Hi Jeremy,

Why does the SPV verifier need to do additional checks? SPV implies it's simply trusting the heaviest chain. Clearly they could validate it, but I'm not seeing necessity in the security model.

Greg

On Monday, June 1, 2026 at 4:22:28 PM UTC-4 jeremy wrote:
Antoine,

Rejecting nodes with any valid tx in path, without this rule, is problematic, because it _can_ be possible for an attacking miner to engineer that scenario by grinding one TXID leaf to mask a subtree, which could have major consequences. Third party malleability vulnerability to deposit / withdrawal masking is a serious bug. Worth thinking that through very carefully before recommending these mitigations. Do you have an end-to-end working example of such a mitigation that doesn't have these issues?

This is incorrect for any bridge, wallet, or deposit system that does not receive funds to a script that either burns the funds or that anyone can spend.

The problem is that from the perspective of a wide variety of layer 2 protocols, you actually do want to be able to simply close out a UTXO and prove a UTXO is spent.

In the current L2 protocol design space, value doesn't always flow directly along the output,  the UTXO may be being used as a connector input, and the spend of that output may be making a different output available after a timeout and excluding an alternative spend.

Best,

Jeremy

--
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/923b3d65-3472-4d7d-9b13-da44753fe5f8n%40googlegroups.com.