1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
|
Return-Path: <da2ce7@gmail.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id 1A9E5B6B
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 26 May 2017 08:02:33 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-lf0-f52.google.com (mail-lf0-f52.google.com
[209.85.215.52])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 311B113D
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 26 May 2017 08:02:32 +0000 (UTC)
Received: by mail-lf0-f52.google.com with SMTP id h4so2098588lfj.3
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 26 May 2017 01:02:32 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
h=mime-version:subject:from:in-reply-to:date:cc
:content-transfer-encoding:message-id:references:to;
bh=zvlOGkcHJ7MfsNDUOUYI39qXNW8MC7F8EOwmcded0cY=;
b=keZMxFCuHBljYoyqDzalrU1mrr6qut36nz+OfAqErGHGQxF8XKzweC8AdDHIcDxFT4
dnmSvqcPomkZSQqHELgY/6RHa7LYhZN0A/5bif/VnYn+BgJEfeZaVbPALVphVxg6xtZl
evGguRM2MxFPvv2NmFj+9kRqZEpBp0B9PYIy3tjg6cqi6EKlTgp3LzD5CdT5MAnbHQO6
gV9TUMxa8xIbq8O48mpk51M7n08MP0P1NRcUJKC31ngH53a2EU8Ly8Wyu5ap5rqYb70O
bYQD82hfrNCgyOmdvoxb0VfMo7n3N1ZqGgZe/AW/oDh6D1EbPaI/kHPJ/+8PKZ+MRf7D
qKyg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc
:content-transfer-encoding:message-id:references:to;
bh=zvlOGkcHJ7MfsNDUOUYI39qXNW8MC7F8EOwmcded0cY=;
b=mAufoJptR6YMNUHCvPysUM/JZfGBRSUy3uGZJC2hwGibFUVS98PGwEJoL/dsN5cCYu
Nk54LelTJ/SFPkgxeA08HEYpn45bFD1AJcUBwIAej2nRC27cjd4p2u61hEkNz8+7d9B8
KXGPqM0cwn/hkqOk9hUQ9KcmdW8zMqeh5TQ5DvIXqiZCiuNAzvt/mN/hE4TzvIAsau/6
k5JdmwWDjuCXnM2vfXKsyTMDiEipDw3Gy/0JZ+qEdZCOdyAbEGEwVAzmI/gNS/O+aqNV
0iH/oo/vp4v/6Lq0+VpFB+d4+vYNJr/2wgFECQmOD6pkbKkzFeLqtL71yy8luXDAIJnn
pMHw==
X-Gm-Message-State: AODbwcDwjQjUBxKxr9iahIKuxq20HEXFJu+2hWJVhekeYJenOmhCbmzB
MRd2mnT5rt089g==
X-Received: by 10.25.22.213 with SMTP id 82mr240431lfw.46.1495785750341;
Fri, 26 May 2017 01:02:30 -0700 (PDT)
Received: from [192.168.1.73] (37-145-225-221.broadband.corbina.ru.
[37.145.225.221])
by smtp.gmail.com with ESMTPSA id u18sm27460lff.10.2017.05.26.01.02.28
(version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Fri, 26 May 2017 01:02:28 -0700 (PDT)
Content-Type: text/plain; charset=utf-8
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
From: Cameron Garnham <da2ce7@gmail.com>
In-Reply-To: <CAFmyj8zNkPj3my3CLzkXdpJ1xkD0GQk8ODg09qYnnj_ONGUtsQ@mail.gmail.com>
Date: Fri, 26 May 2017 11:02:27 +0300
Content-Transfer-Encoding: quoted-printable
Message-Id: <2E6BB6FA-65FF-497F-8AEA-4CC8655BAE69@gmail.com>
References: <D0299438-E848-4696-B323-8D0E810AE491@gmail.com>
<CAFmyj8zNkPj3my3CLzkXdpJ1xkD0GQk8ODg09qYnnj_ONGUtsQ@mail.gmail.com>
To: "Andreas M. Antonopoulos" <andreas@antonopoulos.com>
X-Mailer: Apple Mail (2.3273)
X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID,DKIM_VALID_AU,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM,
RCVD_IN_DNSWL_NONE,RCVD_IN_SORBS_SPAM autolearn=no version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] Emergency Deployment of SegWit as a partial
mitigation of CVE-2017-9230
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Fri, 26 May 2017 08:02:33 -0000
Thank you for your reply Andreas,
I can assure you that I have many motivations for activating SegWit.
