Re: [bitcoin-dev] Replay attacks make BIP148 and BIP149 untennable

author: Tao Effect <contact@taoeffect.com> 2017-06-06 17:26:50 -0700
committer: bitcoindev <bitcoindev@gnusha.org> 2017-06-07 00:26:52 +0000
commit: c516bb8cc7c7d421e8648497b8497a6adf90a57d (patch)
tree: c0e63785178d4320f4608cfe7f5fbc77b5647d78
parent: 36f80fbf4f5346b3748d8a8e5bad7520295b86a8 (diff)
download: pi-bitcoindev-c516bb8cc7c7d421e8648497b8497a6adf90a57d.tar.gz
pi-bitcoindev-c516bb8cc7c7d421e8648497b8497a6adf90a57d.zip
1 files changed, 194 insertions, 0 deletions
diff --git a/b5/54665817ff0b5356c151cbbfc806596193ea1f b/b5/54665817ff0b5356c151cbbfc806596193ea1f
new file mode 100644
index 000000000..5af58f5d8
--- /dev/null
+++ b/b5/54665817ff0b5356c151cbbfc806596193ea1f
@@ -0,0 +1,194 @@
+Return-Path: <contact@taoeffect.com>
+Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
+	[172.17.192.35])
+	by mail.linuxfoundation.org (Postfix) with ESMTPS id 701E5B6B
+	for <bitcoin-dev@lists.linuxfoundation.org>;
+	Wed,  7 Jun 2017 00:26:52 +0000 (UTC)
+X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
+Received: from homiemail-a38.g.dreamhost.com (homie.mail.dreamhost.com
+	[208.97.132.208])
+	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id E605118F
+	for <bitcoin-dev@lists.linuxfoundation.org>;
+	Wed,  7 Jun 2017 00:26:51 +0000 (UTC)
+Received: from homiemail-a38.g.dreamhost.com (localhost [127.0.0.1])
+	by homiemail-a38.g.dreamhost.com (Postfix) with ESMTP id 74B5B10AFB5;
+	Tue,  6 Jun 2017 17:26:51 -0700 (PDT)
+DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=taoeffect.com; h=
+	content-type:mime-version:subject:from:in-reply-to:date:cc
+	:message-id:references:to; s=taoeffect.com; bh=+IfOOXDwIbdeLAU4/
+	iF/JA2a3Ig=; b=yKDPToEK0DI2HG3EWLN1AP+2kcCVGKgIo5WJtkAB6+Es2JYto
+	B/8qMR2yx2RafXbjcKUtHqYPIdf+DizexyF70y4QoCl4hElliUaWasNs6cLrkjkI
+	tMaullOzM1RePH+YZVtiaSlGt7/A7WEjaF93/V8ju4nF4Dx/gO0S9VlBvs=
+Received: from [192.168.42.64] (184-23-255-227.fiber.dynamic.sonic.net
+	[184.23.255.227])
+	(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
+	(No client certificate requested)
+	(Authenticated sender: contact@taoeffect.com)
+	by homiemail-a38.g.dreamhost.com (Postfix) with ESMTPSA id 1210310AFB0; 
+	Tue,  6 Jun 2017 17:26:50 -0700 (PDT)
+Content-Type: multipart/signed;
+	boundary="Apple-Mail=_10DEA4B2-422B-4D02-B9F8-EAF50EEFB722";
+	protocol="application/pgp-signature"; micalg=pgp-sha512
+Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
+From: Tao Effect <contact@taoeffect.com>
+In-Reply-To: <oSkyoMQ0QQadP3ZDrIU_Xw0sEG8lv5q3B5Kjwnu_MIkvUGmg9TrDn1myLeRhPhyPpGbAgp1QWkerbp76jjptWhh4jz3JXjVycXuXZkxodG8=@protonmail.com>
+Date: Tue, 6 Jun 2017 17:26:50 -0700
+X-Mao-Original-Outgoing-Id: 518488009.781592-063d0208f953a89a3226b2ec5e69d596
+Message-Id: <52DF2F59-49DF-4F90-B2A6-AF903EACE6A0@taoeffect.com>
+References: <31833011-7179-49D1-A07E-8FD9556C4534@taoeffect.com>
+	<20170606232015.GA11830@erisian.com.au>
+	<38DDC3A2-2727-477E-A6FF-7638842AAB03@taoeffect.com>
+	<w5Ywd9qPblH4-m68BQC58FfV4fNFOCPUkUIOsNOz8-0uJQLjIaG5JevhRv1x_0cqtcZvRsKYQTy-EuBTjzJL-DuSX7dsHuoMfw-68cweBOk=@protonmail.com>
+	<78F1D626-0D38-48FD-B2AF-378765182751@taoeffect.com>
+	<oSkyoMQ0QQadP3ZDrIU_Xw0sEG8lv5q3B5Kjwnu_MIkvUGmg9TrDn1myLeRhPhyPpGbAgp1QWkerbp76jjptWhh4jz3JXjVycXuXZkxodG8=@protonmail.com>
+To: Kekcoin <kekcoin@protonmail.com>
+X-Mailer: Apple Mail (2.3273)
+X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,
+	DKIM_VALID, DKIM_VALID_AU, HTML_MESSAGE,
+	RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1
+X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
+	smtp1.linux-foundation.org
+X-Mailman-Approved-At: Wed, 07 Jun 2017 12:52:53 +0000
+Cc: "bitcoin-dev@lists.linuxfoundation.org"
