Author

Topic: Is there a lightweight fork of Bitcoin Core? (Read 304 times)

legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
September 12, 2024, 04:06:14 AM
#20
What is it you're worried about, specifically? If security is a concern, you'd probably gain more by setting up cold storage or getting a hardware wallet. Having the logic for Taproot support as part of your wallet's code should not affect your ability to send regular transactions in any way, let alone open up any new security holes (with using a hot wallet in itself being by far the largest security concern).

I already use cold storage on a laptop. My question is, I wanted to have a Bitcoin Core feature that does the bare minimum. Like Bitcoin Core would be Ubuntu, what I would like is Xubuntu, this way you still contribute to the network, keep a full copy of the blockchain, and you are able to use the nice Coin Control feature, keep watch only features to check your funds and broadcast transaction, but you would get rid of anything else that I consider to be too fancy.

Such thing doesn't exist. Bitcoin Knots is the only alive fork of Bitcoin Core, which actually has more feature.

In addition, you don't want to use a hardware wallet at all, this has always been my philosophy, for an obvious reason. When you own a hardware wallet, you are a target. When a thief finds it, he has an insane incentive to try to bruteforce it, exploit it and so on, compared to some old laptop, in principle, it's irrelevant.

Here's more:
https://blog.merklescience.com/general/dark-skippy-a-new-threat-to-hardware-wallets

If the attacker could install malicious firmware on your hardware, it's likely the attacker also have full control over your device (such as computer) anyway.
sr. member
Activity: 322
Merit: 449
September 11, 2024, 03:39:40 PM
#19
What is it you're worried about, specifically? If security is a concern, you'd probably gain more by setting up cold storage or getting a hardware wallet. Having the logic for Taproot support as part of your wallet's code should not affect your ability to send regular transactions in any way, let alone open up any new security holes (with using a hot wallet in itself being by far the largest security concern).

I already use cold storage on a laptop. My question is, I wanted to have a Bitcoin Core feature that does the bare minimum. Like Bitcoin Core would be Ubuntu, what I would like is Xubuntu, this way you still contribute to the network, keep a full copy of the blockchain, and you are able to use the nice Coin Control feature, keep watch only features to check your funds and broadcast transaction, but you would get rid of anything else that I consider to be too fancy.

In addition, you don't want to use a hardware wallet at all, this has always been my philosophy, for an obvious reason. When you own a hardware wallet, you are a target. When a thief finds it, he has an insane incentive to try to bruteforce it, exploit it and so on, compared to some old laptop, in principle, it's irrelevant.

Here's more:
https://blog.merklescience.com/general/dark-skippy-a-new-threat-to-hardware-wallets

As exploits and hacks become better, you don't want to give anyone the chance to try that on your shinny device. Just use a boring laptop in my opinion. If you want to transact on the move, use a phone or some other smaller device where you only carry a small amount.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
I wouldn't trust Laptop because god knows whether there are backdoors in hardware or not.
That's why you use a cold wallet setup, and check the transaction before signing.

Quote
Hardware wallet looks to be easier work compared to PC/Laptop components.
True. A hardware wallet is usually recommended to Newbies instead of creating your own airgapped cold wallet.

Quote
To be honest, I have said it many times that if you don't hold thousands of Bitcoins, you are most likely safe. What's going happen if you hold 1 Bitcoin on Coldcard wallet at home? Anyone is going to hack it? Really?
You're talking about targeted attacks. In reality, it's mostly automated malware that steals any amount it can.
hero member
Activity: 882
Merit: 792
Watch Bitcoin Documentary - https://t.ly/v0Nim
I don't trust hardware wallets, I use a 2 laptop setup with 2 Bitcoin Core instances, one used as cold wallet and another as hot wallet with watch only addresses.
If most of the network uses code that eventually adds some sort of exploit or bug with all that experimental creativity being added you will care as you see the price crash irrespective of how you are holding the coins.
I wouldn't trust Laptop because god knows whether there are backdoors in hardware or not. Hardware wallet looks to be easier work compared to PC/Laptop components.
To be honest, I have said it many times that if you don't hold thousands of Bitcoins, you are most likely safe. What's going happen if you hold 1 Bitcoin on Coldcard wallet at home? Anyone is going to hack it? Really?

