The problem
Light SPV clients are today the best solution to use bitcoin on a mobile without leaving your secret key in the hands of a company but:
-
If you connect to random nodes you are open to an attack where someone can show you a different status of the network and maybe a different blockchain
-
who can eavesdrop the conversation between your mobile and the random node knows everything about your expenses and your revenue
Mitigation
1) With many SPV light clients today you can connect to nodes you choose and they can so be either trusted or even controlled by you (es: one node at home and one node at the office)
2) If this connection is over Tor you can avoid being eavesdropped by someone being it a criminal or a malicious or censoring third part
3) Your transactions are not linked to a given or known IP address
The setup
1) Download and synchronize the blockchain with your node
mv BitcoinDatadir/peers.dat /tmp
this will move the file peers.dat to /tmp (which is better for your privacy).
2) From your tor setup directory
cp torrc.sample torrc tor --hash-password "<YourTorPassword>" -> <TheHashOfYourTorPassword>
to set up a control port and a password for an external application in our case is bitcoin
3) add these lines to your torrc file
torrc
ControlPort 9051 CookieAuthentication 1 HashedControlPassword <TheHashOfYourTorPassword>
add these lines to your bitcoin.conf file
bitcoin.conf
proxy=127.0.0.1:9050 listen=1 onlynet=onion listenonion=1 discover=0 torcontrol=127.0.0.1:9051 torpassword=<YourTorPassword>
4) start tor
tor
5) start bitcoind
bitcoind -daemon
On your mobile setup your SPV client to run on Tor.
Greenbits works well with Orbot.
Tell your client to connect via SPV to your new onion address.
Bonus: you don't need to open any port on your router at home or at the office.
This is a mini straight forward guide by a non expert.
I encourage you to study the documentation at
as well as:
Submitted November 05, 2016 at 09:51PM by gabridome http://bit.ly/2ezduBy
No comments :
Post a Comment