dcousens
commented
7 years ago Wouldn't this just come under wallet idiosyncrasies? Or is the point to be more specific?
Open kristovatlas opened 7 years ago
dcousens
commented
7 years ago Wouldn't this just come under wallet idiosyncrasies? Or is the point to be more specific?
via @crwatkins: The client could have cipher suite support hard coded, and change over the course of versions. A passive network observer could see which ciphers are supported and fingerprint to a particular client on this basis in conjunction with other data leaked such DNS lookup of the wallet provider's domain.
This would fall under here in the current working version of threat model: Network observer Derive the type of wallet used to create a transaction by passively observing idiosyncrasies in the interactive behaviour of the wallet OBPPV3/CM29: Avoid using a non-Bitcoin network protocol that leaks information about the type of client in use