i don't understand why you don't trust hardware wallet. There are some hardware wallet which is fully open source, where you can even build one by yourself.
I can think of a few reasons. The most important one: it's a black box. I have to trust the manufacturer to do what they say they do, and sometimes they turn 180 degrees.
To be honest again Cheesy most of us have to trust developers. If you can't read a code and aren't a very good software developer or engineer or whatever it is, then you can't be sure that you are safe with any open-source software, you depend on someone else's opinion.
legendary
Activity: 3472
Merit: 10611
Those are part of the Bitcoin Core's code, your node doesn't need to have any of that if you don't want to and it's still Bitcoin.
Those are part of the Bitcoin consensus rules not just core's code. But it's true that you don't need to verify everything you be using Bitcoin. But you also don't need to download the entire blockchain if you aren't going to verify everything (it won't be a "full node" if you don't), maybe you should look into using a SPV client.

Quote
as well as nonsense usages of block space like ordinals and co.
Well whether you run a full node that can verify new features such as Taproot or run an old client that doesn't verify everything won't change the fact that the abusers will continue spamming.

Quote
the way as such experimental features are added on the most used node software.
Taproot and the Schnorr signatures aren't some "experimental" feature and it wasn't added to this software. It is a solid algorithm that is added to the Bitcoin protocol.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
At minimum, i do not expect backdoor designed to steal Bitcoin on such general electronic board/module.
That's quite an assumption. I'd prefer a much more generic air-gapped laptop with a generic Linux distribution and Bitcoin Core (or Electrum).

I don't need anything that isn't moving money from A to B in a legacy address, any other "features" added after that just add complexity and potential exploits, as well as nonsense usages of block space like ordinals and co.
I don't want Ordinals (spam) either, but as long as it's using Bitcoin blocks, your node will have to verify them.

Quote
Let's just hope no fatal bug is added along the way
Let's assume you switch to much less popular and much less tested software that offers less features than Bitcoin Core. What makes you think that software is less likely to have bugs?
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
I've seen few people build their own Trezor and Blockstream Jade.
Aren't the components still black boxes? I've seen more discussion about potential bias in dice rolls than about potential problems with hardware wallets.
The fact that it's always recommended to buy directly from the manufacturer makes me think there's a lot of trust involved.

I don't engage much on electronic field. But on some cases, you can choose various electronic board/module, where i expect few of them are fully open source. For example, Blockstream recommend 8 different board/module if you want to build your own Jade[1]. At minimum, i do not expect backdoor designed to steal Bitcoin on such general electronic board/module.

[1] https://github.com/Blockstream/Jade/tree/master/diy
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
I've seen few people build their own Trezor and Blockstream Jade.
Aren't the components still black boxes? I've seen more discussion about potential bias in dice rolls than about potential problems with hardware wallets.
The fact that it's always recommended to buy directly from the manufacturer makes me think there's a lot of trust involved.
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
i don't understand why you don't trust hardware wallet. There are some hardware wallet which is fully open source, where you can even build one by yourself.
I can think of a few reasons. The most important one: it's a black box. I have to trust the manufacturer to do what they say they do, and sometimes they turn 180 degrees.

Fair point. Although IIRC Ledger was never fully open source, partially due to closed-source secure element.

Quote
There are some hardware wallet which is fully open source, where you can even build one by yourself.
Who's really able to do that?

Someone with some electronics and computer skill. I've seen few people build their own Trezor and Blockstream Jade.
legendary
Activity: 3290
Merit: 16489
Thick-Skinned Gang Leader and Golden Feather 2021
i don't understand why you don't trust hardware wallet. There are some hardware wallet which is fully open source, where you can even build one by yourself.
I can think of a few reasons. The most important one: it's a black box. I have to trust the manufacturer to do what they say they do, and sometimes they turn 180 degrees.

