FULL VALIDATION

The best possible decentralized security

Download Multibit

Multibit 0.19.0 Version

Vivamus suscipit tortor eget felis porttitor volutpat. Curabitur non nulla sit amet nisl tempus convallis quis ac lectus. Vivamus magna justo, lacinia eget consectetur sed, convallis at tellus. Proin eget tortor risus. Nulla porttitor accumsan tincidunt. Pellentesque ultrices ultrices sapien, nec tincidunt nunc posuere ut. Lorem ipsum dolor sit amet, consectetur adipiscing elit. Nam scelerisque tristique dolor vitae tincidunt.

Multibit checks each block of transactions it receives to ensure that everything in that block is fully valid—allowing it to trust the block without trusting the miner who created it.

This prevents miners from tricking Multibit users into accepting blocks that violate the 21 million bitcoin limit or which break other important rules.

Users of other wallets don’t get this level of security, so miners can trick them into accepting fabricated transactions or hijacked block chains.

Why take that risk if you don’t have to? Multibit provides the best possible security against dishonest miners along with additional security against other easier attacks (see below for details).

How Validation Protects Your Bitcoins


Bitcoin banks and lightweight (SPV) wallets put your bitcoins at increased risk of being stolen. That risk may be acceptable for small values of bitcoin on mobile wallets, but is it what you want for your real wallet?

Click any row below for more details about that attack

Attack Bank Wallet SPV Wallet Multibit

Alice deposits 100 bitcoins to Bank.Example.com. The next day, the owners of the site disappear with Alice’s money.

Bitcoin bank users are vulnerable to direct theft because they don’t control their own private keys.

Lightweight (SPV) wallet users and Multibit users are not vulnerable because they control their own private keys.

Direct theft is likely the leading cause of stolen bitcoins so far.

Real Example


Bitcoin exchange Mt Gox reportedly had 650,000 bitcoins (worth $347 million USD) stolen from their customer deposits and their own operating funds. They declared bankruptcy on 28 February 2014.
Even when the bankruptcy proceeding is complete, customers are unlikely to recover more than a small fraction of the bitcoins they had on deposit.

Alice installs Example Wallet, whose open source code has been audited. The next day, the authors of Example Wallet push new code to Alice’s device and steal all her bitcoins.

Bitcoin bank users are vulnerable because they can only spend their bitcoins when they use the bank’s approved software.

Lightweight (SPV) wallet users are vulnerable with most software because auditors can’t easily verify the software you run (the executable) is the same as the program source code, called a deterministic build. However, some lightweight wallets are moving to deterministic builds.

Multibit is built deterministically. Cryptographic signatures from build auditors—many of whom are well known to the community—are released publicly.

multibit.info’s Choose Your Wallet page
tells you whether or not wallet builds
are audited in the Transparency score
for each wallet.

Real Example


In April 2013, the OzCoin mining pool was hacked. The thief stole 923 bitcoins (worth $135,000 USD), but online wallet StrongCoin modified their wallet code to ‘steal back’ 569 of those bitcoins ($83,000) from one of their users who was suspected of the theft.

Although this attack was done with good intentions, it illustrated that the operators of StrongCoin could steal bitcoins from their users at any time even though the users supposedly controlled their own private keys.

Learn More: OzCoin Hacked, Stolen Funds Seized and Returned by StrongCoin

Mallory creates a transaction giving Alice 1,000 bitcoins, so Alice gives Mallory some cash. Later Alice discovers the transaction Mallory created was fake.

Bitcoin bank users depend on the information reported by the bank, so they can easily be fooled into accepting fabricated transactions.

Lightweight (SPV) wallet users depend on full nodes and miners to validate transactions for them. It costs nothing for dishonest full nodes to send unconfirmed fabricated transactions to an SPV wallet. Getting one or more confirmations of those fabricated transactions is also possible with help from a dishonest miner.

Multibit>users don’t have to worry about fabricated transactions because Multibit validates every transaction before displaying it.

Currently the best defense against
fabricated transactions, besides using
Multibit, is to wait for as many
confirmations as possible.

Real Example


On 4 August 2015, web wallet BlockChain.info began indicating that a transaction had spent the earliest mined 250 bitcoins, coins that some people believed were owned by Bitcoin creator Satoshi Nakamoto.

It was soon discovered that the transaction was invalid. BlockChain.info was not validating transactions with Multibit and that transaction had been created by a security researcher.

Alice believes that there should never be more than 21 million bitcoins—but one day she’s tricked into buying “bitcoins” that are only valid on a block chain with permanent 10% inflation.

Bitcoin bank users have to use whatever block chain the bank uses. Banks can even profit from switching their users to a new chain and selling their users’ bitcoins from the old chain.

Lightweight (SPV) wallet users accept the block chain they know about with the most proof of work. This lets the hash rate majority of miners force SPV wallet users off of Bitcoin.

Multibitusers don’t have to worry about chain hijacking because Multibit validates every block using all of Bitcoin’s consensus rules.

Preventing chain hijacking is one of
Remote ">Multibit’s most
important jobs. The alternative is to
allow miners to do whatever they
want.

