What are checkpoints?

37

7

I often read that checkpoints protect the network from a 51% attack because an attacker cannot reverse transactions made before the last checkpoint.

How exactly does this checkpoint mechanism work? And who creates the checkpoints?

nmat

Posted 2011-10-29T19:41:14.630

Reputation: 11 179

Answers

30

The checkpoints are hard coded into the standard client. The concept is, that the standard client will accept all transactions up to the checkpoint as valid and irreversible. If anyone tries to fork the blockchain starting from a block before the checkpoint, the client will not accept the fork. This makes those blocks "set in stone".

ThePiachu

Posted 2011-10-29T19:41:14.630

Reputation: 42 235

1So a checkpoint is usually created everytime the client is updated? – nmat – 2011-11-02T01:05:41.657

As far as I know, yes, but it is all in the hands of the developers. – ThePiachu – 2011-11-02T01:12:04.963

11We really plan to get rid of checkpoints, or at least significantly reduce their power. They don't actually add any security (if they would actually affect the chain, the system is already broken). – Pieter Wuille – 2014-09-14T20:47:31.027

1@PieterWuille@ThePiachu: I didn't find any checkpoints hardcoded in main.cpp, checkpoints.h, checkpoints.cpp...Can you tell where the first checkpoint is placed? – Aliakbar Ahmadi – 2015-05-31T21:05:11.500

1They are chain-specific data, and have thus been moved to chainparams.cpp now. – Pieter Wuille – 2015-06-01T21:04:35.733

1Would there be any way to make this behavior official? Something like "If the block was published to the network over a year ago, it is set in stone" which does not rely on the developers? This seem to be one of the few places where Bitcoin developers have a lot of authority, and it seems they generally work to keep that authority minimal. – Daniel H – 2012-08-21T22:02:27.857

1@DanielH I don't see why some automatic algorithm couldn't be implemented that would be choosing suitable checkpoints during each code update. I guess you can propose such a feature on the forum or the github project page. – ThePiachu – 2012-08-22T07:02:53.970

@ThePiachu Thanks for the answer. But, the question is, in a case where there's no checkpoint, why would client accept a chain shorter than what he already has? – user153465 – 2017-08-02T10:21:32.513

6

Update on this as of time of writing, just to clarify more specifically upon the other answer: dependence on checkpoints in the security model has been significantly reduced, they are only used in one very specific case now. That case is just to ignore forks from the chain early on, before the most recently seen checkpoint. When a node has seen a block it recognises as a checkpoint, any further blocks received below that height will be ignored.

You can see this here: https://github.com/bitcoin/bitcoin/blob/0dfc25f82a01d9fec26380d95915df31e1fe2c02/src/validation.cpp#L3107

It is a long term goal of removing the checkpoints entirely, because they are a source of confusion over the security model and power the developers have. But currently the role they serve is to prevent low difficulty header flooding attacks, and there has been no alternative solution proposed yet (that I know of).

MeshCollider

Posted 2011-10-29T19:41:14.630

Reputation: 9 285

so every node maintains a list of checkpoints? who decides which blocks get added to the list of checkpoints? – fdzsfhaS – 2018-03-14T02:55:40.000

2

@Auburn the list of checkpoints is hardcoded here: https://github.com/bitcoin/bitcoin/blob/master/src/chainparams.cpp#L153-L167 No new checkpoints are ever added anymore, the last was added on Jul 16, 2014

– MeshCollider – 2018-03-14T05:55:43.853

0

Bitcoin consensus algo is probabilistic (rather than deterministic) so in theory there is always the possibility of reversibility. The checkpoint gets around that by setting how far back it with even consider looking for blocks to verify.

user898617

Posted 2011-10-29T19:41:14.630

Reputation: 37