summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorGavin <gavinandresen@gmail.com>2015-05-13 09:24:04 -0400
committerbitcoindev <bitcoindev@gnusha.org>2015-05-13 13:24:16 +0000
commit985d4797eac8367537c71aacde2fd6ea95d60fa1 (patch)
tree3a861a8a71d8488cb6c761dac1ecb4981fa3d1b8
parent9c46708ad86f6831e17c20cdf755f0ad777ce804 (diff)
downloadpi-bitcoindev-985d4797eac8367537c71aacde2fd6ea95d60fa1.tar.gz
pi-bitcoindev-985d4797eac8367537c71aacde2fd6ea95d60fa1.zip
Re: [Bitcoin-development] Long-term mining incentives
-rw-r--r--c3/cdfa883fbff2a98bf5d72a0dad74e5835c20ba242
1 files changed, 242 insertions, 0 deletions
diff --git a/c3/cdfa883fbff2a98bf5d72a0dad74e5835c20ba b/c3/cdfa883fbff2a98bf5d72a0dad74e5835c20ba
new file mode 100644
index 000000000..05fe4ce09
--- /dev/null
+++ b/c3/cdfa883fbff2a98bf5d72a0dad74e5835c20ba
@@ -0,0 +1,242 @@
+Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193]
+ helo=mx.sourceforge.net)
+ by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
+ (envelope-from <gavinandresen@gmail.com>) id 1YsWe0-0003YI-En
+ for bitcoin-development@lists.sourceforge.net;
+ Wed, 13 May 2015 13:24:16 +0000
+Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of gmail.com
+ designates 209.85.192.42 as permitted sender)
+ client-ip=209.85.192.42; envelope-from=gavinandresen@gmail.com;
+ helo=mail-qg0-f42.google.com;
+Received: from mail-qg0-f42.google.com ([209.85.192.42])
+ by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
+ (Exim 4.76) id 1YsWdx-0002Z8-7C
+ for bitcoin-development@lists.sourceforge.net;
+ Wed, 13 May 2015 13:24:16 +0000
+Received: by qgeb100 with SMTP id b100so20995382qge.3
+ for <bitcoin-development@lists.sourceforge.net>;
+ Wed, 13 May 2015 06:24:07 -0700 (PDT)
+X-Received: by 10.140.28.102 with SMTP id 93mr26365505qgy.78.1431523447797;
+ Wed, 13 May 2015 06:24:07 -0700 (PDT)
+Received: from ?IPv6:2600:1000:b11c:b9df:2d87:d588:1c81:617a?
+ ([2600:1000:b11c:b9df:2d87:d588:1c81:617a])
+ by mx.google.com with ESMTPSA id 10sm15521129qhv.27.2015.05.13.06.24.06
+ (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
+ Wed, 13 May 2015 06:24:06 -0700 (PDT)
+Content-Type: multipart/alternative;
+ boundary=Apple-Mail-1D350ADE-A483-4CFC-A151-4F92256CF5F9
+Mime-Version: 1.0 (1.0)
+From: Gavin <gavinandresen@gmail.com>
+X-Mailer: iPhone Mail (12F70)
+In-Reply-To: <CAE28kUR-0ozFg6D4Es7RCm1pA5xaW-E1R_YSTRRTj3z4XXiWxw@mail.gmail.com>
+Date: Wed, 13 May 2015 09:24:04 -0400
+Content-Transfer-Encoding: 7bit
+Message-Id: <E6CE3531-5AFC-49ED-9041-A924B01966BC@gmail.com>
+References: <5550D8BE.6070207@electrum.org>
+ <ce3d34c92efd1cf57326e4679550944e@national.shitposting.agency>
+ <CABsx9T1VgxEJWxrYTs+2hXGnGrSLGJ6mVcAexjXLvK7Vu+e3EA@mail.gmail.com>
+ <5551F376.4050008@electrum.org>
+ <CABsx9T1h7p3hDr7ty43uxsYs-oNRpndzg=dowST2tXtogxRm2g@mail.gmail.com>
+ <555210AF.3090705@electrum.org>
+ <CABsx9T3AxM3et7hgXx3+Rn3BvhQkF-Cn797sHcyztkMpD1UQmA@mail.gmail.com>
+ <55531E19.3090503@electrum.org>
+ <CAE-z3OXa8vk6Q1EBChoRYDOLKw--CXNXz4AokXCbVam_8LFFDg@mail.gmail.com>
+ <CAE28kURWFveC0B-WvFebMpGm1GY-8juxQ+UDpuYtOwVnbOgu-A@mail.gmail.com>
