quote from: LoyceV on August 12, 2024, 10:33:36 AM

Quote from: ABCbits on August 12, 2024, 04:25:46 AM

i don't understand why you don't trust hardware wallet. There are some hardware wallet which is fully open source, where you can even build one by yourself.

I can think of a few reasons. The most important one: it's a black box. I have to trust the manufacturer to do what they say they do, and sometimes they turn 180 degrees.

Fair point. Although IIRC Ledger was never fully open source, partially due to closed-source secure element.

Quote from: LoyceV on August 12, 2024, 10:33:36 AM

Quote

There are some hardware wallet which is fully open source, where you can even build one by yourself.

Who's really able to do that?

Someone with some electronics and computer skill. I've seen few people build their own Trezor and Blockstream Jade.

LoyceV

legendary

Activity: 3290

Merit: 16489

Thick-Skinned Gang Leader and Golden Feather 2021

Quote from: ABCbits on August 12, 2024, 04:25:46 AM

i don't understand why you don't trust hardware wallet. There are some hardware wallet which is fully open source, where you can even build one by yourself.

I can think of a few reasons. The most important one: it's a black box. I have to trust the manufacturer to do what they say they do, and sometimes they turn 180 degrees.

Quote from: LoyceV on June 02, 2023, 04:13:59 AM

By using a hardware wallet, you're basically trusting them with your money, while the security of "be your own bank" shouldn't rely on third-parties. I really hate this part, and even when using offline software wallets, you have to trust someone. It's impossible to verify all the software you're using, even if it's open source. "Trusting" goes against the basics of Bitcoin, but it's inevitable one way or another.

ABCbits

legendary

Activity: 2870

Merit: 7490

Crypto Swap Exchange

Quote from: takuma sato on August 11, 2024, 11:19:37 AM

I don't trust hardware wallets, I use a 2 laptop setup with 2 Bitcoin Core instances, one used as cold wallet and another as hot wallet with watch only addresses.

If you can trust Bitcoin Core, i don't understand why you don't trust hardware wallet. There are some hardware wallet which is fully open source, where you can even build one by yourself.

Quote from: takuma sato on August 11, 2024, 11:19:37 AM

Let's just hope no fatal bug is added along the way as such experimental features are added on the most used node software.

Quote from: takuma sato on August 11, 2024, 11:19:37 AM

If most of the network uses code that eventually adds some sort of exploit or bug with all that experimental creativity being added you will care as you see the price crash irrespective of how you are holding the coins.

Good thing Bitcoin Core isn't the only Bitcoin full node software out there. Anyway, if you're looking for something that less "bloated" than Bitcoin Core, you should check gocoin[1]. It's solo developed by one person for more than a decade and have less code lines.

[1] https://github.com/piotrnar/gocoin

takuma sato

sr. member

Activity: 317

Merit: 448

Quote from: pooya87 on August 04, 2024, 09:37:23 AM

Considering how Taproot and other things are part of the Bitcoin protocol, any fork that doesn't have it is not exactly Bitcoin anymore. As for security, there is no trade off whatsoever and security of Bitcoin has not changed nor did the implementation of called Bitcoin Core. If it had, the entire Bitcoin as a network and system would be insecure not just your client alone.

As for the "code clutter", the code has actually gotten cleaner and more categorized and also a lot more improved and optimized over the years.

Those are part of the Bitcoin Core's code, your node doesn't need to have any of that if you don't want to and it's still Bitcoin. I don't need anything that isn't moving money from A to B in a legacy address, any other "features" added after that just add complexity and potential exploits, as well as nonsense usages of block space like ordinals and co. Anything that isn't for moving money from A to B is just cluttering both code and block space but "Bitcoin developers" like to "develop" this thing as if it was a Google app apparently. Let's just hope no fatal bug is added along the way as such experimental features are added on the most used node software.

Quote from: HeRetiK on August 04, 2024, 08:44:47 AM

What is it you're worried about, specifically? If security is a concern, you'd probably gain more by setting up cold storage or getting a hardware wallet. Having the logic for Taproot support as part of your wallet's code should not affect your ability to send regular transactions in any way, let alone open up any new security holes (with using a hot wallet in itself being by far the largest security concern).

I don't trust hardware wallets, I use a 2 laptop setup with 2 Bitcoin Core instances, one used as cold wallet and another as hot wallet with watch only addresses.
If most of the network uses code that eventually adds some sort of exploit or bug with all that experimental creativity being added you will care as you see the price crash irrespective of how you are holding the coins.

ABCbits

legendary

Activity: 2870

Merit: 7490

Crypto Swap Exchange

Quote from: pooya87 on August 04, 2024, 09:37:23 AM

Considering how Taproot and other things are part of the Bitcoin protocol, any fork that doesn't have it is not exactly Bitcoin anymore.

But the fork could be based on older Bitcoin Core version, which doesn't contain Taproot support.

Quote from: nc50lc on August 04, 2024, 11:44:03 PM

--snip--
Since you've written that no one can change your mind:
Use Bitcoin Core v0.20.2 which doesn't include TapRoot implementations (including test networks),
but its last patch was 3 years ago so use it at your own risk.

