Closed moazzamak closed 3 years ago
Thanks for opening this issue! A maintainer will review this in the next few days and explicitly select labels so you know what's going on.
If no reviewer appears after a week, a reminder will be sent out.
Your issue doesn't follow our guidelines. Please review and correct it.
Cheers for the AIP Mak! I still need to wrap my head around all of steps, but so far I only have one feedback. API can be excluded from this because consensus is only reached over P2P.
I added API in here since I know some exchanges use it as well as all SPV wallets. If they want to get reliable data about the blockchain then the API needs to follow a similar protocol as well.
How come? API itself has no say in consensus and when nodes talk to each other they only use P2P protocol. Sybil attack can't be executed via API but only P2P.
In current form a malicious relay could provide bad data to the client and the client won't know if it's good or bad at all. It just has to trust that the relay behaved correctly. This is not an issue right now because no one is running a malicious relay combined with a sybil attack but if they do then it becomes a huge problem. Protecting user funds also means to ensure they always get the correct info on their apps so they don't get duped by bad actors.
Stale issue message
Discussion for the AIP 85