5

I have noticed that importing a blockchain snapshot file blockchain.raw speeds up dramatically when using --verify 0. The default value is 1 though. What is the downside, or risk, of not verifying blocks and transactions during import? Would this just result in an error when doing rescan_bc in simplewallet? Or is there anything else to be aware of?

dpzz
  • 4,539
  • 3
  • 19
  • 45

1 Answers1

10

Basically, by not verifying, you're assuming the download is trusted. But there could be all sorts of bogus data in the blockchain.raw, if you have a man-in-the-middle attack during the download.

Personally, I only ever use blockchain.raw imports when I'm experimenting on very low power ARM devices, syncing up from scratch in nearly every case is significantly faster - and safer!

fluffyponyza
  • 5,089
  • 20
  • 35
  • Would monerod detect invalid data? I just read a comment on Slack about "consecutive valid block hashes". Wondering whether the daemon would error, or broadcast invalid data to incoming connections? I would guess the latter should not be possible, or else the network might get infected? – dpzz Oct 30 '16 at 02:05
  • The import would break, even with --verify off – fluffyponyza Oct 30 '16 at 06:17
  • If you are importing a blockchain.raw that you generated yourself from a different instance, and that instance verified the blockchain as it arrived, then there is no risk in --verify 0 because you've already verified. For a blockchain obtained somewhere else, the only reliable thing to do is --verify 1 – Benjamin Staton Feb 04 '18 at 18:42