summaryrefslogtreecommitdiff
path: root/c3/cdfa883fbff2a98bf5d72a0dad74e5835c20ba
blob: 05fe4ce0924f885272a8edfc85b321449b73b42f (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193]
	helo=mx.sourceforge.net)
	by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
	(envelope-from <gavinandresen@gmail.com>) id 1YsWe0-0003YI-En
	for bitcoin-development@lists.sourceforge.net;
	Wed, 13 May 2015 13:24:16 +0000
Received-SPF: pass (sog-mx-3.v43.ch3.sourceforge.com: domain of gmail.com
	designates 209.85.192.42 as permitted sender)
	client-ip=209.85.192.42; envelope-from=gavinandresen@gmail.com;
	helo=mail-qg0-f42.google.com; 
Received: from mail-qg0-f42.google.com ([209.85.192.42])
	by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
	(Exim 4.76) id 1YsWdx-0002Z8-7C
	for bitcoin-development@lists.sourceforge.net;
	Wed, 13 May 2015 13:24:16 +0000
Received: by qgeb100 with SMTP id b100so20995382qge.3
	for <bitcoin-development@lists.sourceforge.net>;
	Wed, 13 May 2015 06:24:07 -0700 (PDT)
X-Received: by 10.140.28.102 with SMTP id 93mr26365505qgy.78.1431523447797;
	Wed, 13 May 2015 06:24:07 -0700 (PDT)
Received: from ?IPv6:2600:1000:b11c:b9df:2d87:d588:1c81:617a?
	([2600:1000:b11c:b9df:2d87:d588:1c81:617a])
	by mx.google.com with ESMTPSA id 10sm15521129qhv.27.2015.05.13.06.24.06
	(version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
	Wed, 13 May 2015 06:24:06 -0700 (PDT)
Content-Type: multipart/alternative;
	boundary=Apple-Mail-1D350ADE-A483-4CFC-A151-4F92256CF5F9
Mime-Version: 1.0 (1.0)
From: Gavin <gavinandresen@gmail.com>
X-Mailer: iPhone Mail (12F70)
In-Reply-To: <CAE28kUR-0ozFg6D4Es7RCm1pA5xaW-E1R_YSTRRTj3z4XXiWxw@mail.gmail.com>
Date: Wed, 13 May 2015 09:24:04 -0400
Content-Transfer-Encoding: 7bit
Message-Id: <E6CE3531-5AFC-49ED-9041-A924B01966BC@gmail.com>
References: <5550D8BE.6070207@electrum.org>
	<ce3d34c92efd1cf57326e4679550944e@national.shitposting.agency>
	<CABsx9T1VgxEJWxrYTs+2hXGnGrSLGJ6mVcAexjXLvK7Vu+e3EA@mail.gmail.com>
	<5551F376.4050008@electrum.org>
	<CABsx9T1h7p3hDr7ty43uxsYs-oNRpndzg=dowST2tXtogxRm2g@mail.gmail.com>
	<555210AF.3090705@electrum.org>
	<CABsx9T3AxM3et7hgXx3+Rn3BvhQkF-Cn797sHcyztkMpD1UQmA@mail.gmail.com>
	<55531E19.3090503@electrum.org>
	<CAE-z3OXa8vk6Q1EBChoRYDOLKw--CXNXz4AokXCbVam_8LFFDg@mail.gmail.com>
	<CAE28kURWFveC0B-WvFebMpGm1GY-8juxQ+UDpuYtOwVnbOgu-A@mail.gmail.com>
	<CAE-z3OVBUu=6sqNc3RUJqFPuqhPdw1Ej0RZ-tSygoQ6LowhVXg@mail.gmail.com>
	<CAE28kUR-0ozFg6D4Es7RCm1pA5xaW-E1R_YSTRRTj3z4XXiWxw@mail.gmail.com>
To: Alex Mizrahi <alex.mizrahi@gmail.com>
X-Spam-Score: -0.6 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
	See http://spamassassin.org/tag/ for more details.
	-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
	sender-domain
	0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
	(gavinandresen[at]gmail.com)
	-0.0 SPF_PASS               SPF: sender matches SPF record
	1.0 HTML_MESSAGE           BODY: HTML included in message
	0.0 MIME_QP_LONG_LINE RAW: Quoted-printable line longer than 76 chars
	-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
	author's domain
	0.1 DKIM_SIGNED            Message has a DKIM or DK signature,
	not necessarily valid
	-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1YsWdx-0002Z8-7C
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Long-term mining incentives
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
	<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Wed, 13 May 2015 13:24:16 -0000


--Apple-Mail-1D350ADE-A483-4CFC-A151-4F92256CF5F9
Content-Type: text/plain;
	charset=us-ascii
Content-Transfer-Encoding: quoted-printable

Checkpoints will be replaced by compiled-in 'at THIS timestamp the main chai=
n had THIS much proof of work.'