+ <CAE-z3OVBUu=6sqNc3RUJqFPuqhPdw1Ej0RZ-tSygoQ6LowhVXg@mail.gmail.com>
+ <CAE28kUR-0ozFg6D4Es7RCm1pA5xaW-E1R_YSTRRTj3z4XXiWxw@mail.gmail.com>
+To: Alex Mizrahi <alex.mizrahi@gmail.com>
+X-Spam-Score: -0.6 (/)
+X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
+ See http://spamassassin.org/tag/ for more details.
+ -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
+ sender-domain
+ 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
+ (gavinandresen[at]gmail.com)
+ -0.0 SPF_PASS SPF: sender matches SPF record
+ 1.0 HTML_MESSAGE BODY: HTML included in message
+ 0.0 MIME_QP_LONG_LINE RAW: Quoted-printable line longer than 76 chars
+ -0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
+ author's domain
+ 0.1 DKIM_SIGNED Message has a DKIM or DK signature,
+ not necessarily valid
+ -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
+X-Headers-End: 1YsWdx-0002Z8-7C
+Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
+Subject: Re: [Bitcoin-development] Long-term mining incentives
+X-BeenThere: bitcoin-development@lists.sourceforge.net
+X-Mailman-Version: 2.1.9
+Precedence: list
+List-Id: <bitcoin-development.lists.sourceforge.net>
+List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
+ <mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
+List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
+List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
+List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
+List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
+ <mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
+X-List-Received-Date: Wed, 13 May 2015 13:24:16 -0000
+
+
+--Apple-Mail-1D350ADE-A483-4CFC-A151-4F92256CF5F9
+Content-Type: text/plain;
+ charset=us-ascii
+Content-Transfer-Encoding: quoted-printable
+
+Checkpoints will be replaced by compiled-in 'at THIS timestamp the main chai=
+n had THIS much proof of work.'
+
+That is enough information to prevent attacks and still allow optimizations l=
+ike skipping signature checking for ancient transactions.
+
+I don't think anybody is proposing replacing checkpoints with nothing.
+
+--
+Gavin Andresen
+
+
+> On May 13, 2015, at 8:26 AM, Alex Mizrahi <alex.mizrahi@gmail.com> wrote:
+>=20
+> Let's consider a concrete example:
+>=20
+> 1. User wants to accept Bitcoin payments, as his customers want this.
+> 2. He downloads a recent version of Bitcoin Core, checks hashes and so on.=
+ (Maybe even builds from source.)
+> 3. Let's it to sync for several hours or days.
+> 4. After wallet is synced, he gives his address to customer.
+> 5. Customer pays.=20
+> 6. User waits 10 confirmations and ships the goods. (Suppose it's somethin=
+g very expensive.)
+> 7. Some time later, user wants to convert some of his bitcoins to dollars.=
+ He sends his bitcoins to an exchange but they never arrive.
+>=20
+> He tries to investigate, and after some time discovers that his router (or=
+ his ISP's router) was hijacked. His Bitcoin node couldn't connect to any of=
+ the legitimate nodes, and thus got a complete fake chain from the attacker.=
+
+> Bitcoins he received were totally fake.