By using a hardware wallet, you're basically trusting them with your money, while the security of "be your own bank" shouldn't rely on third-parties. I really hate this part, and even when using offline software wallets, you have to trust someone. It's impossible to verify all the software you're using, even if it's open source. "Trusting" goes against the basics of Bitcoin, but it's inevitable one way or another.
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
I don't trust hardware wallets, I use a 2 laptop setup with 2 Bitcoin Core instances, one used as cold wallet and another as hot wallet with watch only addresses.

If you can trust Bitcoin Core, i don't understand why you don't trust hardware wallet. There are some hardware wallet which is fully open source, where you can even build one by yourself.

Let's just hope no fatal bug is added along the way as such experimental features are added on the most used node software.

If most of the network uses code that eventually adds some sort of exploit or bug with all that experimental creativity being added you will care as you see the price crash irrespective of how you are holding the coins.

Good thing Bitcoin Core isn't the only Bitcoin full node software out there. Anyway, if you're looking for something that less "bloated" than Bitcoin Core, you should check gocoin[1]. It's solo developed by one person for more than a decade and have less code lines.

[1] https://github.com/piotrnar/gocoin
sr. member
Activity: 322
Merit: 449
Considering how Taproot and other things are part of the Bitcoin protocol, any fork that doesn't have it is not exactly Bitcoin anymore. As for security, there is no trade off whatsoever and security of Bitcoin has not changed nor did the implementation of called Bitcoin Core. If it had, the entire Bitcoin as a network and system would be insecure not just your client alone.

As for the "code clutter", the code has actually gotten cleaner and more categorized and also a lot more improved and optimized over the years.

Those are part of the Bitcoin Core's code, your node doesn't need to have any of that if you don't want to and it's still Bitcoin. I don't need anything that isn't moving money from A to B in a legacy address, any other "features" added after that just add complexity and potential exploits, as well as nonsense usages of block space like ordinals and co. Anything that isn't for moving money from A to B is just cluttering both code and block space but "Bitcoin developers" like to "develop" this thing as if it was a Google app apparently. Let's just hope no fatal bug is added along the way as such experimental features are added on the most used node software.

What is it you're worried about, specifically? If security is a concern, you'd probably gain more by setting up cold storage or getting a hardware wallet. Having the logic for Taproot support as part of your wallet's code should not affect your ability to send regular transactions in any way, let alone open up any new security holes (with using a hot wallet in itself being by far the largest security concern).

I don't trust hardware wallets, I use a 2 laptop setup with 2 Bitcoin Core instances, one used as cold wallet and another as hot wallet with watch only addresses.
If most of the network uses code that eventually adds some sort of exploit or bug with all that experimental creativity being added you will care as you see the price crash irrespective of how you are holding the coins.
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
Considering how Taproot and other things are part of the Bitcoin protocol, any fork that doesn't have it is not exactly Bitcoin anymore.

But the fork could be based on older Bitcoin Core version, which doesn't contain Taproot support.

--snip--
Since you've written that no one can change your mind:
Use Bitcoin Core v0.20.2 which doesn't include TapRoot implementations (including test networks),
but its last patch was 3 years ago so use it at your own risk.

That client wont relay transactions that has TapRoot inputs but will still accept the blockchain like a normal Bitcoin node would.
And its GUI/RPC supports PSBT, but quite outdated.

It's also worth to mention since that version, there are few updates to PSBT feature[2-3].

[1] https://github.com/bitcoinj/bitcoinj
[2] https://bitcoincore.org/en/releases/0.21.0/
[3] https://bitcoincore.org/en/releases/25.0/
legendary
Activity: 3038
Merit: 4418
Crypto Swap Exchange
Since you've written that no one can change your mind:
Use Bitcoin Core v0.20.2 which doesn't include TapRoot implementations (including test networks),
but its last patch was 3 years ago so use it at your own risk.
Yeah, probably a good idea not to use it. Core prior to v0.22.0 has several DoS vulnerabilities that aren't fixed.

