Free Shipping from €150! Use the cupom BITCOIN150K

Facebook-f X-twitter Telegram
  • Uncategorized

Private Broadcast May Reveal Sender IP Address in Bitcoin Core 31.0

  • By

“`html Private Broadcast May Reveal Sender IP Address in Bitcoin Core 31.0 Estimated reading time: 4 minutes. Users running Bitcoin Core 31.0 and enabling private broadcast may have their IP addresses revealed to recipients under certain network conditions. A fix is coming with version 31.1, but users are advised to apply workarounds until then. The […]

“`html

Private Broadcast May Reveal Sender IP Address in Bitcoin Core 31.0

Estimated reading time: 4 minutes.

  • Users running Bitcoin Core 31.0 and enabling private broadcast may have their IP addresses revealed to recipients under certain network conditions.
  • A fix is coming with version 31.1, but users are advised to apply workarounds until then.
  • The bug impacts connections where v2 (BIP324) transport fails and forces a v1 retry over the clearnet.

Table of Contents

Affected users

This bug affects users where all the following are true:

  • The node is running Bitcoin Core 31.0 and -privatebroadcast is set.
  • Transactions are broadcast using the sendrawtransaction RPC.
    Wallet RPCs (sendtoaddress, sendall, etc.) do not use private
    broadcast and are not affected.
  • Tor is reachable for outbound connections.
  • Outbound IPv4 or IPv6 connections can be made directly. No -onlynet
    restriction excludes them, and no -proxy=... value applies to them.
  • BIP324 v2 transport is not disabled with -v2transport=0.

Impact

When private broadcast selects an IPv4 or IPv6 peer that advertises
support for v2 (BIP324) transport, the initial connection is routed
through the Tor proxy as expected. If the v2 handshake fails on that
connection, Bitcoin Core retries it as v1. The v1 retry is not routed
through the Tor proxy and instead connects directly to the peer over
IPv4 or IPv6, exposing the originator’s IP address to the recipient.

Initial v1 connections (to peers that do not advertise v2) are
correctly routed through the Tor proxy and are not affected. The
bug is specific to the v1 reconnection that follows a failed v2
handshake. Connections to onion and I2P peers are also unaffected,
because they remain routed through their respective proxies on any v1
retry and therefore never expose a clearnet IP address.

This breaks the privacy guarantee stated in the 31.0 release notes:
“Their IP address (and thus geolocation) is never known to the recipients”.

How this can happen

A v2 handshake is unlikely to fail for a peer that actually supports v2
transport. The bug is most likely to be triggered by a malicious
peer deliberately closing the v2 handshake to force a v1 retry.

Workarounds

Until they can upgrade to 31.1, users of -privatebroadcast should apply one
of the following:

  1. Disable the feature. Set -privatebroadcast=0.
  2. Disable v2 transport. Set -v2transport=0. This causes all of the
    node’s connections to use the unencrypted v1 protocol, which has the downside
    that it becomes easier to fingerprint and censor on clearnet.
  3. Route IPv4/IPv6 outbound through Tor. Set
    -proxy=127.0.0.1:9050 (replace 9050 with your Tor SOCKS
    port if different). This routes all outbound IPv4/IPv6 P2P
    traffic through Tor exit nodes, which has the downside of making the node
    easier to Sybil attack.

Credits

Credit to Eugene Siegel for discovering the bug.

“`

Related Posts

Sign up for our weekly newsletter

Stay informed

Stay in the loop