1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
|
Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192]
helo=mx.sourceforge.net)
by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <pieter.wuille@gmail.com>) id 1UOrc0-0000P7-5H
for bitcoin-development@lists.sourceforge.net;
Sun, 07 Apr 2013 15:34:32 +0000
Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of gmail.com
designates 209.85.210.171 as permitted sender)
client-ip=209.85.210.171; envelope-from=pieter.wuille@gmail.com;
helo=mail-ia0-f171.google.com;
Received: from mail-ia0-f171.google.com ([209.85.210.171])
by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1UOrbv-0000SB-ND
for bitcoin-development@lists.sourceforge.net;
Sun, 07 Apr 2013 15:34:32 +0000
Received: by mail-ia0-f171.google.com with SMTP id x2so15506iad.30
for <bitcoin-development@lists.sourceforge.net>;
Sun, 07 Apr 2013 08:34:22 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.50.154.71 with SMTP id vm7mr4462006igb.9.1365348862403; Sun,
07 Apr 2013 08:34:22 -0700 (PDT)
Received: by 10.50.92.4 with HTTP; Sun, 7 Apr 2013 08:34:22 -0700 (PDT)
Date: Sun, 7 Apr 2013 17:34:22 +0200
Message-ID: <CAPg+sBhYuK79Gost2p1ksytNUTjAHz1REC1DRQaP2UD=cjRA0g@mail.gmail.com>
From: Pieter Wuille <pieter.wuille@gmail.com>
To: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Content-Type: multipart/alternative; boundary=047d7bd76af6f02d5e04d9c70da0
X-Spam-Score: -0.6 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(pieter.wuille[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
1.0 HTML_MESSAGE BODY: HTML included in message
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1UOrbv-0000SB-ND
Subject: [Bitcoin-development] Who is creating non-DER signatures?
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Sun, 07 Apr 2013 15:34:32 -0000
--047d7bd76af6f02d5e04d9c70da0
Content-Type: text/plain; charset=ISO-8859-1
(cross-post from bitcointalk.org)
Hello all,
as some may know, Bitcoin uses DER-encoded signatures in its transactions.
However, OpenSSL (which is used to verify them) accepts more than just the
strict DER specification (it allows negative numbers, extra zero padding,
extra bytes at the end, and perhaps more). As we don't like the de-facto
specification of the Bitcoin block validity rules to depend on OpenSSL,
we're trying to introduce a rule to make such non-standard signatures
invalid. Obviously, that can't be done as long as any significant amount of
clients on the network is creating these.
I've monitored all transactions the past weeks (1.4M transactions), and it
seems 9641 of them contain at least one non-standard signature. See
https://bitcointalk.org/index.php?topic=169620.0 for a list of the top
addresses that had coins used as inputs in such transactions. If you
recognize any of these addresses, or have an idea of who owns them or what
software they are using, please let me know.
Thanks!
--
Pieter
--047d7bd76af6f02d5e04d9c70da0
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div style>(cross-post from <a href=3D"http://bitcointalk.=
org">bitcointalk.org</a>)</div><div style><br></div>Hello all,<div><br></di=
v><div><div>as some may know, Bitcoin uses DER-encoded signatures in its tr=
ansactions. However, OpenSSL (which is used to verify them) accepts more th=
an just the strict DER specification (it allows negative numbers, extra zer=
o padding, extra bytes at the end, and perhaps more). As we don't like =
the de-facto specification of the Bitcoin block validity rules to depend on=
OpenSSL, we're trying to introduce a rule to make such non-standard si=
gnatures invalid. Obviously, that can't be done as long as any signific=
ant amount of clients on the network is creating these.<br>
</div><div><br></div><div>I've monitored all transactions the past week=
s (1.4M transactions), and it seems 9641 of them contain at least one non-s=
tandard signature. See=A0<a href=3D"https://bitcointalk.org/index.php?topic=
=3D169620.0">https://bitcointalk.org/index.php?topic=3D169620.0</a>=A0for a=
list of the top addresses that had coins used as inputs in such transactio=
ns. If you recognize any of these addresses, or have an idea of who owns th=
em or what software they are using, please let me know.</div>
<div><br></div><div>Thanks!</div></div><div><br></div><div>--=A0</div><div =
style>Pieter</div><div style><br></div></div>
--047d7bd76af6f02d5e04d9c70da0--
|