That is enough information to prevent attacks and still allow optimizations l=
ike skipping signature checking for ancient transactions.

I don't think anybody is proposing replacing checkpoints with nothing.

--
Gavin Andresen


> On May 13, 2015, at 8:26 AM, Alex Mizrahi <alex.mizrahi@gmail.com> wrote:
>=20
> Let's consider a concrete example:
>=20
> 1. User wants to accept Bitcoin payments, as his customers want this.
> 2. He downloads a recent version of Bitcoin Core, checks hashes and so on.=
 (Maybe even builds from source.)
> 3. Let's it to sync for several hours or days.
> 4. After wallet is synced, he gives his address to customer.
> 5. Customer pays.=20
> 6. User waits 10 confirmations and ships the goods. (Suppose it's somethin=
g very expensive.)
> 7. Some time later, user wants to convert some of his bitcoins to dollars.=
 He sends his bitcoins to an exchange but they never arrive.
>=20
> He tries to investigate, and after some time discovers that his router (or=
 his ISP's router) was hijacked. His Bitcoin node couldn't connect to any of=
 the legitimate nodes, and thus got a complete fake chain from the attacker.=

> Bitcoins he received were totally fake.
>=20
> Bitcoin Core did a shitty job and confirmed some fake transactions.
> User doesn't care that if his network was not impaired, Bitcoin Core would=
 have worked properly.
> The main duty of Bitcoin Core is to check whether transactions are confirm=
ed, and if it can be fooled by a simple router hack, then it does its job po=
orly.
>=20
> If you don't see it being a problem, you should't be allowed to develop an=
ything security-related.
>=20
>> If a node is connected to 99 dishonest nodes and 1 honest node, it can st=
ill sync with the main network.
>=20
> Yes, it is good against Sybil attack, but not good against a network-level=
 attack.
> Attack on user's routers is a very realistic, plausible attack.
> Imagine if SSL could be hacked by hacking a router, would people still use=
 it?
>=20
> Fucking no.
>  =20
>> A 3 month reversal would be devastating, so the checkpoint isn't adding m=
uch extra security.
>=20
> WIthout checkpoints an attacker could prepare a fork for $10.
> With checkpoints, it would cost him at least $1000, but more likely upward=
s of $100000.
> That's quite a difference, no?
>=20
> I do not care what do you think about the reasons why checkpoints were add=
ed, but it is a fact that they make the attack scenario I describe above har=
d to impossible.
>=20
> Without checkpoints, you could perform this attack using a laptop.
> With checkpoints, you need access to significant amounts of mining ASICs.
>=20
> --------------------------------------------------------------------------=
----
> One dashboard for servers and applications across Physical-Virtual-Cloud=20=

> Widest out-of-the-box monitoring support with 50+ applications
> Performance metrics, stats and reports that give you Actionable Insights
> Deep dive visibility with transaction tracing using APM Insight.
> http://ad.doubleclick.net/ddm/clk/290420510;117567292;y
> _______________________________________________
> Bitcoin-development mailing list
> Bitcoin-development@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/bitcoin-development

--Apple-Mail-1D350ADE-A483-4CFC-A151-4F92256CF5F9
Content-Type: text/html;
	charset=utf-8
Content-Transfer-Encoding: quoted-printable

