1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
|
Return-Path: <andreas@antonopoulos.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id 33EEAB62
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 26 May 2017 06:52:29 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-oi0-f52.google.com (mail-oi0-f52.google.com
[209.85.218.52])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 7545C161
for <bitcoin-dev@lists.linuxfoundation.org>;
Fri, 26 May 2017 06:52:28 +0000 (UTC)
Received: by mail-oi0-f52.google.com with SMTP id h4so2502087oib.3
for <bitcoin-dev@lists.linuxfoundation.org>;
Thu, 25 May 2017 23:52:28 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=antonopoulos.com; s=antonopoulos;
h=mime-version:in-reply-to:references:from:date:message-id:subject:to
:cc; bh=1nUSjHIY5trW2dKoLiTfjcfgcY3fs0nuve9jgdVkkn8=;
b=ME2YqtU9ZPoDQYqOl0XOHzEowXuqYOQarP0qa0LEWTdCBn+SA+eUEf3E1GF7TG56sr
yAOuOHVrBOL4ASV5nRhsTu8SHpAVPEi+mCi2kCnq3VQAnX6BPuwlp0vy2P6IxtTUEstg
SNVG2agwLfCSOXL+RpCH+5kfOgP0yMQXzBHt0=
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20161025;
h=x-gm-message-state:mime-version:in-reply-to:references:from:date
:message-id:subject:to:cc;
bh=1nUSjHIY5trW2dKoLiTfjcfgcY3fs0nuve9jgdVkkn8=;
b=Nrj+AZgntNH4VtF1wJDnG5Fx+8zItyOZDVrLqquV4P62+eSjglyJ+eVYq4IAl+tHWc
idulTBES3YIy/OEWVjO/WbVBBieYahtSyZWvWlzqWNDpHLPQN8QAAe5kYxBjSPbjP8dI
MwPOAUJG9en5DQVunHlmKiDJ9LyqWI3csVcCmaocJFpKHDiJunPJKKdRFr86VPKwQqo8
3X8X56gMdrKRNVde97MWJ1Ju1IBDdtVsoUOtWPi5PlrNALGnZH8sZW5Q/8yZgBuGfFp+
5n0Mo11zL+lIKbtRFP7HMOWHmRcLAypnzTXTC6KAfAMbF0Jc+oalQxWOwMLjwU9obZVt
KYjw==
X-Gm-Message-State: AODbwcCD0YKbDmqZYGtvMForB7Dp/EzRqsdiY4KO4fPpWZByiAB+ATHw
cGQ7/zhIMq0LlNI3ao/cAOrIIIieh1AX
X-Received: by 10.202.79.7 with SMTP id d7mr177888oib.55.1495781547533; Thu,
25 May 2017 23:52:27 -0700 (PDT)
MIME-Version: 1.0
Received: by 10.182.111.103 with HTTP; Thu, 25 May 2017 23:52:26 -0700 (PDT)
Received: by 10.182.111.103 with HTTP; Thu, 25 May 2017 23:52:26 -0700 (PDT)
In-Reply-To: <D0299438-E848-4696-B323-8D0E810AE491@gmail.com>
References: <D0299438-E848-4696-B323-8D0E810AE491@gmail.com>
From: "Andreas M. Antonopoulos" <andreas@antonopoulos.com>
Date: Fri, 26 May 2017 16:52:26 +1000
Message-ID: <CAFmyj8zNkPj3my3CLzkXdpJ1xkD0GQk8ODg09qYnnj_ONGUtsQ@mail.gmail.com>
To: Cameron Garnham <da2ce7@gmail.com>
Content-Type: multipart/alternative; boundary="001a113d720ecd87b5055067c733"
X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,DKIM_SIGNED,
HTML_MESSAGE, RCVD_IN_SORBS_SPAM,
T_DKIM_INVALID autolearn=no version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
X-Mailman-Approved-At: Fri, 26 May 2017 13:59:31 +0000
Cc: Bitcoin Protocol Discussion <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] Emergency Deployment of SegWit as a partial
mitigation of CVE-2017-9230
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Fri, 26 May 2017 06:52:29 -0000
--001a113d720ecd87b5055067c733
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
I rarely post here, out of respect to the mailing list. But since my name
was mentioned...
