Edit: this reply is written assuming you’re asking about ‘SPV’ or ‘mild pockets’ implementations, not a full node implementation
How do I do know that that exact (malicious) node has the latest or legitimate blockchain?
That is two separate questions: are you updated? And is the information legitimate?
Updated: it’s doable for mild wallets to question knowledge from a number of community friends, although not each implementation will achieve this. This helps guarantee no single node is ‘mendacity by omission’, which implies they’re withholding info from you (Attention-grabbing associated information: ‘fraud proofs’ are apparently very, very tough to craft. It’s an ongoing space of analysis within the subject). If you’re solely related to malicious nodes, this will turn out to be a difficulty, although in observe it’s not a tough concern to beat (see: Sybil assaults / eclipse assaults).
Some mild wallets will connect with a server run by the builders of that pockets, whereas others will join on to a node(s) within the bitcoin community. Utilizing a service that doesn’t hardcode their very own server into the pockets might be higher, although in the event that they comply with a typical HD pockets scheme it must be no downside importing your seed phrase to a special pockets in case that service goes down.
I believe the perfect recommendation is to run your personal node. Many mild wallets help you level your pockets at your personal node as a handbook setup choice. This offers you sovereignty, and enormously elevated privateness as nicely.
Validity: mild wallets work by downloading the chain of block headers, after which requesting information associated to the pockets’s deal with’ from related nodes. By solely downloading the blockheaders, useful resource utilization stays low sufficient for the pockets to work on cellular (lower than 100mb for all the bitcoin historical past, presently).
The header comprises the transaction merkle root, which can be utilized to regionally confirm {that a} legitimate transaction is included in a sure block, with out having all of that block’s knowledge. A node will serve the transaction in query to the pockets, together with the intermediate hashes within the merkle tree. This enables the node to recalculate the merkle root regionally, giving proof that the transaction is confirmed on the bitcoin community (and thus legitimate in response to the community’s guidelines). If even one bit of knowledge is modified, the merkle root might be calculated otherwise, and the pockets will know the transaction served is invalid.
