I think there’s nothing new here the Bitcoin engineering community isn’t already aware of and working on, but probably still useful to compile it all in one document.
TLDR (of the article, not the full report [1]):
1. Cryptographic primitives are sound
2. Implementation details and network topography may not be
3. 21% of Bitcoin nodes running an older version with a known vulnerability (patched in latest version)
4. Bitcoin network traffic is unencrypted, can be eavesdropped
5. Of all Bitcoin traffic, 60 percent traverses just three ISPs
6. Vast majority of Bitcoin nodes do not mine, nor communicate directly with miners
7. Four Bitcoin mining pools constitute over 51% of the hashpower
8. Their mining nodes do not connect directly to the network, but rather connect through gateways, representing single points of failure
[+] [-] SkyMarshal|3 years ago|reply
TLDR (of the article, not the full report [1]):
1. Cryptographic primitives are sound
2. Implementation details and network topography may not be
3. 21% of Bitcoin nodes running an older version with a known vulnerability (patched in latest version)
4. Bitcoin network traffic is unencrypted, can be eavesdropped
5. Of all Bitcoin traffic, 60 percent traverses just three ISPs
6. Vast majority of Bitcoin nodes do not mine, nor communicate directly with miners
7. Four Bitcoin mining pools constitute over 51% of the hashpower
8. Their mining nodes do not connect directly to the network, but rather connect through gateways, representing single points of failure
[1]: https://assets-global.website-files.com/5fd11235b3950c2c1a3b...
[+] [-] semidetached|3 years ago|reply