Although Satoshi Nakamoto’s Bitcoin white paper introduced the idea of simplified payment verification (SPV), not all recommendations from that section have been implemented by the Bitcoin developer community. Satoshi proposed an alert mechanism that would allow full nodes to notify SPV clients when an invalid block was detected, but practical implementation has proven difficult. According to Bitcoin Core contributor and Ciphrex CEO Eric Lombrozo, the upcoming Segregated Witness (SegWit) soft fork could enable Satoshi’s vision of stronger SPV security.
Lombrozo discussed the concept of fraud proofs — compact proofs that demonstrate a block is invalid — on a recent episode of epicenter Bitcoin, explaining how they could improve SPV security.
Why Bitcoin Needs Fraud Proofs
During the interview, Epicenter Bitcoin co-host Sébastien Couture asked Lombrozo to explain fraud proofs and their benefits for SPV clients. Lombrozo summarized the core advantage:
“If there was a way to have fraud proofs, it would improve the security [of SPV nodes] because it would only require one whistleblower on the entire network to notice that a block is invalid and all SPV nodes could ignore that block.”
SPV nodes enable lightweight clients on less powerful devices like smartphones, but they do not validate transactions locally in full, which weakens their security. Lombrozo described the practical risks:
“Right now, if you’re running an SPV client, you get a block that confirms a transaction and, unless you are able to validate the block, you just accept the transaction’s confirmation because the rest of the network seems to think it’s okay. But, of course, miners could be cheating or they could be running buggy software. That has actually happened before. Miners are not validating correctly. And then, SPV clients are going to see confirmations that are not actually real.”
A real-world example occurred on July 4, 2015, when a soft fork (BIP 66) activated and a small miner produced an invalid block. Because many miners were not fully validating blocks — roughly half were engaging in SPV mining — subsequent blocks were built on top of an invalid block. The invalid chain was eventually orphaned, but the incident cost some miners around $50,000 in lost revenue and temporarily forced some users to wait for as many as 30 confirmations before trusting a transaction.
How a Block’s Invalidity Could Be Proven
Lombrozo noted that fraud proofs could be created with low resource requirements, allowing SPV nodes to cheaply verify a claim that a block is invalid. Only one full node would need to detect the issue and propagate the proof for the network to react. He elaborated:
“A potential fix would be if it was possible to make it so if — even if proving the block is invalid is expensive (it requires downloading the whole blockchain and then checking it) — maybe checking that the block is invalid could be made cheap. So you could have a very short proof that demonstrates that the block is invalid, and if you could create this, that means it would only take one node on the entire network to construct this proof and propagate it. And then all the nodes would know immediately to ignore this.”
In practice, fraud proofs would let SPV clients retain their lightweight advantages while gaining significantly improved protection against invalid blocks and miner misbehavior.
Fraud Proofs Are Not a Complete Solution
Despite their promise, fraud proofs do not eliminate all vulnerabilities inherent to SPV clients. Lombrozo highlighted trade-offs and risks associated with relying on compact invalidity proofs:
“There’s a significant problem with this, which is it requires extreme censorship resistance. For instance, if you’re connected through your ISP and your ISP decides to block these messages, there could be potential attacks there. So it requires more security assumptions, but on the other hand, it does mean that the incentives model shifts more towards people actually wanting to validate correctly because it’s harder for someone to get away with it. So just the knowledge that if you try to do this it would be harder to get away with, it could make it so people are less inclined to try it.”
The censorship-resistance requirement means fraud proofs depend on reliable message propagation: if adversaries or network intermediaries block the proofs, SPV clients could remain unaware of invalid blocks. Nonetheless, fraud proofs would raise the cost and risk of attempting to cheat the network, which could deter bad behavior and encourage more thorough validation by miners and nodes.
Lombrozo is optimistic about the role fraud proofs could play in a future SPV design, but he cautioned that they will not arrive immediately with the first SegWit release. Instead, fraud proofs are a potential follow-up improvement that could be added in later releases once SegWit’s foundational changes are in place.