I much prefer Gregory Maxwell's proposal to defuse covert ASICBOOST (only)
with a segwit-like commitment to the coinbase which does not obligate
miners to signal Segwit or implement Segwit, thus disarming any suspicion
that the issue is being exploited only to activate Segwit.
This proposal is unnecessarily conflating two contentious issues and will
attract criticism of self serving motivation.
Politicising CVE is damaging to the long term bitcoin development and to
its security. Not claiming that is the intent here, but the damage is done
by the mere appearance of motive.
On May 26, 2017 16:30, "Cameron Garnham via bitcoin-dev" <
bitcoin-dev@lists.linuxfoundation.org> wrote:
> Hello Bitcoin-Dev,
>
> CVE-2017-9230 (1) (2), or commonly known as =E2=80=98ASICBOOST=E2=80=99 i=
s a severe (3)
> (4) and actively exploited (5) security vulnerability.
>
> To learn more about this vulnerability please read Jeremy Rubin=E2=80=99s=
detailed
> report:
> http://www.mit.edu/~jlrubin//public/pdfs/Asicboost.pdf
>
> Andreas Antonopoulos has an excellent presentation on why asicboost is
> dangerous:
> https://www.youtube.com/watch?v=3Dt6jJDD2Aj8k
>
> In decisions on the #bitcoin-core-dev IRC channel; It was proposed,
> without negative feedback, that SegWit be used as a partial-mitigation of
> CVE-2017-9230.
>
> SegWit partially mitigates asicboost with the common reasonable assumptio=
n
> that any block that doesn=E2=80=99t include a witness commit in it's coin=
base
> transaction was mined using covert asicboost. Making the use of covert
> asicboost far more conspicuous.
>
> It was also proposed that this partial mitigation should be quickly
> strengthened via another soft-fork that makes the inclusion of witness
> commits mandatory, without negative feedback.
>
> The security trade-offs of deploying a partial-mitigation to CVE-2017-923=
0
> quickly vs more slowly but more conservatively is under intense debate.
> The author of this post has a strong preference to the swiftest viable
> option.
>
> Cameron.
>
>
> (1) CVE Entry:
> https://cve.mitre.org/cgi-bin/cvename.cgi?name=3D+CVE-2017-9230
>
> (2) Announcement of CVE to Mailing List:
> https://lists.linuxfoundation.org/pipermail/bitcoin-dev/
> 2017-May/014416.html
>
> (3) Discussion of the perverse incentives created by 'ASICBOOST' by Ryan
> Grant:
> https://lists.linuxfoundation.org/pipermail/bitcoin-dev/
> 2017-May/014352.html
>
> (4) Discussion of ASICBOOST's non-independent PoW calculation by Tier
> Nolan:
> https://lists.linuxfoundation.org/pipermail/bitcoin-dev/
> 2017-May/014351.html
>
> (5) Evidence of Active Exploit by Gregory Maxwell:
> https://lists.linuxfoundation.org/pipermail/bitcoin-dev/
> 2017-April/013996.html
>
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev@lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>
--001a113d720ecd87b5055067c733
Content-Type: text/html; charset="UTF-8"
Content-Transfer-Encoding: quoted-printable
<div dir=3D"auto">I rarely post here, out of respect to the mailing list. B=
ut since my name was mentioned...=C2=A0<div dir=3D"auto"><br></div><div dir=
=3D"auto">I much prefer Gregory Maxwell's proposal to defuse covert ASI=
CBOOST (only) with a segwit-like commitment to the coinbase which does not =
obligate miners to signal Segwit or implement Segwit, thus disarming any su=
spicion that the issue is being exploited only to activate Segwit.</div><di=
v dir=3D"auto"><br></div><div dir=3D"auto">This proposal is unnecessarily c=
onflating two contentious issues and will attract criticism of self serving=
motivation.</div><div dir=3D"auto"><br></div><div dir=3D"auto">Politicisin=
g CVE =C2=A0is damaging to the long term bitcoin development and to its sec=
urity. Not claiming that is the intent here, but the damage is done by the =
mere appearance of motive.=C2=A0</div><div dir=3D"auto"><br></div><div dir=
