Return-Path: <da2ce7@gmail.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id 7F98BB62
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Fri, 26 May 2017 06:30:16 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-lf0-f47.google.com (mail-lf0-f47.google.com
	[209.85.215.47])
	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 39853161
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Fri, 26 May 2017 06:30:15 +0000 (UTC)
Received: by mail-lf0-f47.google.com with SMTP id a5so1102287lfh.2
	for <bitcoin-dev@lists.linuxfoundation.org>;
	Thu, 25 May 2017 23:30:15 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
	h=from:content-transfer-encoding:mime-version:subject:message-id:date
	:to; bh=/1NDAzoVwNjaRTEoQX+jLfl0/sYqYDMG0x9wY1avPfk=;
	b=BODKSg1hpAj4ayVoR70Gi2LKz3s+qfVdmyjXWLR2QSpDkRT6qtgUU3edd8Z52tCSP0
	Lvj9ZS1e7zi4nJZ6YdcwXTSeOIhwQfNcH8LUldqEuwSBc8jn1pejo3pysT8XVrjJkgkE
	96ASdCPV1USi+96k79FMhpYaHFzVdunDcrltzVnpRfCLgLlPyzDZhTsp8BW56YMeJW2V
	AY7oDVCZh7RW4cV/KKzag0Wedjyh45kifYCm8577GSvu7Ge0kG6DWRQMYvVKOnQfYoee
	95owxD7wNcX9gEBHBDPzwWZNOh8r08dKQ/EGuxM9FvJJVemzLO3Vo6d2sjKxVXQM8kjb
	TLjw==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
	d=1e100.net; s=20161025;
	h=x-gm-message-state:from:content-transfer-encoding:mime-version
	:subject:message-id:date:to;
	bh=/1NDAzoVwNjaRTEoQX+jLfl0/sYqYDMG0x9wY1avPfk=;
	b=cxocgK0Ag88ZFi0pWkXq6EdW4pErjDID0RG7ihJUwZLtM0m6Rlw5gTdPk55glZLE2c
	6Oi6kWUKSI1jtPe0cKNtaFNmtQqWZKudHQuiMxNrCVGn+CaqNYVeDXjsC9KcQWPG98Dh
	uOwPvS4btYHZ2Ofk5NEBGMzja3XP5R3Lf/grKdXc3xHgVzUjFw+y8WQxSBDbw5mksX7d
	XBvIknI981VdXgGC7WbwjPQ2aKfl70s85+37dRcOLvWxCi8c+G6gVqJcd83YncEHbutZ
	uQ8Vgv3pZ927yj2y4bXYSnS8jpz6LSF/C5rOQDI4u099JqcTXDtc7RgY+okLhxCPN4qa
	6QKg==
X-Gm-Message-State: AODbwcCw7KpK++XhUnvpb9s5C0Ly+bnNVNabrFyxtDD9NUpx1518dspv
	BkW4jZ8Nkxh/ANon9CA=
X-Received: by 10.25.221.198 with SMTP id w67mr122762lfi.114.1495780213123;
	Thu, 25 May 2017 23:30:13 -0700 (PDT)
Received: from [192.168.1.73] (37-145-225-221.broadband.corbina.ru.
	[37.145.225.221]) by smtp.gmail.com with ESMTPSA id
	b71sm1806480lfg.32.2017.05.25.23.30.12
	for <bitcoin-dev@lists.linuxfoundation.org>
	(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
	Thu, 25 May 2017 23:30:12 -0700 (PDT)
From: Cameron Garnham <da2ce7@gmail.com>
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
Message-Id: <D0299438-E848-4696-B323-8D0E810AE491@gmail.com>
Date: Fri, 26 May 2017 09:30:08 +0300
To: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
X-Mailer: Apple Mail (2.3273)
X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM,
	RCVD_IN_DNSWL_NONE,RCVD_IN_SORBS_SPAM autolearn=no version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
Subject: [bitcoin-dev] Emergency Deployment of SegWit as a partial
 mitigation of CVE-2017-9230
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
	<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Fri, 26 May 2017 06:30:16 -0000

Hello Bitcoin-Dev,

CVE-2017-9230 (1) (2), or commonly known as =E2=80=98ASICBOOST=E2=80=99 =
is a severe (3) (4) and actively exploited (5) security vulnerability.
=20
To learn more about this vulnerability please read Jeremy Rubin=E2=80=99s =
detailed report:
http://www.mit.edu/~jlrubin//public/pdfs/Asicboost.pdf
=20
Andreas Antonopoulos has an excellent presentation on why asicboost is =
dangerous:
https://www.youtube.com/watch?v=3Dt6jJDD2Aj8k

In decisions on the #bitcoin-core-dev IRC channel; It was proposed, =
without negative feedback, that SegWit be used as a partial-mitigation =
of CVE-2017-9230.

SegWit partially mitigates asicboost with the common reasonable =
assumption that any block that doesn=E2=80=99t include a witness commit =
in it's coinbase transaction was mined using covert asicboost.  Making =
the use of covert asicboost far more conspicuous.

It was also proposed that this partial mitigation should be quickly =
strengthened via another soft-fork that makes the inclusion of witness =
commits mandatory, without negative feedback.

The security trade-offs of deploying a partial-mitigation to =
CVE-2017-9230 quickly vs more slowly but more conservatively is under =
intense debate.  The author of this post has a strong preference to the =
swiftest viable option.

Cameron.


(1) CVE Entry:
https://cve.mitre.org/cgi-bin/cvename.cgi?name=3D+CVE-2017-9230

(2) Announcement of CVE to Mailing List:
=
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-May/014416.ht=
ml

(3) Discussion of the perverse incentives created by 'ASICBOOST' by Ryan =
Grant:
 =
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-May/014352.ht=
ml

(4) Discussion of ASICBOOST's non-independent PoW calculation by Tier =
Nolan:
 =
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-May/014351.ht=
ml

(5) Evidence of Active Exploit by Gregory Maxwell:
=
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-April/013996.=
html