Veriphi Logo
We Sell
$
CAD

Don't Trust Your Light Bitcoin Wallet - Use a Full Node

by Maciej Cepnik 6 months ago

In these times of turmoil (or during any other kind of time), you want to make sure that you are protecting your Bitcoin the right way. There are numerous methods you can apply and tools you can use to do so.

However, it might be hard for beginners and even for more advanced Bitcoin users to choose the right type of wallet. The need to increase your operational security will also certainly appear as the value of Bitcoin continues to rise. If you’re holding your Bitcoin yourself (you should), you have a responsibility to periodically evaluate and adjust your security measures according to the level of risk you’re comfortable taking and to mitigate against new vulnerabilities.

In order to assist you in your journey of constant security evaluation iteration, we provide you today with a quick and easy comparison between a full node wallet and a light wallet. We will start with a description of both and then explain why you should always choose to hold your coins (verify your UTXOs) with a full node wallet if you have the chance.

What is a full node wallet?

A full node is a software that validates all of the blockchain history according to the protocol rules and decides which chain is the valid one. The most popular implementation (by far) and the one with the most developers working on it is called Bitcoin Core.  Bitcoin is a peer-to-peer cryptocurrency system, meaning there are a lot of connected nodes (peers) forming a network. Anybody can decide to run their own node and become an independent constituent of the network as the Bitcoin full node is open source and permissionless.

In order to properly function as a network, full Bitcoin nodes are constantly verifying the evolving state of Bitcoin’s UTXO set. Updates are only permitted when they respect the native Bitcoin protocol rules. The UTXO set is the sum of Unspent Transaction Outputs that are currently available to spend by their respective owners. Once a UTXO gets spent and coins move hands, it gets transformed into a new one. The continuous verification of the protocol rules is very important since it makes sure that all transactions respect Bitcoin’s definition. The value associated with Bitcoin comes from the fact that these rules have been effectively maintained and remained untouched for the most part, since its invention. In cases like the Block size limit removal, it was done through a soft-fork.

Bitcoin Protocol Rules

The best known protocol rules of Bitcoin are:

·        The 21 million units hard cap.

·        The difficulty adjustment algorithm for mining.

·        No double-spend of coins policy.

·        The 4MWU block weight limit.

·        The predictable issuance schedule of coins.

.   Coins can only be spent by a signature of the private key associated with them.

These are the most comprehensible rules for non-technical users. They are the foundation on which Bitcoin’s value is based because of their relative simplicity. There are many other rules that are much more technical and equally important but the ones we present are the real anchors. Usually, when I explain Bitcoin’s value proposition to someone else, the 21 million hard cap particularly captivates their attention. Often that suffices to incite curious minds to delve a bit deeper into the Bitcoin rabbit hole.

In order to attain a fully functioning stand-alone Bitcoin node, you will initially need to fetch all Bitcoin’s history from other nodes in the network and verify if it respects all the protocol rules, transaction by transaction. Once you’re done downloading and verifying all the data, you will only need the last resulting balances of the UTXO’s set to go on. Therefore, if you don’t wish to conserve Bitcoin’s transaction history (accounting for around 300GB of data at the moment of writing), there is a way to get rid of most of it by a method called pruning.

Bitcoin is just a bunch of digital text, so you need to make sure you’re really using Bitcoin whenever you transact or hold Bitcoin for the longer term. Someone could easily trick you into believing that you received some Bitcoin with a compromised software wallet or a fake bitcoin explorer. Therefore, if you don’t want to trust external parties and be 100% confident you’re actually using Bitcoin, a full Bitcoin node wallet is the way to go.

This is comparable to what you would do in traditional financial exchange. Imagine you buy some gold because you like its yellow comforting glow and appreciate it for its reputable store of value propriety. You will, of course, need to have some assurances regarding the purity and authenticity of the precious metal you’re acquiring. Most will rely on the stamps applied directly onto the gold bullions or coins by the manufacturer to be assured that they are not buying a fake. On the other hand, this is also a way to get tricked, as the stamps are easily counterfeited and used to provide a false sense of security for gold buyers. If you want to be certain you’re acquiring the real thing, you will need to conduct some tests on the products yourself. Some homemade tests give you the ability to spot fake gold easily. However, if you want to test gold on an industrial level, more advanced techniques and machines, such as electronic testers and spectrometers are needed.  These can cost in the tens of thousands of dollars and must be meticulously operated to give precise purity results.  You won’t feel completely safe if you have large gold reserves and haven’t tested them yourself which, infers that you authenticated them with your personal spectrometer or other verifying instruments.

Gold Stamps are easily counterfeitable. Don't trust your goldsmith.

The same applies to Bitcoin. A full Bitcoin node is like your own personal spectrometer or truth machine that will certify that your Bitcoin is genuine.

The good news is that a full node Bitcoin wallet won’t cost you tens of thousands of dollars and doesn’t require that much expertise to be operated properly.