=3D"auto"><br></div></div><div class=3D"gmail_extra"><br><div class=3D"gmai=
l_quote">On May 26, 2017 16:30, "Cameron Garnham via bitcoin-dev"=
<<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org">bitcoin-dev@l=
ists.linuxfoundation.org</a>> wrote:<br type=3D"attribution"><blockquote=
class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc soli=
d;padding-left:1ex">Hello Bitcoin-Dev,<br>
<br>
CVE-2017-9230 (1) (2), or commonly known as =E2=80=98ASICBOOST=E2=80=99 is =
a severe (3) (4) and actively exploited (5) security vulnerability.<br>
<br>
To learn more about this vulnerability please read Jeremy Rubin=E2=80=99s d=
etailed report:<br>
<a href=3D"http://www.mit.edu/~jlrubin//public/pdfs/Asicboost.pdf" rel=3D"n=
oreferrer" target=3D"_blank">http://www.mit.edu/~jlrubin//<wbr>public/pdfs/=
Asicboost.pdf</a><br>
<br>
Andreas Antonopoulos has an excellent presentation on why asicboost is dang=
erous:<br>
<a href=3D"https://www.youtube.com/watch?v=3Dt6jJDD2Aj8k" rel=3D"noreferrer=
" target=3D"_blank">https://www.youtube.com/watch?<wbr>v=3Dt6jJDD2Aj8k</a><=
br>
<br>
In decisions on the #bitcoin-core-dev IRC channel; It was proposed, without=
negative feedback, that SegWit be used as a partial-mitigation of CVE-2017=
-9230.<br>
<br>
SegWit partially mitigates asicboost with the common reasonable assumption =
that any block that doesn=E2=80=99t include a witness commit in it's co=
inbase transaction was mined using covert asicboost.=C2=A0 Making the use o=
f covert asicboost far more conspicuous.<br>
<br>
It was also proposed that this partial mitigation should be quickly strengt=
hened via another soft-fork that makes the inclusion of witness commits man=
datory, without negative feedback.<br>
<br>
The security trade-offs of deploying a partial-mitigation to CVE-2017-9230 =
quickly vs more slowly but more conservatively is under intense debate.=C2=
=A0 The author of this post has a strong preference to the swiftest viable =
option.<br>
<br>
Cameron.<br>
<br>
<br>
(1) CVE Entry:<br>
<a href=3D"https://cve.mitre.org/cgi-bin/cvename.cgi?name=3D+CVE-2017-9230"=
rel=3D"noreferrer" target=3D"_blank">https://cve.mitre.org/cgi-bin/<wbr>cv=
ename.cgi?name=3D+CVE-2017-<wbr>9230</a><br>
<br>
(2) Announcement of CVE to Mailing List:<br>
<a href=3D"https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-May=
/014416.html" rel=3D"noreferrer" target=3D"_blank">https://lists.linuxfound=
ation.<wbr>org/pipermail/bitcoin-dev/<wbr>2017-May/014416.html</a><br>
<br>
(3) Discussion of the perverse incentives created by 'ASICBOOST' by=
Ryan Grant:<br>
=C2=A0<a href=3D"https://lists.linuxfoundation.org/pipermail/bitcoin-dev/20=
17-May/014352.html" rel=3D"noreferrer" target=3D"_blank">https://lists.linu=
xfoundation.<wbr>org/pipermail/bitcoin-dev/<wbr>2017-May/014352.html</a><br=
>
<br>
(4) Discussion of ASICBOOST's non-independent PoW calculation by Tier N=
olan:<br>
=C2=A0<a href=3D"https://lists.linuxfoundation.org/pipermail/bitcoin-dev/20=
17-May/014351.html" rel=3D"noreferrer" target=3D"_blank">https://lists.linu=
xfoundation.<wbr>org/pipermail/bitcoin-dev/<wbr>2017-May/014351.html</a><br=
>
<br>
(5) Evidence of Active Exploit by Gregory Maxwell:<br>
<a href=3D"https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-Apr=
il/013996.html" rel=3D"noreferrer" target=3D"_blank">https://lists.linuxfou=
ndation.<wbr>org/pipermail/bitcoin-dev/<wbr>2017-April/013996.html</a><br>
<br>
______________________________<wbr>_________________<br>
bitcoin-dev mailing list<br>
<a href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org">bitcoin-dev@lists.=
<wbr>linuxfoundation.org</a><br>
<a href=3D"https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev" =
rel=3D"noreferrer" target=3D"_blank">https://lists.linuxfoundation.<wbr>org=
/mailman/listinfo/bitcoin-<wbr>dev</a><br>
</blockquote></div></div>
--001a113d720ecd87b5055067c733--
|
