[BIP Draft] P2P UTXO Set Sharing

The discussion around the relative trustworthiness of SPV (Simplified Payment Verification) during IBD (Initial Block Download) versus AssumeUTXO in Bitcoin's blockchain validation process highlights contrasting trust models. SPV does not validate the UTXO (Unspent Transaction Output) state, relying instead on the majority of the network's hashrate to ascertain chain validity. This approach contrasts with AssumeUTXO, which depends on the same code-review processes that safeguard the implementation of consensus rules. Each model bears its own benefits and drawbacks without one clearly surpassing the other in terms of reliability.

SPV is known for several vulnerabilities: it allows a single malicious peer to censor relevant transactions of a client, it leaks privacy through filter queries, and it is susceptible to amplified effects from eclipse attacks. Although BIP 157/158 attempts to address these privacy issues, it fails to validate the UTXO state, which remains a significant shortcoming. On the other hand, AssumeUTXO simplifies wallet interaction by eliminating the need for modifications usually required by SPV, such as filter matching and Merkle-inclusion verification. This simplification helps balance out the complexity added to the node software by AssumeUTXO.

In practical application scenarios where users operate their full nodes, the utility of AssumeUTXO diminishes as these users can independently verify transaction inclusions via their complete block data. The argument that a "very costly DoS" attack could occur under the AssumeUTXO model during IBD appears to be overstated since the process of header synchronization and block download remains unchanged, ensuring robustness against such threats. Furthermore, if an anomaly is detected in a snapshot used during IBD, it can be rectified by reverting to a fully validated UTXO set, ensuring that no effort in chain validation is wasted.

Despite the theoretical appeal of SPV-during-IBD as a potential innovation, its practical application seems limited, especially when considering the current trends and usage patterns within the Bitcoin community. The dialogue also touches upon how advancements like those seen in wallets such as Zeus—which facilitate the transition from custodial e-cash solutions to sovereign lightning network operations—might inspire future developments in this area. However, the preference leans towards the trade-offs offered by AssumeUTXO for its outlined reasons, suggesting a more streamlined and secure user experience in certain contexts.