I’d please like assist understanding the brand new -blocksxor enhancement, primarily from an admin perspective. I did see the next helpful information.
Output from bitcoind –help:
-blocksxor
Whether or not an XOR-key applies to blocksdir *.dat recordsdata. The created XOR-key
shall be zeros for an present blocksdir or when `-blocksxor=0` is
set, and random for a freshly initialized blocksdir. (default: 1)
From v28.0 launch notes:
Block recordsdata at the moment are XOR’d by default with a key saved within the blocksdir. Earlier releases of Bitcoin Core or earlier exterior software program won’t be able to learn the blocksdir with a non-zero XOR-key. Seek advice from the -blocksxor assist for extra particulars. (#28052)
Feedback for this modification are at: Pull Request #28052
Studying additional, it appears like this enhancement compensates for some AV softwares wrongly flagging blockchain storage recordsdata. It appears like this was initially reported towards chainstate recordsdata (Subject #4069), whereas this new “-blocksxor” remediation offers with misguided AV flags to the blocks knowledge recordsdata themselves.
For the brand new enhancement, it appears like a rolling random XOR obfuscation blocks listing which is then used to optionally obfuscate file contents.
My questions I would please like assist with are:
- I did not see the “rolling” nature of those keys described? When are the random XOR keys generated, and when do they “roll?” Are new keys created for every block? Does the brand new -blocksxor key-file include a number of obfuscation keys, it should?
- Additionally, how does this assist forestall AV softwares from persevering with to wrongly flag these knowledge recordsdata? Would not randomly XOR(ing) endured knowledge simply “kick the can down the highway”? Ultimately the identical drawback might occur. Are there AV-integration checks which show out this XOR(ing) resolution?