+>=20
+> Bitcoin Core did a shitty job and confirmed some fake transactions.
+> User doesn't care that if his network was not impaired, Bitcoin Core would=
+ have worked properly.
+> The main duty of Bitcoin Core is to check whether transactions are confirm=
+ed, and if it can be fooled by a simple router hack, then it does its job po=
+orly.
+>=20
+> If you don't see it being a problem, you should't be allowed to develop an=
+ything security-related.
+>=20
+>> If a node is connected to 99 dishonest nodes and 1 honest node, it can st=
+ill sync with the main network.
+>=20
+> Yes, it is good against Sybil attack, but not good against a network-level=
+ attack.
+> Attack on user's routers is a very realistic, plausible attack.
+> Imagine if SSL could be hacked by hacking a router, would people still use=
+ it?
+>=20
+> Fucking no.
+> =20
+>> A 3 month reversal would be devastating, so the checkpoint isn't adding m=
+uch extra security.
+>=20
+> WIthout checkpoints an attacker could prepare a fork for $10.
+> With checkpoints, it would cost him at least $1000, but more likely upward=
+s of $100000.
+> That's quite a difference, no?
+>=20
+> I do not care what do you think about the reasons why checkpoints were add=
+ed, but it is a fact that they make the attack scenario I describe above har=
+d to impossible.
+>=20
+> Without checkpoints, you could perform this attack using a laptop.
+> With checkpoints, you need access to significant amounts of mining ASICs.
+>=20
+> --------------------------------------------------------------------------=
+----
+> One dashboard for servers and applications across Physical-Virtual-Cloud=20=
+
+> Widest out-of-the-box monitoring support with 50+ applications
+> Performance metrics, stats and reports that give you Actionable Insights
+> Deep dive visibility with transaction tracing using APM Insight.
+> http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
+> _______________________________________________
+> Bitcoin-development mailing list
+> Bitcoin-development@lists.sourceforge.net
+> https://lists.sourceforge.net/lists/listinfo/bitcoin-development
+
+--Apple-Mail-1D350ADE-A483-4CFC-A151-4F92256CF5F9
+Content-Type: text/html;
+ charset=utf-8
+Content-Transfer-Encoding: quoted-printable
+
+<html><head><meta http-equiv=3D"content-type" content=3D"text/html; charset=3D=
+utf-8"></head><body dir=3D"auto"><div>Checkpoints will be replaced by compil=
+ed-in 'at THIS timestamp the main chain had THIS much proof of work.'</div><=
+div><br></div><div>That is enough information to prevent attacks and still a=
+llow optimizations like skipping signature checking for ancient transactions=
+.</div><div><br></div><div>I don't think anybody is proposing replacing chec=
+kpoints with nothing.<br><br>--<div>Gavin Andresen</div><div><br></div></div=
+><div><br>On May 13, 2015, at 8:26 AM, Alex Mizrahi &lt;<a href=3D"mailto:al=
+ex.mizrahi@gmail.com">alex.mizrahi@gmail.com</a>&gt; wrote:<br><br></div><bl=
+ockquote type=3D"cite"><div><div dir=3D"ltr">Let's consider a concrete examp=
+le:<div><br></div><div>1. User wants to accept Bitcoin payments, as his cust=
+omers want this.</div><div>2. He downloads a recent version of Bitcoin Core,=
+ checks hashes and so on. (Maybe even builds from source.)</div><div>3. Let'=
+s it to sync for several hours or days.</div><div>4. After wallet is synced,=
+ he gives his address to customer.</div><div>5. Customer pays.&nbsp;</div><d=
+iv>6. User waits 10 confirmations and ships the goods. (Suppose it's somethi=
+ng very expensive.)</div><div>7. Some time later, user wants to convert some=
+ of his bitcoins to dollars. He sends his bitcoins to an exchange but they n=
+ever arrive.</div><div><br></div><div>He tries to investigate, and after som=