Before studding ASICBOOST I wanted to activate SegWit as it is a =
wonderful upgrade for Bitcoin. It seems to me that virtually the entire =
Bitcoin Ecosystem agrees with me. Except for around 67% of the mining =
hash-rate who very conspicuously refuse to signal for it=E2=80=99s =
activation.=20
So, I started searching for the motivations of such a large amount of =
the mining hash-rate holding a position that isn=E2=80=99t at-all =
represented in the wider Bitcoin Community. My study of ASICBOOST lead =
to a =E2=80=98bingo=E2=80=99 moment: If one assumes that the 67% of the =
hash rate that refuse to signal for SegWit are using ASICBOOST. The =
entire picture of this political stalemate became much more =
understandable.
This only strengthened my resolve to activate SegWit: not only is SegWit =
great, it partially mitigates a very serious security vulnerability.
This is why I call into question why you would suggest:
=E2=80=9CThis proposal is unnecessarily conflating two contentious =
issues and will attract criticism of self serving motivation.=E2=80=9D
1. I am not conflating the issues. I would argue that very fact that =
SegWit has not been activated yet is directly because of CVE-2017-9230.
2. I have no reason to believe that SegWit is contentious, except for =
the attackers who it would frustrate.
3. I have no negative responses to my endeavours to get ASICBOOST as =
regarded as a legitimate security vulnerability. This would suggest =
that it is not contentious in the wider technical community.
If SegWit is NOT contentious within the technical community and it is =
NOT contentious to regard CVE-2017-9230 as a credible security =
vulnerability. Then using it as partial security fix for a security =
vulnerability SHOULD NOT be contentious.
If you believe that SegWit is contentious within the technical =
community. Or you believe CVE-2017-9230 should not be regarded as a =
credible security vulnerability. Then I would logically agree with you =
that we should separate the issues so that we may gain consensus. =
However, I just don=E2=80=99t see this as the case.
Cameron.
> On 26 May 2017, at 09:52 , Andreas M. Antonopoulos =
<andreas@antonopoulos.com> wrote:
>=20
> I rarely post here, out of respect to the mailing list. But since my =
name was mentioned...=20
>=20
> I much prefer Gregory Maxwell's proposal to defuse covert ASICBOOST =
(only) with a segwit-like commitment to the coinbase which does not =
obligate miners to signal Segwit or implement Segwit, thus disarming any =
suspicion that the issue is being exploited only to activate Segwit.
>=20
> This proposal is unnecessarily conflating two contentious issues and =
will attract criticism of self serving motivation.
>=20
> Politicising CVE is damaging to the long term bitcoin development and =
to its security. Not claiming that is the intent here, but the damage is =
done by the mere appearance of motive.=20
>=20
>=20
>=20
> On May 26, 2017 16:30, "Cameron Garnham via bitcoin-dev" =
<bitcoin-dev@lists.linuxfoundation.org> wrote:
> Hello Bitcoin-Dev,
>=20
> CVE-2017-9230 (1) (2), or commonly known as =E2=80=98ASICBOOST=E2=80=99 =
is a severe (3) (4) and actively exploited (5) security vulnerability.
>=20
> To learn more about this vulnerability please read Jeremy Rubin=E2=80=99=
s detailed report:
> http://www.mit.edu/~jlrubin//public/pdfs/Asicboost.pdf
>=20
> Andreas Antonopoulos has an excellent presentation on why asicboost is =
dangerous:
> https://www.youtube.com/watch?v=3Dt6jJDD2Aj8k
>=20
> In decisions on the #bitcoin-core-dev IRC channel; It was proposed, =
without negative feedback, that SegWit be used as a partial-mitigation =
of CVE-2017-9230.
>=20
> SegWit partially mitigates asicboost with the common reasonable =
assumption that any block that doesn=E2=80=99t include a witness commit =
in it's coinbase transaction was mined using covert asicboost. Making =
the use of covert asicboost far more conspicuous.
>=20
> It was also proposed that this partial mitigation should be quickly =
strengthened via another soft-fork that makes the inclusion of witness =
commits mandatory, without negative feedback.
>=20
> The security trade-offs of deploying a partial-mitigation to =
CVE-2017-9230 quickly vs more slowly but more conservatively is under =
intense debate. The author of this post has a strong preference to the =
swiftest viable option.
>=20
> Cameron.
>=20
>=20
> (1) CVE Entry:
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=3D+CVE-2017-9230
>=20
> (2) Announcement of CVE to Mailing List:
> =
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-May/014416.ht=
ml
>=20
> (3) Discussion of the perverse incentives created by 'ASICBOOST' by =
Ryan Grant:
> =
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-May/014352.ht=
ml
>=20
> (4) Discussion of ASICBOOST's non-independent PoW calculation by Tier =
Nolan:
> =
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-May/014351.ht=
ml
>=20
> (5) Evidence of Active Exploit by Gregory Maxwell:
> =
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-April/013996.=
html
>=20
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
|