Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193]
	helo=mx.sourceforge.net)
	by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <pete@petertodd.org>) id 1Z2c1m-0000HZ-50
	for bitcoin-development@lists.sourceforge.net;
	Wed, 10 Jun 2015 09:10:30 +0000
Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of petertodd.org
	designates 62.13.148.93 as permitted sender)
	client-ip=62.13.148.93; envelope-from=pete@petertodd.org;
	helo=outmail148093.authsmtp.net; 
Received: from outmail148093.authsmtp.net ([62.13.148.93])
	by sog-mx-3.v43.ch3.sourceforge.com with esmtp (Exim 4.76)
	id 1Z2c1j-00081J-Qg for bitcoin-development@lists.sourceforge.net;
	Wed, 10 Jun 2015 09:10:30 +0000
Received: from mail-c235.authsmtp.com (mail-c235.authsmtp.com [62.13.128.235])
	by punt16.authsmtp.com (8.14.2/8.14.2/) with ESMTP id t5A9AK4K071047;
	Wed, 10 Jun 2015 10:10:20 +0100 (BST)
Received: from savin.petertodd.org (75-119-251-161.dsl.teksavvy.com
	[75.119.251.161]) (authenticated bits=128)
	by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id t5A9AExo044943
	(version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO);
	Wed, 10 Jun 2015 10:10:16 +0100 (BST)
Date: Wed, 10 Jun 2015 05:10:13 -0400
From: Peter Todd <pete@petertodd.org>
To: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Message-ID: <20150610091013.GA21649@savin.petertodd.org>
References: <20150526051305.GA23502@savin.petertodd.org>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
	protocol="application/pgp-signature"; boundary="fdj2RfSjLxBAspz7"
Content-Disposition: inline
In-Reply-To: <20150526051305.GA23502@savin.petertodd.org>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-Server-Quench: 82ac2220-0f50-11e5-b396-002590a15da7
X-AuthReport-Spam: If SPAM / abuse - report it at:
	http://www.authsmtp.com/abuse
X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR
	aAdMdwIUEkAaAgsB AmMbWlReUV17WGU7 bA9PbARUfEhLXhtr
	VklWR1pVCwQmRRlw D29rGkZycwFPfH0+ bEJkXD5TXhUpd0R/
	QlNUQ2gGeGZhPWUC AkNRcR5UcAFPdx8U a1UrBXRDFzxFJT59
	JAI+OXUKNDtSYB5Y WgUEJl9XS1dOMDMx DwgLAT4vVUQKTiQ1
	NABuAF8AF0EQNA0Z NkEsEUxAdUZKTFc2 
X-Authentic-SMTP: 61633532353630.1023:706
X-AuthFastPath: 0 (Was 255)
X-AuthSMTP-Origin: 75.119.251.161/587
X-AuthVirus-Status: No virus detected - but ensure you scan with your own
	anti-virus system.
X-Spam-Score: -1.5 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
	-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
	sender-domain
	-0.0 SPF_PASS               SPF: sender matches SPF record
X-Headers-End: 1Z2c1j-00081J-Qg
Subject: [Bitcoin-development] First-Seen-Safe Replace-by-Fee patch against
	Bitcoin Core v0.10.2
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Wed, 10 Jun 2015 09:10:30 -0000


--fdj2RfSjLxBAspz7
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

First-seen-safe Replace-by-Fee is now available as a patch against
v0.10.2:

    https://github.com/petertodd/bitcoin/tree/first-seen-safe-rbf-v0.10.2

I've also had a pull-req against git HEAD open for a few weeks now:

    https://github.com/bitcoin/bitcoin/pull/6176#issuecomment-104877829

I've got some hashing power interested in running this patch in the near
future, so I'm offering a bounty of up to 1 BTC to anyone who can find a
way to attack miners running this patch. Specifically, I'm concerned
about things that would lead to significant losses for those miners. A
total crash would be considered very serious - 1 BTC - while excess
bandwidth usage would be considered minor - more like 0.1 BTC. (remember
that this would have to be bandwidth significantly in excess of existing
attacks)

For reference, here's an example of a crash exploit found by Suhas
Daftuar: https://github.com/bitcoin/bitcoin/pull/6176#issuecomment-104877829

If two people report the same or overlapping issues, first person will
get priority. Adding a new test that demos your exploit to the unit
tests will be looked upon favorably. That said, in general I'm not going
to make any hard promises with regards to payouts and will be using my
best judgement. I've got a bit over 2BTC budgetted for this, which is
coming out of my own pockets - I'm not rich! All applicants are however
welcome to troll me on reddit if you think I'm being unfair.


Suhas: speaking of, feel free to email me a Bitcoin address! :)

--=20
'peter'[:-1]@petertodd.org
000000000000000006dd456cf5ff8bbb56cf88e9314711d55b75c8d23cccddd5

--fdj2RfSjLxBAspz7
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature

-----BEGIN PGP SIGNATURE-----

iQGrBAEBCACVBQJVd/7wXhSAAAAAABUAQGJsb2NraGFzaEBiaXRjb2luLm9yZzAw
MDAwMDAwMDAwMDAwMDAwNmRlNjExMDk2OTVhNGFhN2FkNDNlMDEwMmQwNTQzNjI4
MGYzZGY3NzY0NmZhNWYvFIAAAAAAFQARcGthLWFkZHJlc3NAZ251cGcub3JncGV0
ZUBwZXRlcnRvZC5vcmcACgkQJIFAPaXwkfuV6Af6A2w//0XihKicuZ9++N26BHO9
NqCEQXt4ZMpjQPg+2PXxE21nvGX9Yb7uqiHrwgjCTozTEb6NEoY3ZX2cHsFyDZBv
iph0g+ho3GYvzGadCzmvVY+Tcym2/cP5VuVds7caF5e60iqtHFV3M4MRcs2QBXAn
Z7+5no/gVriIBYec8T6Z4kTltCNl5ODzxhnlV622iOdd4TwkTKnekjRWDG4vBces
oWTGQ9p5Seu6AGP19L69vyzGKbbX2DistdnEUtmcDmQMa+MC0H56WUjv76UbuhMk
ywiBLOh8KZlC/w0killHO6mJTWpI3zMY3Lxvpvi9xgyRWxXdcn4mqy/gmzI5TA==
=QQED
-----END PGP SIGNATURE-----

--fdj2RfSjLxBAspz7--