1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
|
Return-Path: <gmaxwell@gmail.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id A916418AD
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 30 Sep 2015 23:25:04 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-ig0-f181.google.com (mail-ig0-f181.google.com
[209.85.213.181])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 0892C1ED
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 30 Sep 2015 23:25:04 +0000 (UTC)
Received: by igbni9 with SMTP id ni9so2873680igb.0
for <bitcoin-dev@lists.linuxfoundation.org>;
Wed, 30 Sep 2015 16:25:03 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=mime-version:in-reply-to:references:date:message-id:subject:from:to
:cc:content-type;
bh=0BHU59/x2iDS5JKRWzWdyo+58t4SmJ5kzGeSdp80Pkk=;
b=ghrK2cbjkK1l38bLSLsdBWRbL2uxdzoZJe8WRZckfs84Ro9OfoCC/HXqgA/e0Re7lp
jCh1KtIf/q3R0hAyKjHTvVFlo372dvqJjVU2U6h1/VmjGUCttMN9eHPGIfcEGVZjOgLd
4y1TFq13zUi0vm9vCUsHDSitJReboDSF8Io53Awfd7DHOq5BFRfXn5kYX+vBFEN2qS8L
PwSXIoIRosEsqee+9PJ4TpdSOgyZaWKHKO/GBnUSBYQhGEUeLWJ1BuOVrLQv+Iuj2yZL
lYIPWUWD5MZksYi0cWh0duKLhZ08bHVVcraKYneggw1Zhb3LkJxCMQlNyb8usXPOXwYn
b02w==
MIME-Version: 1.0
X-Received: by 10.50.23.80 with SMTP id k16mr35784igf.62.1443655503525; Wed,
30 Sep 2015 16:25:03 -0700 (PDT)
Received: by 10.107.19.30 with HTTP; Wed, 30 Sep 2015 16:25:03 -0700 (PDT)
In-Reply-To: <CADm_WcZpdpnov5Tiz3_3gpUyDz=rTkKKvYexBzcFLcHKDUdxJQ@mail.gmail.com>
References: <20150927185031.GA20599@savin.petertodd.org>
<CA+w+GKRCVr-9TVk66utp7xLRgTxNpxYoj3XQE-6y_N8JS6eO6Q@mail.gmail.com>
<CAAS2fgSEDGBd67m7i8zCgNRqtmQrZyZMj7a5TsYo41Dh=tdhHQ@mail.gmail.com>
<CA+w+GKRKGS=KZrLtiW8Zbn4EQH_TELfQR+TfrADCMXLR22Q+tw@mail.gmail.com>
<CADm_WcbJoH27H9ckr5sfmE0gh7YbSjKr1uLse0s3b4GTT+jEAA@mail.gmail.com>
<CA+w+GKS01sVXqNY6a39EjqL8NVO6k1Vq6sd0VZjeqF_tsx7OAA@mail.gmail.com>
<CADm_WcZpdpnov5Tiz3_3gpUyDz=rTkKKvYexBzcFLcHKDUdxJQ@mail.gmail.com>
Date: Wed, 30 Sep 2015 23:25:03 +0000
Message-ID: <CAAS2fgTOSiTeY3=qprRGdQUVvr60JjJjP2SPvVFtRGrQGHL8Vw@mail.gmail.com>
From: Gregory Maxwell <gmaxwell@gmail.com>
To: Jeff Garzik <jgarzik@gmail.com>
Content-Type: text/plain; charset=UTF-8
X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM,
RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
Cc: Bitcoin Dev <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] Let's deploy BIP65 CHECKLOCKTIMEVERIFY!
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Development Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Wed, 30 Sep 2015 23:25:04 -0000
On Wed, Sep 30, 2015 at 10:17 PM, Jeff Garzik <jgarzik@gmail.com> wrote:
> It is correct that security is slightly reduced for full nodes that have not
> upgraded. It is not correct that the choice is binary, full node or SPV.
>
> Any user running a not-upgraded full node still retains protection against
> many attacks outside the subset related to the feature being introduced.
An extra way to look at this is that even absent any rule changes--
users who are asleep at the switch may lose effective security over
time because attackers learn new tricks against existing
vulnerabilities. Security requires a bit of vigilance, inherently.
In many specific cases I think it's hard-to-impossible to articulate a
concrete way that security is lost by users at all, excluding some
small amplification of orphan blocks.
On Wed, Sep 30, 2015 at 9:06 PM, Mike Hearn via bitcoin-dev
<bitcoin-dev@lists.linuxfoundation.org> wrote:
> and is trying to mine it, will keep producing invalid blocks forever until
> the owner shuts it down and upgrades.
This is the outcome guaranteed for absentee miners with a hard fork,
but it is not guaranteed for a soft fork.
> For instance, any miner that has modified/bypassed IsStandard() can do this,
Miners who have changed their code in inadvisable ways can produce
invalid blocks as a result. There are many seemingly innocuous ways
one can produce invalid blocks, and miners have stumbled on a few of
them over the years.
Pedantically, modifying IsStandard() will not have this effect:
Unknown NOPs are now handled via a script validation flag--
SCRIPT_VERIFY_DISCOURAGE_UPGRADABLE_NOPS. Experience (e.g. with
STRICTDER) has show that script validation flags are much more robust
to casual twiddling than IsStandard is.
The only way that script validation flags have been observed getting
bypassed in the field was a miner that had disabled all signature
validation completely (and whom had a not-completely-negligible amount
of hashpower. :( )... as it's a lot more clear that you might be
exposing yourself to trouble if you mess with the validation flags.
> runs an old node from before OP_NOPs were made non-standard.
IIRC; There is no released version of Bitcoin that has IsStandard
which has failed failed to treat the NOPs as non-standard.
There was a brief time in git master between when IsStandardness was
relaxed and NOPs were addressed via a validation flag but I am
reasonably confident that didn't make it into a release.
Regardless, anyone actually running that code of that vintage would
already be incompatible with the current network already due to prior
soft forks.
And as a matter of fact, invalid CLTVs don't currently appear to get
mined. Checking this again pre-release would be a good checklist item.
For prior soft-forks we've monitored and tested for this (with the
goal of going and yelling at any broken miners to fix their behavior).
|
