--snip--
So theory aside, a malicious node can only:-Don't forward my transaction (I would notice if the money didn't arrive)
-Forward my transaction, but still leave the amount displayed on my wallet (I would also notice if the money arrives)
If that's the only thing he could do, what benefit would he get from it?
I don't know. Although i'd speculate whoever do that doesn't get any benefit.
Could he manipulate my transaction data and change the recipient's wallet address in the background?
(I would also notice this because I always compare the address on the hardware wallet)
(I would also notice this because I always compare the address on the hardware wallet)
They could try that. But both full node and Sparrow wallet (along with any decent wallet) would verify the transaction and detect it as invalid transaction.
What are the risks if I connect Sparrow to a public server instead of my own full node?
Asides from the privacy downgrade, given some hashrate, the attacker can double-spend without you noticing. Let me give you an example.- The attacker is a customer in an Internet store, and the merchant is connected to his SPV server.
- The attacker needs to convince the merchant that he paid him, so he mines a block (on his, inferior difficulty-wise blockchain) with his transaction included.
- The merchant sees the money, so he releases the product.
That might sound a ridiculous way to rip off a merchant, but imagine a scenario where the merchant is a cryptocurrency swap service, that can create noticeable damage. If you're not a merchant, I can't think of any other security holes, excluding the already aforementioned.
Even in this scenario, it's not very practical attack since you need a fortune to perform double-spend attack. And even if you managed to obtain the product, it's just matter of time before the merchant sue you.
