TLDR
- Released in April 2022, Bitcoin Core 23.0 adds support for the cjdns protocol, boosting protection against hostile ISPs.
- Cjdns is an end-to-end encrypted alternative to standard internet protocols.
- By adding cjdns support, Bitcoin full nodes now have a new way to exchange blocks, making the network more resilient against adversarial ISPs and firewalls.
Bitcoin Core version 23.0, released in April 2022, marked a significant update, as it integrated support for the cjdns mesh networking protocol. This move provides additional security against adversarial Internet Service Providers (ISPs) and strengthens the resilience of the Bitcoin Core software.
Cjdns uses public-key cryptography to create an encrypted IPv6 network. The network it creates operates within the fc00::/8 address space designated for unique local addresses, and each individual address is derived from a node’s cryptographic keys.
The cjdns protocol establishes a mesh network reminiscent of a distributed VPN topology with numerous entry points. This enables each participant to have direct access to every other node. With cjdns now part of Bitcoin Core, full nodes have an additional method to disseminate blocks and transactions, which is the lifeblood of data that makes the Bitcoin network work.
Bitcoin’s network communications can be easily targeted and restricted by ISPs and regulatory frameworks like national firewalls. Recognizing this, developers in the release of Bitcoin Core v23 also changed the software so that it can communicate over random port numbers rather than requiring port 8333. Randomizing the port number is a useful first step in making the network traffic more difficult to identify, but sophisticated attackers search for patterns in the data itself to try to “fingerprint” the protocol from the network traffic.
Cjdns makes significant efforts to frustrate such fingerprinting by making its traffic resemble random data. In addition, as a routing protocol, cjdns can dynamically find alternative paths if the usual routes face obstruction, enhancing the network’s resilience.
For many years, Bitcoin Core has had support for high anonymity networks such as TOR and I2P. These protocols provide excellent protection against network attacks, but their focus on anonymity comes at the expense of performance. For Bitcoin users, especially mining pools, the time it takes for a message to cross the Bitcoin network can be the difference between profit and loss, so anything which imposes a significant penalty on network performance is unacceptable.
Cjdns is unique in that it does not aim to provide anonymity, which means it can deliver much faster performance, on par with conventional VPNs. This balance between censorship resistance and efficient performance makes cjdns a fitting choice for Bitcoin users who cannot afford delay in their transactions or blocks.
The incorporation of cjdns alongside TOR and I2P underscores a commitment to bolstering the robustness and resilience of the Bitcoin network. Nevertheless, it’s important to recognize the security vulnerabilities that arise if one operates a Bitcoin node on only one network, such as only TOR using, or only using cjdns. When operating exclusively on a single network, there is increased susceptibility to Sybil and Eclipse attacks, and the risk of network partitioning. These security concerns can be mitigated by establishing manual connections with verified, trusted Bitcoin nodes.
The reliability of blockchain technology is intrinsically linked to the integrity of the internet upon which it operates. Hostile network administrators and network level censorship can exert substantial influence over free speech and commerce. However, decentralized networking protocols like cjdns, as well as the growth of local community mesh networks, offer meaningful defense of these liberties.
Cjdns is also the mesh infrastructure of the PKT Network. Launched in August 2019, the PKT Network is a fully decentralized digital ecosystem and technology stack built to scale open mesh internet access and digital freedom. PKT Network’s main features are its globally decentralized infrastructure, enabling anyone to build censorship-resistant websites, and supporting peer-to-peer payments direct to a cjdns IPv6 URL.
