Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191] helo=mx.sourceforge.net) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1YEgn6-0002su-IG for bitcoin-development@lists.sourceforge.net; Fri, 23 Jan 2015 16:09:00 +0000 X-ACL-Warn: Received: from wp059.webpack.hosteurope.de ([80.237.132.66]) by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.76) id 1YEgn4-0008Uu-Oa for bitcoin-development@lists.sourceforge.net; Fri, 23 Jan 2015 16:09:00 +0000 Received: from [37.143.74.116] (helo=[192.168.0.100]); authenticated by wp059.webpack.hosteurope.de running ExIM with esmtpsa (TLS1.0:RSA_AES_128_CBC_SHA1:16) id 1YEgmy-0003nh-1k; Fri, 23 Jan 2015 17:08:52 +0100 Content-Type: multipart/signed; boundary="Apple-Mail=_1B1F76C1-12D0-4FC7-8F9C-731372F5789F"; protocol="application/pgp-signature"; micalg=pgp-sha512 Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\)) From: Tamas Blummer In-Reply-To: Date: Fri, 23 Jan 2015 17:08:50 +0100 Message-Id: <954BF4E3-8DF2-4927-9E25-C5D66127FFA5@bitsofproof.com> References: <78662993-6C67-4480-8062-55CC9FA63908@bitsofproof.com> <54C26BFE.1080103@gmail.com> To: slush X-Mailer: Apple Mail (2.1878.6) X-bounce-key: webpack.hosteurope.de; tamas@bitsofproof.com; 1422029338; 34f509fa; X-Spam-Score: 1.0 (+) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -0.0 RCVD_IN_DNSWL_NONE RBL: Sender listed at http://www.dnswl.org/, no trust [80.237.132.66 listed in list.dnswl.org] 1.0 HTML_MESSAGE BODY: HTML included in message X-Headers-End: 1YEgn4-0008Uu-Oa Cc: "bitcoin-development@lists.sourceforge.net" Subject: Re: [Bitcoin-development] SIGHASH_WITHINPUTVALUE X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Jan 2015 16:09:00 -0000 --Apple-Mail=_1B1F76C1-12D0-4FC7-8F9C-731372F5789F Content-Type: multipart/alternative; boundary="Apple-Mail=_1AD4CE2E-A24F-4777-A6D9-D23C8BF5E694" --Apple-Mail=_1AD4CE2E-A24F-4777-A6D9-D23C8BF5E694 Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=iso-8859-1 You mean an isolated signing device without memory right?=20 An isolated node would still know the transactions substantiating its = coins, why would it sign them away to fees ? Tamas Blummer On Jan 23, 2015, at 4:47 PM, slush wrote: > Correct, plus the most likely scenario in such attack is that the = malware even don't push such tx with excessive fees to the network, but = send it directly to attacker's pool/miner. >=20 > M. >=20 > On Fri, Jan 23, 2015 at 4:42 PM, Alan Reiner = wrote: > Unfortunately, one major attack vector is someone isolating your node, = getting you to sign away your whole wallet to fee, and then selling it = to a mining pool to mine it before you can figure why your transactions = aren't making it to the network. In such an attack, the relay rules = aren't relevant, and if the attacker can DoS you for 24 hours, it = doesn't take a ton of mining power to make the attack extremely likely = to succeed. >=20 >=20 >=20 >=20 > On 01/23/2015 10:31 AM, Tamas Blummer wrote: >> Not a fix, but would reduce the financial risk, if nodes were not = relaying excessive fee transactions. >>=20 >> Tamas Blummer >>=20 >>=20 >=20 >=20 --Apple-Mail=_1AD4CE2E-A24F-4777-A6D9-D23C8BF5E694 Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=iso-8859-1 You = mean an isolated signing device without memory = right? 

An isolated node would still know = the transactions substantiating its coins, why would it sign them away = to fees ?

Tamas = Blummer

On Jan 23, 2015, at 4:47 PM, slush = <slush@centrum.cz> = wrote:

Correct, plus the most likely scenario in = such attack is that the malware even don't push such tx with excessive = fees to the network, but send it directly to attacker's = pool/miner.

M.

On Fri, Jan 23, = 2015 at 4:42 PM, Alan Reiner <etotheipi@gmail.com> = wrote:
=20 =20 =20
Unfortunately, one major attack vector is someone isolating your node, getting you to sign away your whole wallet to fee, and then selling it to a mining pool to mine it before you can figure why your transactions aren't making it to the network.  In such an attack, the relay rules aren't relevant, and if the attacker can DoS you for 24 hours, it doesn't take a ton of mining power to make the attack extremely likely to succeed.




On 01/23/2015 10:31 AM, Tamas Blummer wrote:
=20
Not a fix, but would reduce the financial risk, if nodes were not relaying excessive fee transactions.

Tamas Blummer



=

= --Apple-Mail=_1AD4CE2E-A24F-4777-A6D9-D23C8BF5E694-- --Apple-Mail=_1B1F76C1-12D0-4FC7-8F9C-731372F5789F Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP using GPGMail -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQEcBAEBCgAGBQJUwnISAAoJEPZykcUXcTkca98IAKH1uuS2IclmtiPtwurxcCmD GNdK2KjaLgC0k4ZDPlvIZxEZxgmmVmOp7WgGoSF0dGh3EnhQimayn+IvWd3bKFRA Qpl2QRPhcPYFRaTsjavY5BJ5ft90LIdHK26Q66GXgfzINCtZCWWrVrNEDW5A4rKQ kMHl4VSHHX//DOG8/ZrD42wZaagAl03S4xQ94J8vj29jjJxLuGq0AcwYHpvDHFFe vUUGORHEjOLrm/K2EQVb5lOaV14jHdLJK7wzEt4pdZOxoLSlyrzD6HzDbtcMwArX GzTdXUGuSu0NQ6XYxr6jHVmShUzp8BldqrKcTiH3wZlQL8lAB6FD6+G6KEPCtfY= =hsah -----END PGP SIGNATURE----- --Apple-Mail=_1B1F76C1-12D0-4FC7-8F9C-731372F5789F--