<html><head><meta http-equiv=3D"content-type" content=3D"text/html; charset=3D=
utf-8"></head><body dir=3D"auto"><div>Checkpoints will be replaced by compil=
ed-in 'at THIS timestamp the main chain had THIS much proof of work.'</div><=
div><br></div><div>That is enough information to prevent attacks and still a=
llow optimizations like skipping signature checking for ancient transactions=
.</div><div><br></div><div>I don't think anybody is proposing replacing chec=
kpoints with nothing.<br><br>--<div>Gavin Andresen</div><div><br></div></div=
><div><br>On May 13, 2015, at 8:26 AM, Alex Mizrahi &lt;<a href=3D"mailto:al=
ex.mizrahi@gmail.com">alex.mizrahi@gmail.com</a>&gt; wrote:<br><br></div><bl=
ockquote type=3D"cite"><div><div dir=3D"ltr">Let's consider a concrete examp=
le:<div><br></div><div>1. User wants to accept Bitcoin payments, as his cust=
omers want this.</div><div>2. He downloads a recent version of Bitcoin Core,=
 checks hashes and so on. (Maybe even builds from source.)</div><div>3. Let'=
s it to sync for several hours or days.</div><div>4. After wallet is synced,=
 he gives his address to customer.</div><div>5. Customer pays.&nbsp;</div><d=
iv>6. User waits 10 confirmations and ships the goods. (Suppose it's somethi=
ng very expensive.)</div><div>7. Some time later, user wants to convert some=
 of his bitcoins to dollars. He sends his bitcoins to an exchange but they n=
ever arrive.</div><div><br></div><div>He tries to investigate, and after som=
e time discovers that his router (or his ISP's router) was hijacked. His Bit=
coin node couldn't connect to any of the legitimate nodes, and thus got a co=
mplete fake chain from the attacker.</div><div>Bitcoins he received were tot=
ally fake.</div><div><br></div><div>Bitcoin Core did a shitty job and confir=
med some fake transactions.</div><div>User doesn't care that <i>if </i>his n=
etwork was not impaired, Bitcoin Core <i>would have </i>worked properly.</di=
v><div>The main duty of Bitcoin Core is to check whether transactions are co=
nfirmed, and if it can be fooled by a simple router hack, then it does its j=
ob poorly.</div><div><br></div><div>If you don't see it being a problem, you=
 should't be allowed to develop anything security-related.</div><div><br></d=
iv><div><div class=3D"gmail_extra"><div class=3D"gmail_quote"><blockquote cl=
ass=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #ccc solid;pa=
dding-left:1ex"><div dir=3D"ltr"><div class=3D"gmail_extra"><div class=3D"gm=
ail_quote"><div>If a node is connected to 99 dishonest nodes and 1 honest no=
de, it can still sync with the main network.<br></div></div></div></div></bl=
ockquote><div><br></div><div>Yes, it is good against Sybil attack, but not g=
ood against a network-level attack.</div><div>Attack on user's routers is a v=
ery realistic, plausible attack.</div><div>Imagine if SSL could be hacked by=
 hacking a router, would people still use it?</div><div><br></div><div>Fucki=
ng no.</div><div>&nbsp;&nbsp;</div><blockquote class=3D"gmail_quote" style=3D=
"margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex"><div dir=3D"=
ltr"><div class=3D"gmail_extra"><div class=3D"gmail_quote"><div></div><div>A=
 3 month reversal would be devastating, so the checkpoint isn't adding much e=
xtra security.<br></div></div></div></div></blockquote><div><br></div><div>W=
Ithout checkpoints an attacker could prepare a fork for $10.</div><div>With c=
heckpoints, it would cost him at least $1000, but more likely upwards of $10=
0000.</div><div>That's quite a difference, no?</div><div><br></div><div>I do=
 not care what do you think about the reasons why checkpoints were added, bu=
t it is a fact that they make the attack scenario I describe above hard to i=
mpossible.</div><div><br></div><div>Without checkpoints, you could perform t=
his attack using a laptop.</div><div>With checkpoints, you need access to si=
gnificant amounts of mining ASICs.</div><div><br></div></div></div></div></d=
iv>
</div></blockquote><blockquote type=3D"cite"><div><span>--------------------=
----------------------------------------------------------</span><br><span>O=
ne dashboard for servers and applications across Physical-Virtual-Cloud </sp=
an><br><span>Widest out-of-the-box monitoring support with 50+ applications<=
/span><br><span>Performance metrics, stats and reports that give you Actiona=
ble Insights</span><br><span>Deep dive visibility with transaction tracing u=
sing APM Insight.</span><br><span><a href=3D"http://ad.doubleclick.net/ddm/c=
lk/290420510;117567292;y">http://ad.doubleclick.net/ddm/clk/290420510;117567=
292;y</a></span></div></blockquote><blockquote type=3D"cite"><div><span>____=
___________________________________________</span><br><span>Bitcoin-developm=
ent mailing list</span><br><span><a href=3D"mailto:Bitcoin-development@lists=
.sourceforge.net">Bitcoin-development@lists.sourceforge.net</a></span><br><s=
pan><a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-developm=
ent">https://lists.sourceforge.net/lists/listinfo/bitcoin-development</a></s=
pan><br></div></blockquote></body></html>=

--Apple-Mail-1D350ADE-A483-4CFC-A151-4F92256CF5F9--