Get Trading Recommendations and Read Analysis on for just $39 per month.


The Simplified Payment Verification protocol was envisioned by Satoshi Nakamoto in the Bitcoin white paper. He also mentioned it later on, saying that he figured the future would involve most people using such things.

I anticipate there will never be more than 100K nodes, probably less. It will reach an equilibrium where it’s not worth it for more nodes to join in. The rest will be lightweight clients, which could be millions.

If you’re not familiar with what an SPV client is, it’s a Bitcoin wallet like Multibit, which only reads the block headers rather than downloading the entire blockchain.

Mike Hearn‘s bitcoinj was the first software to implement the idea, originally coded while he was still working at Google, as a “20% time” project. Bitcoinj has been useful to Android wallet developers among others who’ve built “lightweight” clients.



Peter Todd // GitHub

But Peter Todd, a prominent Bitcoin Core developer, believes that the growing prevalence of SPV clients presents a new attack vector for Bitcoin, and his argument is quite compelling. One of the lesser-advertised facts about SPV clients is that they cannot, currently, determine the difference between a block with valid and a block with invalid transactions in it. If you don’t yet see the problem with this, you soon will.

Writing to the Metzdowd cryptography mailing list, which is incidentally where Satoshi Nakamoto originally announced the Bitcoin project, in response to a message regarding whether or not the Bitcoin block chain had finally achieved a concept known as “trustworthy computing”, Todd said:

In the Bitcoin world I think it’s fair to say that most experts are very concerned about the high, and increasing, % of users who use SPV clients rather than run full nodes. While it’s hard to predict exactly when this threshold is reached, at some point too few people will be actually verifying the blockchain to sufficiently strongly incentivise miners to follow the rules. For instance, at some point miners can great [sic] bitcoins out of thin air to increase their profits.

This writer had to query, what does he mean “create bitcoins out of thin air”? Could such a thing really happen? The block chain surely would be broken at that point. The following morning, Todd submitted his response to the mailing list (which came first to this writer, given that the list is moderated):

From the perspective of a SPV client that does no validation a valid block containing only valid transactions and an invalid block containing invalid transactions are indistinguishable. Thus a miner can create a block containing transactions that – among other things – spend inputs that don’t exist, creating coins out of thin air that will be accepted by the SPV client as just as valid as any other coins. If a majority of miners do this, the longest block chain – again from the perspective of a non-validating SPV client – will be the one where miners are creating coins out of thin air.

Thus it seems that without serious modifications to SPV wallet practices and implementations, they are simply not safe at present. While many users may consider them more “convenient,” this is money we’re talking about.

SPV nodes, at a minimum, will require a way to invalidate blocks, rather than simply accept whatever is passed to them. All kinds of mischief could creep up on us otherwise, especially as more and more users join the network and see no reason to have their own full copy (20+ gigabytes) of the block chain.

Images from Shutterstock and GitHub.


Posted by P. H. Madore

P. H. Madore has been publishing since 2003. Tip: 1phmMcubFy298wujNFj6hQ1gctUBFovmL or 0xEDc20cc40cfb0CCBf67399c41B2891192a748a9A -- Visit me on Steem: and check out my weekly report on the ICO madness:


  1. Cyberdexter 09/10/2015 at 03:48

    very good reply.

  2. Cyberdexter 09/10/2015 at 03:48

    that’s not the point.

  3. Orchideric 07/10/2015 at 18:42

    Todd says ” at some point miners can great [sic] bitcoins out of thin air to increase their profits.”
    He couldn’t be more wrong, and obviously doesn’t understand the POW blockchain ledger system.

  4. P. H. Madore 07/10/2015 at 14:19

    Hmm. Good point.

  5. I jus mite become a miner & create coins out of thin air. Hey! The government prints money when it wants?.

  6. herzmeister 07/10/2015 at 13:23

    > If you’re not familiar with what an SPV client is, it’s a Bitcoin wallet like Electrum, which connects to a server and trusts it, rather downloading its own copy of the block chain, or complete ledger of all transactions in Bitcoin’s history.

    That’s not entirely accurate. Electrum is not an SPV client. An example for an SPV client is the Schildback wallet on Android, or Multibit on the desktop. SPV clients don’t use servers, they use the P2P network, but only download the block headers instead of the full blocks. The criticism in the article is about these kinds of clients.

    Clients like Electrum and Mycelium are yet another beast, they connect to servers run by volunteers (which obviously also has drawbacks). But these servers are probably running full nodes, so the criticism is less about this scenario.

Leave a reply

Your email address will not be published. Required fields are marked *