+	<bitcoin-dev@lists.linuxfoundation.org>, Anthony Towns <aj@erisian.com.au>
+Subject: Re: [bitcoin-dev] Replay attacks make BIP148 and BIP149 untennable
+X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
+X-Mailman-Version: 2.1.12
+Precedence: list
+List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
+List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
+	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
+List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
+List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
+List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
+List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
+	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
+X-List-Received-Date: Wed, 07 Jun 2017 00:26:52 -0000
+
+
+--Apple-Mail=_10DEA4B2-422B-4D02-B9F8-EAF50EEFB722
+Content-Type: multipart/alternative;
+	boundary="Apple-Mail=_F2419FAE-D926-4AE8-B962-236FA0884F11"
+
+
+--Apple-Mail=_F2419FAE-D926-4AE8-B962-236FA0884F11
+Content-Transfer-Encoding: quoted-printable
+Content-Type: text/plain;
+	charset=us-ascii
+
+I don't know what you mean by "render the replay threat moot."
+
+If you don't have replay protection, replay is always a threat. A very =
+serious one.
+
+--
+Please do not email me anything that you are not comfortable also =
+sharing with the NSA.
+
+> On Jun 6, 2017, at 5:19 PM, Kekcoin <kekcoin@protonmail.com =
+<mailto:kekcoin@protonmail.com>> wrote:
+>=20
+> Hmm, that's not the difference I was talking about. I was referring to =
+the fact that using "post-chainsplit coinbases from the non-148 chain" =
+to unilaterally (ie. can be done without action on the 148-chain) taint =
+coins is more secure in extreme-adverserial cases such as secret-mining =
+reorg attacks (as unfeasibly expensive they may be); the only =
+large-scale (>100 block) reorganization the non-148 chain faces should =
+be a resolution of the chainsplit and therefore render the replay threat =
+moot.
+>=20
+
+
+--Apple-Mail=_F2419FAE-D926-4AE8-B962-236FA0884F11
+Content-Transfer-Encoding: quoted-printable
+Content-Type: text/html;
+	charset=us-ascii
+
+<html><head><meta http-equiv=3D"Content-Type" content=3D"text/html =
+charset=3Dus-ascii"><meta http-equiv=3D"Content-Type" content=3D"text/html=
+ charset=3Dus-ascii"></head><body style=3D"word-wrap: break-word; =
+-webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" =
+class=3D"">I don't know what you mean by "render the replay threat =
+moot."<div class=3D""><br class=3D""></div><div class=3D"">If you don't =
+have replay protection, replay is always a threat. A very serious =
+one.<br class=3D""><div class=3D"">
+<span style=3D"color: rgb(0, 0, 0); font-family: Helvetica; font-size: =
+14px; font-style: normal; font-variant-caps: normal; font-weight: =
+normal; letter-spacing: normal; text-align: start; text-indent: 0px; =
+text-transform: none; white-space: normal; word-spacing: 0px; =
+-webkit-text-stroke-width: 0px; font-variant-ligatures: normal; =
+font-variant-position: normal; font-variant-numeric: normal; =
+font-variant-alternates: normal; font-variant-east-asian: normal; =
+line-height: normal; orphans: 2; widows: 2;" class=3D""><br =
+class=3D"Apple-interchange-newline">--</span><br style=3D"color: rgb(0, =
+0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; =
+font-variant-caps: normal; font-weight: normal; letter-spacing: normal; =
+text-align: start; text-indent: 0px; text-transform: none; white-space: =
+normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; =
+font-variant-ligatures: normal; font-variant-position: normal; =
+font-variant-numeric: normal; font-variant-alternates: normal; =
+font-variant-east-asian: normal; line-height: normal; orphans: 2; =
