1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
|
Return-Path: <user@petertodd.org>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id 569E7187D
for <bitcoin-dev@lists.linuxfoundation.org>;
Sat, 9 Jun 2018 13:03:04 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from outmail148096.authsmtp.net (outmail148096.authsmtp.net
[62.13.148.96])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id ADCDC604
for <bitcoin-dev@lists.linuxfoundation.org>;
Sat, 9 Jun 2018 13:03:03 +0000 (UTC)
Received: from mail-c245.authsmtp.com (mail-c245.authsmtp.com [62.13.128.245])
by punt24.authsmtp.com. (8.15.2/8.15.2) with ESMTP id w59D2xfA052005;
Sat, 9 Jun 2018 14:02:59 +0100 (BST)
(envelope-from user@petertodd.org)
Received: from petertodd.org (ec2-52-5-185-120.compute-1.amazonaws.com
[52.5.185.120]) (authenticated bits=0)
by mail.authsmtp.com (8.15.2/8.15.2) with ESMTPSA id w59D2uHD071944
(version=TLSv1.2 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NO);
Sat, 9 Jun 2018 14:02:58 +0100 (BST)
(envelope-from user@petertodd.org)
Received: from [127.0.0.1] (localhost [127.0.0.1])
by petertodd.org (Postfix) with ESMTPSA id 96413400FB;
Sat, 9 Jun 2018 13:02:56 +0000 (UTC)
Received: by localhost (Postfix, from userid 1000)
id 29A7122043; Sat, 9 Jun 2018 09:02:55 -0400 (EDT)
Date: Sat, 9 Jun 2018 09:02:55 -0400
From: Peter Todd <pete@petertodd.org>
To: Sergio Demian Lerner <sergio.d.lerner@gmail.com>
Message-ID: <20180609130255.ngtnxumxlfqrutpn@petertodd.org>
References: <20180607171311.6qdjohfuuy3ufriv@petertodd.org>
<CAHUJnBB7UL3mH6SixP_M4yooMVP3DgZa+5hiQOmF=AiqfdpfOg@mail.gmail.com>
<20180607222028.zbva4vrv64dzrmxy@petertodd.org>
<CAHUJnBCj8wnjP1=jobfpg7jkfjkX9iSBLeeAOyQCpobh6-AhUA@mail.gmail.com>
<CAKzdR-paqYgOxToikaVD=0GMsCjHBaynX3WgB-CN6Sn7B7kRXw@mail.gmail.com>
<CAKzdR-rz2-D5pbcoSw0CK9tR-UY46ybYaZDmUMYTjBgvkL6ugg@mail.gmail.com>
<20180609124516.6ms6t7r5t7ikved6@petertodd.org>
<CAKzdR-omk7wCk5c_9T28O2Hc-Uzui5S4B_BuDLFt27RWSFzdJw@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature"; boundary="7nyfmscui5cbuox5"
Content-Disposition: inline
In-Reply-To: <CAKzdR-omk7wCk5c_9T28O2Hc-Uzui5S4B_BuDLFt27RWSFzdJw@mail.gmail.com>
User-Agent: NeoMutt/20170113 (1.7.2)
X-Server-Quench: 6ec1f7ef-6be5-11e8-a283-9cb654bb2504
X-AuthReport-Spam: If SPAM / abuse - report it at:
http://www.authsmtp.com/abuse
X-AuthRoute: OCd2Yg0TA1ZIVwkA IjsJECJaVQIpKltL GxAVKBZePFsRUQkR
aQdMdgsUEkAaAgsB Am4bWlBeUF97XGs7 bghPaBtcak9QXgdq
T0pMXVMcUwBhdR5E fmoeVRh7cwEIcXt0 ZQhkCyNaCkMvI1t7
EBtRCGwHMG99OWIX U11RJFFSdQcYLB1A alQxNiYHcQ5VPz4z
GA41ejw8IwAXFD5I WR0AIRoXTFwIGjN0 WwoPEH0jEFUZR209
KAZuMVcSEQ4NIg0z N1AlREkZNBlwQhVE GEZDG2dGJkUBQDc3
RQoSRkkQDHVTRj1f agAA
X-Authentic-SMTP: 61633532353630.1039:706
X-AuthFastPath: 0 (Was 255)
X-AuthSMTP-Origin: 52.5.185.120/25
X-AuthVirus-Status: No virus detected - but ensure you scan with your own
anti-virus system.
X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,RCVD_IN_DNSWL_LOW
autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
Cc: bitcoin-dev <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] Trusted merkle tree depth for safe tx inclusion
proofs without a soft fork
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Sat, 09 Jun 2018 13:03:04 -0000
--7nyfmscui5cbuox5
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Sat, Jun 09, 2018 at 02:51:55PM +0200, Sergio Demian Lerner wrote:
> Yo can fool a SPV wallet even if it requires a thousands confirmations
> using this attack, and you don't need a Sybil attack, so yes, it impacts
> SPV wallets also. The protections a SPV node should have to prevent this
> attack are different, so it must be considered separately.
There's hardly any cases where "thousands of confirmations" change anything.
Anyway, SPV is a discredited concept and we shouldn't be concerning ourselv=
es
with it.
> It should be said that a SPV node can avoid accepting payments if any
> Merkle node is at the same time a valid transaction, and that basically
> almost eliminates the problem.
Indeed it does: between the number of txouts, scriptSig length, scriptPubKey
length, and the upper bits of nValue we have ~32 known bits that we can use=
to
distinguish between inner nodes and transactions. That's a false positive r=
ate
of under one in a billion, so no issues there.
--=20
https://petertodd.org 'peter'[:-1]@petertodd.org
--7nyfmscui5cbuox5
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEEFcyURjhyM68BBPYTJIFAPaXwkfsFAlsbz/sACgkQJIFAPaXw
kft/LAf/a/Ft7Ol4f9Nn+gqBJHBDMNLoggy2QvZLWMUUOL5rzZnn3hIaupymU38U
EZ3PBNrce631lsfzp471Qj/vFsHswcapD6gm690NYrnktYkiGg2jYxyWLJrckxF7
KuoN6jDh1cfg2y9sCZq0n3I1g462zmEbPvtKWHQpNMzbJP3dO7SQG7swUXBPFZkY
YemCSQd/G5wWXjxvsFkD39SXNpcNdy83qR47jr41qksobK6q4y0kJvXn+Qd6lj6y
L7v93e6W0FAtrSW9GHykCAY383mv5DceQPKEHlzS0YgUVxDt1vW0nHCmuF/67lbe
WsIHfxE76cnsxw2PHu+z6TlRrSAoow==
=4LRB
-----END PGP SIGNATURE-----
--7nyfmscui5cbuox5--
|