Unfortunately, I believe Core is one of the more optimized and maintained wallets out there. If you are using anything other than that, there is a potential that it isn't as optimized or with bugs[1].


[1] https://blog.lopp.net/2023-bitcoin-node-performance-tests/
legendary
Activity: 2618
Merit: 6452
Self-proclaimed Genius
I don't really need Taproot, or any other things that add complexity in the code. Im even ok with legacy only, since I rarely make transactions,
and anything after legacy for me adds a tradeoff in security no way how you want to put it-snip-
Since you've written that no one can change your mind:
Use Bitcoin Core v0.20.2 which doesn't include TapRoot implementations (including test networks),
but its last patch was 3 years ago so use it at your own risk.

That client wont relay transactions that has TapRoot inputs but will still accept the blockchain like a normal Bitcoin node would.
And its GUI/RPC supports PSBT, but quite outdated.
legendary
Activity: 3500
Merit: 6320
Crypto Swap Exchange
Is anyone maintaining a lightweight version of Bitcoin Core that only has legacy address support, segwit support, and coin control? I don't really need Taproot, or any other things that add complexity in the code. Im even ok with legacy only, since I rarely make transactions, and anything after legacy for me adds a tradeoff in security no way how you want to put it, so for me all these are just cluttering the thing for no reason. One thing I find useful is the generation of a PSBT file so you cannot screw up with the command line when generating a raw transaction and then sending it into the online node to broadcast. But I would like to be able to remove anything that cluters up the code with many things I will never use. I just need to be able to send and recieve from A to B. I feel like Bitcoin Core from 10 years ago with whatever really necessary bugs that were found fixed would do.

How do you intend to send from A to B if B is giving you a taproot address? Outside of my signature campaign payments here, and brutally honest when I am too lazy to generate a new address and reuse an old one I have handy, by default my wallet only generates taproot.

And keep in mind taproot allows the use of Schnorr Signatures, which offers better security.

But anyway, there is nothing that really does what you want. You could probably put together something and compile it yourself but that's about it.

-Dave
legendary
Activity: 3472
Merit: 10611
Considering how Taproot and other things are part of the Bitcoin protocol, any fork that doesn't have it is not exactly Bitcoin anymore. As for security, there is no trade off whatsoever and security of Bitcoin has not changed nor did the implementation of called Bitcoin Core. If it had, the entire Bitcoin as a network and system would be insecure not just your client alone.

As for the "code clutter", the code has actually gotten cleaner and more categorized and also a lot more improved and optimized over the years.
legendary
Activity: 3122
Merit: 2178
Playgram - The Telegram Casino
What is it you're worried about, specifically? If security is a concern, you'd probably gain more by setting up cold storage or getting a hardware wallet. Having the logic for Taproot support as part of your wallet's code should not affect your ability to send regular transactions in any way, let alone open up any new security holes (with using a hot wallet in itself being by far the largest security concern).
legendary
Activity: 2870
Merit: 7490
Crypto Swap Exchange
The only fork of Bitcoin Core software i know is Bitcoin Knots. But it's not lightweight since it also download whole blockchain and have additional features. If you just need lightweight wallet either as hot or cold wallet, Electrum mostly match your requirement since it support PSBT, while until now it doesn't support creating Taproot address.
sr. member
Activity: 322
Merit: 449
Is anyone maintaining a lightweight version of Bitcoin Core that only has legacy address support, segwit support, and coin control? I don't really need Taproot, or any other things that add complexity in the code. Im even ok with legacy only, since I rarely make transactions, and anything after legacy for me adds a tradeoff in security no way how you want to put it, so for me all these are just cluttering the thing for no reason. One thing I find useful is the generation of a PSBT file so you cannot screw up with the command line when generating a raw transaction and then sending it into the online node to broadcast. But I would like to be able to remove anything that cluters up the code with many things I will never use. I just need to be able to send and recieve from A to B. I feel like Bitcoin Core from 10 years ago with whatever really necessary bugs that were found fixed would do.
Jump to: