Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id E05CCCEA for ; Fri, 18 Dec 2015 03:10:03 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from s47.web-hosting.com (s47.web-hosting.com [199.188.200.16]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 7F988110 for ; Fri, 18 Dec 2015 03:10:03 +0000 (UTC) Received: from localhost ([::1]:58090 helo=server47.web-hosting.com) by server47.web-hosting.com with esmtpa (Exim 4.85) (envelope-from ) id 1a9lQg-000764-6a; Thu, 17 Dec 2015 22:10:02 -0500 MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8; format=flowed Content-Transfer-Encoding: 8bit Date: Thu, 17 Dec 2015 22:10:02 -0500 From: jl2012 To: Jonathan Toomim In-Reply-To: References: Message-ID: <6bc6451f3d9cfb5e5a1ba15356c229bc@xbt.hk> X-Sender: jl2012@xbt.hk User-Agent: Roundcube Webmail/1.0.5 X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - server47.web-hosting.com X-AntiAbuse: Original Domain - lists.linuxfoundation.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - xbt.hk X-Get-Message-Sender-Via: server47.web-hosting.com: authenticated_id: jl2012@xbt.hk X-Source: X-Source-Args: X-Source-Dir: X-From-Rewrite: unmodified, already matched X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Mailman-Approved-At: Fri, 18 Dec 2015 03:41:22 +0000 Cc: Bitcoin Dev Subject: Re: [bitcoin-dev] On the security of softforks X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Development Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Dec 2015 03:10:04 -0000 Jonathan Toomim via bitcoin-dev 於 2015-12-17 21:47 寫到: > Mallory wants to defraud Bob with a 1 BTC payment for some beer. Bob > runs the old rules. Bob creates a p2pkh address for Mallory to use. > Mallory takes 1 BTC, and creates an invalid SegWit transaction that > Bob cannot properly validate and that pays into one of Mallory's > wallets. Mallory then immediately spends the unconfirmed transaction > into Bob's address. Bob sees what appears to be a valid transaction > chain which is not actually valid. > > Clueless Carol is one of the 4.9% of miners who forgot to upgrade her > mining node. Carol sees that Mallory included an enormous fee in his > transactions, so Carol makes sure to include both transactions in her > block. > > Mallory gets free beer. > > Anything I'm missing? You miss the fact that 0-conf is not safe, neither 1-conf. What you are suggesting is just a variation of Finney attack.