That client wont relay transactions that has TapRoot inputs but will still accept the blockchain like a normal Bitcoin node would.
And its GUI/RPC supports PSBT, but quite outdated.

It's also worth to mention since that version, there are few updates to PSBT feature[2-3].

[1] https://github.com/bitcoinj/bitcoinj
[2] https://bitcoincore.org/en/releases/0.21.0/
[3] https://bitcoincore.org/en/releases/25.0/

ranochigo

legendary

Activity: 3038

Merit: 4418

Crypto Swap Exchange

Quote from: nc50lc on August 04, 2024, 11:44:03 PM

Since you've written that no one can change your mind:
Use Bitcoin Core v0.20.2 which doesn't include TapRoot implementations (including test networks),
but its last patch was 3 years ago so use it at your own risk.

Yeah, probably a good idea not to use it. Core prior to v0.22.0 has several DoS vulnerabilities that aren't fixed.

Unfortunately, I believe Core is one of the more optimized and maintained wallets out there. If you are using anything other than that, there is a potential that it isn't as optimized or with bugs[1].

[1] https://blog.lopp.net/2023-bitcoin-node-performance-tests/

nc50lc

legendary

Activity: 2534

Merit: 6080

Self-proclaimed Genius

Quote from: takuma sato on August 03, 2024, 07:40:57 PM

I don't really need Taproot, or any other things that add complexity in the code. Im even ok with legacy only, since I rarely make transactions,
and anything after legacy for me adds a tradeoff in security no way how you want to put it-snip-

Since you've written that no one can change your mind:
Use Bitcoin Core v0.20.2 which doesn't include TapRoot implementations (including test networks),
but its last patch was 3 years ago so use it at your own risk.

That client wont relay transactions that has TapRoot inputs but will still accept the blockchain like a normal Bitcoin node would.
And its GUI/RPC supports PSBT, but quite outdated.

DaveF

legendary

Activity: 3500

Merit: 6320

Crypto Swap Exchange

Quote from: takuma sato on August 03, 2024, 07:40:57 PM

Is anyone maintaining a lightweight version of Bitcoin Core that only has legacy address support, segwit support, and coin control? I don't really need Taproot, or any other things that add complexity in the code. Im even ok with legacy only, since I rarely make transactions, and anything after legacy for me adds a tradeoff in security no way how you want to put it, so for me all these are just cluttering the thing for no reason. One thing I find useful is the generation of a PSBT file so you cannot screw up with the command line when generating a raw transaction and then sending it into the online node to broadcast. But I would like to be able to remove anything that cluters up the code with many things I will never use. I just need to be able to send and recieve from A to B. I feel like Bitcoin Core from 10 years ago with whatever really necessary bugs that were found fixed would do.

How do you intend to send from A to B if B is giving you a taproot address? Outside of my signature campaign payments here, and brutally honest when I am too lazy to generate a new address and reuse an old one I have handy, by default my wallet only generates taproot.

And keep in mind taproot allows the use of Schnorr Signatures, which offers better security.

But anyway, there is nothing that really does what you want. You could probably put together something and compile it yourself but that's about it.

-Dave

pooya87

legendary

Activity: 3472

Merit: 10611

Considering how Taproot and other things are part of the Bitcoin protocol, any fork that doesn't have it is not exactly Bitcoin anymore. As for security, there is no trade off whatsoever and security of Bitcoin has not changed nor did the implementation of called Bitcoin Core. If it had, the entire Bitcoin as a network and system would be insecure not just your client alone.

As for the "code clutter", the code has actually gotten cleaner and more categorized and also a lot more improved and optimized over the years.

HeRetiK

legendary

Activity: 3122

Merit: 2178

Playgram - The Telegram Casino

What is it you're worried about, specifically? If security is a concern, you'd probably gain more by setting up cold storage or getting a hardware wallet. Having the logic for Taproot support as part of your wallet's code should not affect your ability to send regular transactions in any way, let alone open up any new security holes (with using a hot wallet in itself being by far the largest security concern).

ABCbits

legendary

Activity: 2870

Merit: 7490

Crypto Swap Exchange

The only fork of Bitcoin Core software i know is Bitcoin Knots. But it's not lightweight since it also download whole blockchain and have additional features. If you just need lightweight wallet either as hot or cold wallet, Electrum mostly match your requirement since it support PSBT, while until now it doesn't support creating Taproot address.

takuma sato

sr. member

Activity: 317

Merit: 448

Is anyone maintaining a lightweight version of Bitcoin Core that only has legacy address support, segwit support, and coin control? I don't really need Taproot, or any other things that add complexity in the code. Im even ok with legacy only, since I rarely make transactions, and anything after legacy for me adds a tradeoff in security no way how you want to put it, so for me all these are just cluttering the thing for no reason. One thing I find useful is the generation of a PSBT file so you cannot screw up with the command line when generating a raw transaction and then sending it into the online node to broadcast. But I would like to be able to remove anything that cluters up the code with many things I will never use. I just need to be able to send and recieve from A to B. I feel like Bitcoin Core from 10 years ago with whatever really necessary bugs that were found fixed would do.

Topic: Is there a lightweight fork of Bitcoin Core? (Read 304 times)