Mastering Bitcoin — 11.5: BIP37 Bloom Filters
How did early Bitcoin lightweight wallets try to protect user privacy, and why did the scheme collapse? This video traces the rise and fall of BIP37, the bloom filter protocol that promised plausible deniability to SPV clients but ultimately failed against adversaries holding the full blockchain.
Key concepts covered:
Simplified Payment Verification (SPV) and why lightweight wallets cannot store the full chain
The mechanics of bloom filters: bit arrays, hash functions, and intentional collisions
The defining asymmetry: definitely no versus maybe yes (no false negatives, inherent false positives)
Tuning the tradeoff between bandwidth, precision, and privacy
BIP37 message flow: filterload, merkleblock, filteradd, and filterclear
Why graph analysis on clustered transactions defeats probabilistic obfuscation
The 2014 deanonymization result that broke BIP37 in practice
Denial-of-service amplification through crafted filters
The shift to BIP157/158 compact block filters and architectural privacy by inversion
A broader lesson: privacy on a public ledger requires more than ambiguity