What are the differences between a bitcoin full node and a SPV node (simplified payment verification node)?
Full nodes
Full nodes keep a complete copy of all the bitcoin blockchain with all the transactions. This copy is built by the full node itself from the beginning (genesis block) by verifying and adding independently all the transactions to it. So a full node independently and authoritatively verifies all the transactions by itself without having any need of external resources. This node receives from the network informations about new blocks and transactions but verifies independently any data received while adding them to the local copy of the blockchain.
This means that a full node gives you a complete independence from any centralization or external resource, giving you the possibility to access to the system authoritatively and without having to rely on external servers.
Obviously this comes with a price. Infact the full node needs to have a high amount of storage space for storing all the blockchain locally and enough resources to run all the needed verifications. At actual rate with a 2GB ram computer you may take a week for all the blockchain to be completely synced and verified locally by a new full node running the bitcoin core software. Infact only the genesis block is embedded into the software, all the other blocks are added to the local blockchain step by step while starting the node for the first time.
SPV nodes
Many bitcoin clients are designed to run into smartphones, tables and machines with low resources and storage. For those devices a simplified payment verification system runs to allow them to operate without the full blockchain stored locally.
SPV nodes, infact, download the block headers only and exclude the transactions of each block. So they have a chain of blocks without transactions and this makes possible to have a resulting data amount stored locally over thousand times lower in size.
They rely on peers to provide parts of the blockchain when necessary. So how they can do to verify a transaction? They use the link between the transaction which they are interested in and the block that contains it, using the merkle path. To protect the spv node against the possibility of a double spending attack against the spv itself, the nodes must connect randomly to other different nodes to have the maximum probability to get correct informations. This is why, to be completely sure about a transaction, only a full node can be used.
It’s very important to consider this behavior can create a privacy risk. Why? because spv nodes must ask about specific transactions and this makes possible that some software agent which is monitoring the network can correlate the asked transactions to the user running the wallet.
In order to mitigate this risk, the bloom filter can be used by spv nodes. The bloom filters can ask for specific transactions matching a pattern rather then about a specific transaction. SPV nodes can therefore use such filters to filter transactions they receive from peers selecting only the needed informations and without having to disclose with address they are interested in.
In any case using a SPV node instead of a full node gives the user a weaker privacy and security and therefore the use of such nodes must be evaluated on the base of the amount held on accounts connected.
For higher held amount of bitcoin, that user plans to keep long time, it’s very important to use a dedicated full node connected with a TOR network connection in such a way to benefit of enhanced security and privacy for their funds.