+widows: 2;" class=3D""><span style=3D"color: rgb(0, 0, 0); font-family: =
+Helvetica; font-size: 14px; font-style: normal; font-variant-caps: =
+normal; font-weight: normal; letter-spacing: normal; text-align: start; =
+text-indent: 0px; text-transform: none; white-space: normal; =
+word-spacing: 0px; -webkit-text-stroke-width: 0px; =
+font-variant-ligatures: normal; font-variant-position: normal; =
+font-variant-numeric: normal; font-variant-alternates: normal; =
+font-variant-east-asian: normal; line-height: normal; orphans: 2; =
+widows: 2;" class=3D"">Please do not email me anything that you are not =
+comfortable also sharing</span><span style=3D"color: rgb(0, 0, 0); =
+font-family: Helvetica; font-size: 14px; font-style: normal; =
+font-variant-caps: normal; font-weight: normal; letter-spacing: normal; =
+text-align: start; text-indent: 0px; text-transform: none; white-space: =
+normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; =
+font-variant-ligatures: normal; font-variant-position: normal; =
+font-variant-numeric: normal; font-variant-alternates: normal; =
+font-variant-east-asian: normal; line-height: normal; orphans: 2; =
+widows: 2;" class=3D"">&nbsp;with the NSA.</span>
+</div>
+<br class=3D""><div><blockquote type=3D"cite" class=3D""><div =
+class=3D"">On Jun 6, 2017, at 5:19 PM, Kekcoin &lt;<a =
+href=3D"mailto:kekcoin@protonmail.com" =
+class=3D"">kekcoin@protonmail.com</a>&gt; wrote:</div><br =
+class=3D"Apple-interchange-newline"><div class=3D""><div class=3D"">Hmm, =
+that's not the difference I was talking about. I was referring to the =
+fact that using "post-chainsplit coinbases from the non-148 chain" to =
+unilaterally (ie. can be done without action on the 148-chain) taint =
+coins  is more secure in extreme-adverserial cases such as secret-mining =
+reorg attacks (as unfeasibly expensive they may be); the only =
+large-scale (&gt;100 block) reorganization the non-148  chain faces =
+should be a resolution of the chainsplit and therefore render the replay =
+threat moot.<br class=3D""></div><div class=3D""><br =
+class=3D""></div></div></blockquote></div><br =
+class=3D""></div></body></html>=
+
+--Apple-Mail=_F2419FAE-D926-4AE8-B962-236FA0884F11--
+
+--Apple-Mail=_10DEA4B2-422B-4D02-B9F8-EAF50EEFB722
+Content-Transfer-Encoding: 7bit
+Content-Disposition: attachment;
+	filename=signature.asc
+Content-Type: application/pgp-signature;
+	name=signature.asc
+Content-Description: Message signed with OpenPGP
+
+-----BEGIN PGP SIGNATURE-----
+
+iQIcBAEBCgAGBQJZN0hJAAoJEOxnICvpCVJHVIYP/jAmko4ytlN8uM9E8Ad8FQ2N
+Y7+7ZQr4xBG7JsXYqSYGZ5B5+c5AZQxgZ/YxSDE2XIZeGLPUQ1wFJdZwy4q+2GKO
+DglmmddE5ENlFY5I+NFYszOCW5S0cqUVfPzMyPSFv0Cq6buujDwN+GqqH4OKMkgt
+oiZ0Vc1DN2xoqjI/MZQUg618mxju/NkvhqPitoWoMoJemGkrfkBaZTNHJ/7Vz65Y
+r25enAKxeOP6Z391r2IjWaBiKXAqP+6kHZg8w2XRXTekHw11XU+mftpwb3xNHvdf
+k3ltoABlVRvhP8MAUK1AOtsoseyNZSRbuyjEHKpgNLdl22ZW4zeggJHX4UUT3FXg
+bKlK2xgMWP0FLAHqLYFNb1NVka70flGMmx0yooFVGsohrrfRAhTGpp0dOe4xAIa3
+zrPExLmvRcAz6lOj2+WLMd7fIYvS8uRpSfF1SsI8m1HQ0YDWh1O/jp1R2K75GJLD
+e+7DE8roeLO1rbz6uHRaj/4vV7H1DnsLeasf5k6m5yP4ztWff3C5HJ5wBBcQQD2d
+xwxW/1V76W3Spl307laOwRuGr7lHuPGUc6X2PRtRo9w+Ox06R4EZ4E0HhC6QuACU
+WLqv0/tdtBZ0YVUFVcY+77Z3qSLkFCPyR7ucPD/seYfSecGJpV0+kJCW7BzqyJzF
+I4Gk42pRomEVHTpFfOjA
+=XhNB
+-----END PGP SIGNATURE-----
+
+--Apple-Mail=_10DEA4B2-422B-4D02-B9F8-EAF50EEFB722--
+
author	Tao Effect <contact@taoeffect.com>	2017-06-06 17:26:50 -0700
committer	bitcoindev <bitcoindev@gnusha.org>	2017-06-07 00:26:52 +0000
commit	c516bb8cc7c7d421e8648497b8497a6adf90a57d (patch)
tree	c0e63785178d4320f4608cfe7f5fbc77b5647d78
parent	36f80fbf4f5346b3748d8a8e5bad7520295b86a8 (diff)
download	pi-bitcoindev-c516bb8cc7c7d421e8648497b8497a6adf90a57d.tar.gz pi-bitcoindev-c516bb8cc7c7d421e8648497b8497a6adf90a57d.zip