+e time discovers that his router (or his ISP's router) was hijacked. His Bit=
+coin node couldn't connect to any of the legitimate nodes, and thus got a co=
+mplete fake chain from the attacker.</div><div>Bitcoins he received were tot=
+ally fake.</div><div><br></div><div>Bitcoin Core did a shitty job and confir=
+med some fake transactions.</div><div>User doesn't care that <i>if </i>his n=
+etwork was not impaired, Bitcoin Core <i>would have </i>worked properly.</di=
+v><div>The main duty of Bitcoin Core is to check whether transactions are co=
+nfirmed, and if it can be fooled by a simple router hack, then it does its j=
+ob poorly.</div><div><br></div><div>If you don't see it being a problem, you=
+ should't be allowed to develop anything security-related.</div><div><br></d=
+iv><div><div class=3D"gmail_extra"><div class=3D"gmail_quote"><blockquote cl=
+ass=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;pa=
+dding-left:1ex"><div dir=3D"ltr"><div class=3D"gmail_extra"><div class=3D"gm=
+ail_quote"><div>If a node is connected to 99 dishonest nodes and 1 honest no=
+de, it can still sync with the main network.<br></div></div></div></div></bl=
+ockquote><div><br></div><div>Yes, it is good against Sybil attack, but not g=
+ood against a network-level attack.</div><div>Attack on user's routers is a v=
+ery realistic, plausible attack.</div><div>Imagine if SSL could be hacked by=
+ hacking a router, would people still use it?</div><div><br></div><div>Fucki=
+ng no.</div><div>&nbsp;&nbsp;</div><blockquote class=3D"gmail_quote" style=3D=
+"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir=3D"=
+ltr"><div class=3D"gmail_extra"><div class=3D"gmail_quote"><div></div><div>A=
+ 3 month reversal would be devastating, so the checkpoint isn't adding much e=
+xtra security.<br></div></div></div></div></blockquote><div><br></div><div>W=
+Ithout checkpoints an attacker could prepare a fork for $10.</div><div>With c=
+heckpoints, it would cost him at least $1000, but more likely upwards of $10=
+0000.</div><div>That's quite a difference, no?</div><div><br></div><div>I do=
+ not care what do you think about the reasons why checkpoints were added, bu=
+t it is a fact that they make the attack scenario I describe above hard to i=
+mpossible.</div><div><br></div><div>Without checkpoints, you could perform t=
+his attack using a laptop.</div><div>With checkpoints, you need access to si=
+gnificant amounts of mining ASICs.</div><div><br></div></div></div></div></d=
+iv>
+</div></blockquote><blockquote type=3D"cite"><div><span>--------------------=
+----------------------------------------------------------</span><br><span>O=
+ne dashboard for servers and applications across Physical-Virtual-Cloud </sp=
+an><br><span>Widest out-of-the-box monitoring support with 50+ applications<=
+/span><br><span>Performance metrics, stats and reports that give you Actiona=
+ble Insights</span><br><span>Deep dive visibility with transaction tracing u=
+sing APM Insight.</span><br><span><a href=3D"http://ad.doubleclick.net/ddm/c=
+lk/290420510;117567292;y">http://ad.doubleclick.net/ddm/clk/290420510;117567=
+292;y</a></span></div></blockquote><blockquote type=3D"cite"><div><span>____=
+___________________________________________</span><br><span>Bitcoin-developm=
+ent mailing list</span><br><span><a href=3D"mailto:Bitcoin-development@lists=
+.sourceforge.net">Bitcoin-development@lists.sourceforge.net</a></span><br><s=
+pan><a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-developm=
+ent">https://lists.sourceforge.net/lists/listinfo/bitcoin-development</a></s=
+pan><br></div></blockquote></body></html>=
+
+--Apple-Mail-1D350ADE-A483-4CFC-A151-4F92256CF5F9--
+
+