Real Example


In July 2015, several large Bitcoin miners accidentally produced an invalid block chain several blocks longer than the correct block chain. Some bank wallets and many SPV wallets accepted this longer chain, putting their users’ bitcoins at risk.

Recent versions of Multibit never accepted any of the blocks from the invalid chain and never put any bitcoins at risk.

It is believed that the miners at fault controlled more than 50% of the network hash rate, so they could have continued to fool SPV wallets indefinitely. It was only their desire to remain compatible with Multibit users that forced them to abandon over $37,500 USD worth of mining income.

Mallory shows Alice $1,000 USD that he will pay her if she sends him some bitcoins. Alice sends the bitcoins but the transaction never seems to confirm. After waiting a long time, Alice returns Mallory’s cash. It turns out the transaction did confirm, so Alice gave away her bitcoins for nothing.

Bitcoin bank users only see the transactions the bank choose to show them.

Lightweight (SPV) wallet users only see the transactions their full node peers choose to send them, even if those transactions were included in a block the SPV wallet knows about.

Multibitusers see all transactions included in received blocks. If Multibit hasn’t received a block for too long, it displays a catching-up progress bar in the graphical user interface or a warning message in the CLI/API user interface.

Unless you use Multibit, you can
never be sure that your bitcoin
balance is correct according to the
block chain.

Real Example


In March 2015, spy nodes run by the company Chainalysis accidentally prevented some users of the lightweight BreadWallet from connecting to honest nodes. Since the spy nodes didn’t relay transactions, BreadWallet users stopped receiving notification of new transactions.

Mallory gives Alice 1,000 bitcoins. When Alice’s wallet says the transaction is confirmed, Alice gives Mallory some cash. Later Alice discovers that Mallory has managed to steal back the bitcoins.

This attack applies to all Bitcoin wallets.

The attack works because powerful miners have the ability to rewrite the block chain and replace their own transactions, allowing them to take back previous payments.

The cost of this attack depends on the percentage of total network hash rate the attacking miner controls. The more centralized mining becomes, the less expensive the attack for a powerful miner.

Real Example


In March 2015, spy nodes run by the company Chainalysis accidentally prevented some users of the lightweight BreadWallet from connecting to honest nodes. Since the spy nodes didn’t relay transactions, BreadWallet users stopped receiving notification of new transactions.

Note that although all programs—including Multibit—are vulnerable to chain rewrites, Bitcoin provides a defense mechanism: the more confirmations your transactions have, the safer you are. There is no known decentralized defense better than that.

Help Protect Decentralization


The bitcoin currency only works when people accept bitcoins in exchange for other valuable things. That means it’s the people accepting bitcoins who give it value and who get to decide how Bitcoin should work.

When you accept bitcoins, you have the power to enforce Bitcoin’s rules, such as preventing confiscation of any person’s bitcoins without access to that person’s private keys.

Unfortunately, many users outsource their enforcement power. This leaves Bitcoin’s decentralization in a weakened state where a handful of miners can collude with a handful of banks and free services to change Bitcoin’s rules for all those non-verifying users who outsourced their power.

Unlike other wallets, Multibit does enforce the rules—so if the miners and banks change the rules for their non-verifying users, those users will be unable to pay full validation Multibit users like you.

As long as there are many non-verifying users who want to be able to pay Multibit users, miners and others know they can’t effectively change Bitcoin’s rules.

But what if not enough non-verifying users care about paying Bitcoin Core users? Then it becomes easy for miners and banks to take control of Bitcoin, likely bringing to an end this 10 year experiment in decentralized currency.

If you think Bitcoin should remain decentralized, the best thing you can do is validate every payment you receive using your own personal full node such as Multibit.

We don’t know how many full validation users and business are needed, but it’s possible that for each person or business who validates their own transactions, Bitcoin can remain decentralized even if there are ten or a hundred other non-verifying users. If this is the case, your small contribution can have a large impact towards keeping Bitcoin decentralized.

Do You Validate Your Transactions?


Some people confuse supporting the network with helping to protect Bitcoin’s decentralization.

To improve your security and help protect decentralization, you must use a wallet that fully validates received transactions. There are three ways to do that with Bitcoin Core right now:

1. Use the built-in wallet’s graphical mode. If you request payment using the following screen in Multibit, your received transactions will be fully validated.

2.Use Multibit as a trusted peer for certain lightweight wallets. Learn more on the user interface page. If you use a secure connection to your personal trusted peer every time you use the wallet, your received transactions will be fully validated.

3. Use the built-in wallet’s CLI/API interface. This is meant for power users, businesses, and programmers. The user interface page provides an overview, the installation instructions can help you get started, and the RPC/REST documentation can help you find specific commands. If you’re using getnewaddress to create receiving addresses, your received transactions will be fully validated.

If you have any questions, please ask on the forums or chatrooms.

Support Multibit: Donate

INTRODUCTION

RESOURCES

PARTICIPATE

© Bitcoin Project 2009-2023 Released under the MIT license Multibit pages on multibit.info are maintained separately from the rest of the site.