A light wallet is comparable to a gold stamp. You may trust a light wallet provider or company as you would trust a reputable goldsmith. Although, even if some market participants don’t have the intention to defraud you, it may change in the future and their technical assiduity can erode over time leading to potentially catastrophic losses. Some may also exploit that trust and feed you with your identical looking favorite light Bitcoin wallet to lure into using it for your bitcoin holdings.

So, what exactly is a light bitcoin wallet?  Are you using one yourself right now without full acknowledgment of their potential risks? It’s quite possible. We will go through all the reasons why you shouldn’t use one, especially for larger amounts.

What is a light wallet?

If you don’t know if you’re using a light wallet, you’re almost certainly using one. Light wallets are called as such when they’re using an external Bitcoin full node (a server you don’t control).

There are two types of light wallets: API and SPV wallets.

API

API wallets are those that connect to a (often proprietary) back-end server, not to a Bitcoin node directly. By default, they connect to the service provider’s node and fully reveal the user's master public key (xpub) to automatically retrieve the wallet’s information and addresses. The API is just the way the wallet communicates with the server, so it's possible to connect to your own Bitcoin full node this way if the back-end code is open-source.

Check out our wallet analysis to find out if you can connect your favorite wallet to your own Bitcoin full node.

SPV (No Back-End)

SPV (Simple Payment Verification) wallets connect to random nodes in the network and request information about the user's transactions, but also other transactions that are not the user’s. This makes a single user less discoverable by the network since it can be difficult to determine which transactions are actually related to them. This is a connection method generally considered slightly more private, but does not provide the anonymity benefits brought by running a complete personal node. Most SPV wallets use the Bloom Filters implementation, which has been proven to offer very low privacy. Lately, a few wallets use the Neutrino implementation, which provides additional privacy but it remains a light wallet so security and sovereignty risks remain.

Whether you’re using an SPV or API wallet, you rely on a third party to provide you the data needed to transact within the Bitcoin network. You will always be referring to some other full node’s copy of Bitcoin’s history, but you don’t have any measures to verify if it has been compromised.

Here are all the reasons why a light wallet (if you don’t connect it to your own full Bitcoin node) isn’t optimal.

Security

Since you’re not verifying Bitcoin’s protocol rules when using a light wallet, you will inevitably be prone to be cheated or misled. Someone could send you fake bitcoin and your wallet wouldn’t be able to perceive it. In more rare cases, a full node wallet will also prevent your Bitcoin holdings from being compromised by an adversarial or accidental hard fork of the Bitcoin chain.

Privacy

When you’re using a light wallet, you will be querying information from a third-party server. This method to communicate with the Bitcoin network has its share of downsides with regards to privacy. Your transactions and Bitcoin balance will certainly be linked to your IP address at some point (unless you use Tor) and you will not know how that data will be handled afterwards. It could be sold to other companies, shared with certain government authorities without your consent or exploited by a skilled hacker. Privacy is inevitably linked with security as well since the fewer eyes there are on your bitcoin, the less likely they will be targeted.

Sovereignty

Bitcoin is often associated with greater monetary sovereignty. The famous motto “Be your own Bank” portrays effectively the power of Bitcoin, since a user can be completely independent of any third party for transacting value. This implies that you must control every aspect of your usage of Bitcoin with a special effort put toward your wallet. When using a light wallet without connecting it to your own node, you’re exposed to not being able to use your bitcoins freely. Constantly depending on someone else's server to push your queries to the Bitcoin network doesn’t allow you to be censorship-resistant.

Conclusion

A rock could be coated with a fake golden finish and passed on as Gold. Simple trickeries and scams are somewhat the most effective. How naive would you feel if you only scraped the surface of the rock and realized you have been tricked once you’re home?

Wouldn’t it be terrible if the same happened with your Bitcoin holdings now that you’re aware of that danger?

If you own any significant Bitcoin holdings, you shouldn’t take this lightly and act upon it now.

We don’t want to scare you (ok, maybe just a bit)! We want you to enjoy holding Bitcoin peacefully and be free of security, privacy and sovereignty vulnerabilities.

For any help to evaluate your operational security system, check out our Bitcoin security services! You can also directly schedule a free consultation call with one of us by following this link.

Use a Bitcoin full node wallet.

We believe in it. You will one day too.

Should I run my own Bitcoin full node? Yes, do it as soon as possible.

Newsletter

Stay up to date on Bitcoin by signing up to our newsletter!

Newer post

The Genesis of Memes & the Viral Spread of the BRRR Meme
by Maciej Cepnik 6 months ago

Older post

Fiat Money: the Real Virus Behind the Upcoming Economic Crisis
by Maciej Cepnik 7 months ago
Veriphi Logo

Montreal, Quebec, Canada

MSB License : M20484233

© Copyright 2020, Veriphi Inc. All rights reserved