Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from <mh.in.england@gmail.com>) id 1UOs20-0003tn-Lx for bitcoin-development@lists.sourceforge.net; Sun, 07 Apr 2013 16:01:24 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.219.44 as permitted sender) client-ip=209.85.219.44; envelope-from=mh.in.england@gmail.com; helo=mail-oa0-f44.google.com; Received: from mail-oa0-f44.google.com ([209.85.219.44]) by sog-mx-4.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1UOs1v-00037e-5Y for bitcoin-development@lists.sourceforge.net; Sun, 07 Apr 2013 16:01:24 +0000 Received: by mail-oa0-f44.google.com with SMTP id h1so5459468oag.3 for <bitcoin-development@lists.sourceforge.net>; Sun, 07 Apr 2013 09:01:13 -0700 (PDT) MIME-Version: 1.0 X-Received: by 10.182.151.9 with SMTP id um9mr12999073obb.89.1365350473785; Sun, 07 Apr 2013 09:01:13 -0700 (PDT) Sender: mh.in.england@gmail.com Received: by 10.76.162.198 with HTTP; Sun, 7 Apr 2013 09:01:13 -0700 (PDT) In-Reply-To: <CAPg+sBhYuK79Gost2p1ksytNUTjAHz1REC1DRQaP2UD=cjRA0g@mail.gmail.com> References: <CAPg+sBhYuK79Gost2p1ksytNUTjAHz1REC1DRQaP2UD=cjRA0g@mail.gmail.com> Date: Sun, 7 Apr 2013 18:01:13 +0200 X-Google-Sender-Auth: DjnV9IFOFeHILP_yMRbpeV2P4c4 Message-ID: <CANEZrP3hu4C6-3gNFAcz85WL4HR+McHGiLG8E+-35VwyFGz7mw@mail.gmail.com> From: Mike Hearn <mike@plan99.net> To: Pieter Wuille <pieter.wuille@gmail.com> Content-Type: multipart/alternative; boundary=f46d0444e925fbecf804d9c76d1c X-Spam-Score: -0.5 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (mh.in.england[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 1.0 HTML_MESSAGE BODY: HTML included in message 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1UOs1v-00037e-5Y Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net> Subject: Re: [Bitcoin-development] Who is creating non-DER signatures? X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: <bitcoin-development.lists.sourceforge.net> List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>, <mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe> List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development> List-Post: <mailto:bitcoin-development@lists.sourceforge.net> List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help> List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>, <mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe> X-List-Received-Date: Sun, 07 Apr 2013 16:01:24 -0000 --f46d0444e925fbecf804d9c76d1c Content-Type: text/plain; charset=UTF-8 It'd help to know how the signatures are invalid. On Sun, Apr 7, 2013 at 5:34 PM, Pieter Wuille <pieter.wuille@gmail.com>wrote: > (cross-post from bitcointalk.org) > > Hello all, > > as some may know, Bitcoin uses DER-encoded signatures in its transactions. > However, OpenSSL (which is used to verify them) accepts more than just the > strict DER specification (it allows negative numbers, extra zero padding, > extra bytes at the end, and perhaps more). As we don't like the de-facto > specification of the Bitcoin block validity rules to depend on OpenSSL, > we're trying to introduce a rule to make such non-standard signatures > invalid. Obviously, that can't be done as long as any significant amount of > clients on the network is creating these. > > I've monitored all transactions the past weeks (1.4M transactions), and it > seems 9641 of them contain at least one non-standard signature. See > https://bitcointalk.org/index.php?topic=169620.0 for a list of the top > addresses that had coins used as inputs in such transactions. If you > recognize any of these addresses, or have an idea of who owns them or what > software they are using, please let me know. > > Thanks! > > -- > Pieter > > > > ------------------------------------------------------------------------------ > Minimize network downtime and maximize team effectiveness. > Reduce network management and security costs.Learn how to hire > the most talented Cisco Certified professionals. Visit the > Employer Resources Portal > http://www.cisco.com/web/learning/employer_resources/index.html > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > > --f46d0444e925fbecf804d9c76d1c Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr">It'd help to know how the signatures are invalid.</div= ><div class=3D"gmail_extra"><br><br><div class=3D"gmail_quote">On Sun, Apr = 7, 2013 at 5:34 PM, Pieter Wuille <span dir=3D"ltr"><<a href=3D"mailto:p= ieter.wuille@gmail.com" target=3D"_blank">pieter.wuille@gmail.com</a>></= span> wrote:<br> <blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p= x #ccc solid;padding-left:1ex"><div dir=3D"ltr"><div>(cross-post from <a hr= ef=3D"http://bitcointalk.org" target=3D"_blank">bitcointalk.org</a>)</div><= div><br> </div>Hello all,<div><br></div><div><div>as some may know, Bitcoin uses DER= -encoded signatures in its transactions. However, OpenSSL (which is used to= verify them) accepts more than just the strict DER specification (it allow= s negative numbers, extra zero padding, extra bytes at the end, and perhaps= more). As we don't like the de-facto specification of the Bitcoin bloc= k validity rules to depend on OpenSSL, we're trying to introduce a rule= to make such non-standard signatures invalid. Obviously, that can't be= done as long as any significant amount of clients on the network is creati= ng these.<br> </div><div><br></div><div>I've monitored all transactions the past week= s (1.4M transactions), and it seems 9641 of them contain at least one non-s= tandard signature. See=C2=A0<a href=3D"https://bitcointalk.org/index.php?to= pic=3D169620.0" target=3D"_blank">https://bitcointalk.org/index.php?topic= =3D169620.0</a>=C2=A0for a list of the top addresses that had coins used as= inputs in such transactions. If you recognize any of these addresses, or h= ave an idea of who owns them or what software they are using, please let me= know.</div> <div><br></div><div>Thanks!</div></div><span class=3D"HOEnZb"><font color= =3D"#888888"><div><br></div><div>--=C2=A0</div><div>Pieter</div><div><br></= div></font></span></div> <br>-----------------------------------------------------------------------= -------<br> Minimize network downtime and maximize team effectiveness.<br> Reduce network management and security costs.Learn how to hire<br> the most talented Cisco Certified professionals. Visit the<br> Employer Resources Portal<br> <a href=3D"http://www.cisco.com/web/learning/employer_resources/index.html"= target=3D"_blank">http://www.cisco.com/web/learning/employer_resources/ind= ex.html</a><br>_______________________________________________<br> Bitcoin-development mailing list<br> <a href=3D"mailto:Bitcoin-development@lists.sourceforge.net">Bitcoin-develo= pment@lists.sourceforge.net</a><br> <a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-development= " target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-de= velopment</a><br> <br></blockquote></div><br></div> --f46d0444e925fbecf804d9c76d1c--