Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 9840A99BA for ; Tue, 5 Feb 2019 12:21:50 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from mail.bluematt.me (mail.bluematt.me [192.241.179.72]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 3D23B608 for ; Tue, 5 Feb 2019 12:21:50 +0000 (UTC) Received: from [10.233.42.100] (gw.vpn.bluematt.me [144.217.106.88]) by mail.bluematt.me (Postfix) with ESMTPSA id 1CFBD13AD61; Tue, 5 Feb 2019 12:21:47 +0000 (UTC) To: Olaoluwa Osuntokun , Bitcoin Protocol Discussion , Tamas Blummer References: <6D57649F-0236-4FBA-8376-4815F5F39E8A@gmail.com> From: Matt Corallo Message-ID: <97c96822-df5e-0c65-3992-6e292577ce66@mattcorallo.com> Date: Tue, 5 Feb 2019 12:21:45 +0000 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:60.0) Gecko/20100101 Thunderbird/60.3.1 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00 autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Mailman-Approved-At: Wed, 06 Feb 2019 15:48:05 +0000 Cc: Jim Posen Subject: Re: [bitcoin-dev] Interrogating a BIP157 server, BIP158 change proposal X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 05 Feb 2019 12:21:50 -0000 On 2/4/19 8:18 PM, Jim Posen via bitcoin-dev wrote: - snip - > 1) Introduce a new P2P message to retrieve all prev-outputs for a given > block (essentially the undo data in Core), and verify the scripts > against the block by executing them. While this permits some forms of > input script malleability (and thus cannot discriminate between all > valid and invalid filters), it restricts what an attacker can do. This > was proposed by Laolu AFAIK, and I believe this is how btcd is proceeding. I'm somewhat confused by this - how does the undo data help you without seeing the full (mistate compressed) transaction? In (the realistic) thread model where an attacker is trying to blind you from some output, they can simply give you "undo data" where scriptPubKeys are OP_TRUE instead of the real script and you'd be none the wiser. On 2/5/19 1:42 AM, Olaoluwa Osuntokun via bitcoin-dev wrote: - snip - > I think it's too late into the current deployment of the BIPs to change > things around yet again. Instead, the BIP already has measures in place for > adding _new_ filter types in the future. This along with a few other filter > types may be worthwhile additions as new filter types. - snip - Huh? I don't think we should seriously consider only-one-codebase-has-deployed-anything-with-very-limited-in-the-wild-use as "too late into the current deployment"? Matt