Encouraging more people to run full nodes is often suggested as a good way to improve the security of the network and people are encouraged to do so.
This is intended to protect the network from miners creating invalid blocks and violating the network rules (keeping miners honest).
In the extreme case, if all merchants and their customers used SPV clients, then a majority of miners could set any rules that they wish for the network.
Everyone would just find the longest chain and not care about validity of the blocks.
Full NodesRunning a full node means that you fully check all transactions and blocks before forwarding them.
Adding another full node doesn't actually help that much in protecting against miners.
Your node will just fall behind the rest of the network, since it won't track the longest chain. None of the SPV clients will bother with your node, since you can't give them info on the latest blocks.
On the other hand, if merchants refuse to accept transactions on the longest (but invalid) chain, then that creates the incentive for miners to properly follow the protocol rules.
For full nodes, the encouragement should be for merchants to run their own full nodes.
Full nodes also help SPV clients for transaction lookup, so they aren't worthless, but it doesn't add to security against miners.
SPV ClientsSPV clients are users of the network, so there is an incentive to make sure that blocks are acceptable to them. But, by their nature, they don't do miner verification.
Fraud ProofsFraud proofs are a short (hopefully less than 100kB) proof that a block is invalid. Even for 1GB blocks, the fraud proof would be about the same size. They generally scale with the log of the maximum block size O(log(block_size)).
Arguably, they scale with the square of the maximum transaction size. This assumes a maximum size transaction with all the inputs being maximum size. In practice, the fraud proofs would likely scale with the maximum transaction size.
The advantage of fraud proofs is that you can prove to SPV clients that a block is invalid.
If 75% of the miners want to violate the protocol rules, anyone running a full node can broadcast a fraud proof.
When the miner cartel broadcasts their invalid block, full nodes broadcast the block header and fraud proof. SPV-nodes can quickly check the header and fraud proof. This means the fraud proof could propagate faster than the bad block. Full nodes which receive the fraud proof before the block wouldn't have to validate the block, since they have proof that it is invalid.
Block Withholding AttackIf the miners' cartel just broadcasts the block headers, then it isn't possible to generate a fraud proof.
Since the full nodes haven't received the full blocks, they can't check them. This means that they can't produce fraud proofs.
The mining cartel must send the merkle path for any transactions it wants to show to SPV clients. This means that slowly the block would be broadcast. A fraud proof broadcast 3 months later would do damage to trust in the network, since all SPV clients would reverse all transactions since then.
Publication Verification NodesThese are nodes which verify that blocks have actually been published.
They do minimal verification. They just check the POW and the merkle tree. They don't even need to check if the transactions are properly formatted transactions.
If they don't delete old blocks, then they would be (non-validating) archive nodes.
In practice, they need to store some of the blocks so that they can forward them. This is necessary to prove that they have actually been published.
DOS protection is provided due to block POW. They would only download blocks that are on the longest chain and they haven't seem before.
The relay system in use for bitcoin works this way. With fast relaying, it decreases the need for miners to build empty blocks on block headers. SPV-mining timeouts can be set lower.
Full SystemMerchants running publication verification nodes would create an incentive for miners to actually publish their blocks.
These nodes are pretty cheap for a merchant to run. Even only storing the 10 most recent blocks would give pretty good proof that the block was actually published, in full, to the world.
Ideally, some merchants would run full nodes too.
Once block publication is proven, fraud proofs can be used to keep all the miners honest.
With fraud proofs, SPV clients are almost as secure as full nodes. You only need a small number of honest peers to keep the whole system honest. There could be a delay before the fraud proof is broadcast, so low confirms should be considered less safe.
RisksFraud proofs are potentially risky for the network. They are, in effect, a re-implementation of the network rules.
If there was a bug in the fraud proof system, someone might be able to produce a proof of fraud for a valid block. This would allow an attack on the network where months of transactions could be reversed by waiting and then submitting the proof of fraud.
The opposite problem is also true. The miner's cartel could create an invalid block without it being possible to notify SPV clients.
Ideally, all invalid blocks should have a fraud proof and there should be no fraud proofs possible for valid blocks. Achieving that and proving it is achieved are the hard part.
SPV clients should probably go into emergency mode if they receive a block revert for a block that is more than 10-20 blocks deep and be directed to find out what has actually happened. This covers fraud proofs for valid blocks.
Invalid blocks without fraud proofs could be handled by an alert.
Summary- Running full nodes alone doesn't protect again miners collusion
- Full nodes run by merchants does help
- SPV Clients inherently trust miners
- Fraud proofs allow SPV clients to reject invalid chains
- Fraud proofs are vulnerable to miners withholding full block data
- Publication verification nodes protect against withholding attacks
