1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
|
Delivery-date: Thu, 28 Mar 2024 12:29:35 -0700
Received: from mail-oa1-f56.google.com ([209.85.160.56])
by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
(Exim 4.94.2)
(envelope-from <bitcoindev+bncBDRYHVHZTUGRBF4KS6YAMGQEZZFWNIQ@googlegroups.com>)
id 1rpvRO-0007yo-Oz
for bitcoindev@gnusha.org; Thu, 28 Mar 2024 12:29:35 -0700
Received: by mail-oa1-f56.google.com with SMTP id 586e51a60fabf-22a0b2edd89sf1304823fac.2
for <bitcoindev@gnusha.org>; Thu, 28 Mar 2024 12:29:34 -0700 (PDT)
ARC-Seal: i=2; a=rsa-sha256; t=1711654169; cv=pass;
d=google.com; s=arc-20160816;
b=mLCdWNiWvHK6Hi7NrgV5KJ8mByo3ftPYmF+GGj522NTP2pVz3tYXKcTQiRDiGAYSJq
LqHjGK0L++hALHp/+KnZt2PwdhtxYndPQW4uZUirXXsX2sB/pTDvxWLmKGhpQtlYj3oh
t+nFe+grXbIj9yeJC9Tk1IXZ2V3ya8eSVp+2ohyA6ZhcP4Iw2LofXCUQOyb3P1CT/O8E
EMA261cNvkJidr6QzqkIwufku7R1juiiK7nAZmA8DDWnH0anbv7B1sezXR1JrTtdnYfl
T1JPs47uO6FoNFUzAGnF4upAWYueV8GgNl4IDER/GG8Ide0W25/HbkAcCckCBpPms2DM
hhwA==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:in-reply-to:content-disposition
:mime-version:references:message-id:subject:cc:to:from:date
:feedback-id:sender:dkim-signature;
bh=6+yt32JF+FI1gNsfzkjROno5CQrwQ0V+FzPUOJbqWro=;
fh=mV10C0rNPEi87ZMC9L8AkHG24dMEy+K8X+b3zdF9VgQ=;
b=S2vnQy196VFwxeBteRCfDBARIX/h+LwNkhvmLBoTZzHNk/2eXHFxLlhhUNsoXvRmVN
YLUESK+Ww8MVgrW5W2PBM81dJBs2AczTxSzAxHyMVG1mHp1HTg95YFrKXl/w0RHMxf4F
09Q/IjWMABGR2fpXkn80BnpCvEn4QcywBGMpcgfumCcQb1J54+wHBSE+oqCZBrQ5LtFV
G+E0ygooxt+O8JnhwaK9+mwNlHKT8EGfdRzjTCX8WIwRge5/tIIdGBf+04wwFpF67jPQ
8mihzT9J0GwjQ5VuZBMbEz3Ark4ayT7vtzH0TO2wSp+u+H2ES3I7sH7MFl2HVpb4MMoE
Hi8A==;
darn=gnusha.org
ARC-Authentication-Results: i=2; gmr-mx.google.com;
dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=vhtgtI8J;
spf=pass (google.com: domain of pete@petertodd.org designates 64.147.123.147 as permitted sender) smtp.mailfrom=pete@petertodd.org
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=googlegroups.com; s=20230601; t=1711654169; x=1712258969; darn=gnusha.org;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:x-original-authentication-results
:x-original-sender:in-reply-to:content-disposition:mime-version
:references:message-id:subject:cc:to:from:date:feedback-id:sender
:from:to:cc:subject:date:message-id:reply-to;
bh=6+yt32JF+FI1gNsfzkjROno5CQrwQ0V+FzPUOJbqWro=;
b=BovTgkGZL/bpA19fjvzS8SiH6Hrf7kwQhERRxfyJ6fj1MXNP/M7ul3NmX6TsVNMogi
LduDUTzb+vVlhAoGzdJfrz0OoCFIDvuTsL4EEPl42TOZ54QpUGXF0dFg6jvSyfjmvow8
5BkUQLEgCreVkYKVCGy7L3Menv85NS7FUqyk+5qSufWuHKTnIVW9sgACpBaTA2tXXios
XfQ4BvF1sMQca5IfUgbyToBuel6PWSHO4CqtfsP6oEvrVfuUA1Pf91GUh63aeVY/qbHv
BLBPW08no5MJJYmVBQ1OfEmUQ8NBeuXmC2cnuxzZYMjAlxLh6Nr1qDNubKWSRK65cbT4
ibIQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1711654169; x=1712258969;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:x-original-authentication-results
:x-original-sender:in-reply-to:content-disposition:mime-version
:references:message-id:subject:cc:to:from:date:feedback-id
:x-beenthere:x-gm-message-state:sender:from:to:cc:subject:date
:message-id:reply-to;
bh=6+yt32JF+FI1gNsfzkjROno5CQrwQ0V+FzPUOJbqWro=;
b=tJmYqOsj0bOtKxozlZka/J3BLRV0MFbIvT00u97MDunikGZ+uiaK2EAYbkhARftGyz
UKbYpi9lAtYUy39pkGPEenkG7cSHFrdGHn8nv1BECrMYb3n4bpYuPaWiayXVTZaG2Uww
CfPDo53n8eTNEC8Ej3UFgHwhmwajll+36eZCiXW6lztCkVym1PnlerRgFqqFv9K5STO2
gnnoZ4FAxTvxySPEdWvUjKPOYDWcpMv//bbtMRhjH2k4+CInUU31SkNeOnpkffFSDOSV
FqiDJ4ZEHUGXEMCPYQ1y9ggphiOGkBIXfsE+b7DZIqep0X7iQV24DrZIKV+eryxH28kn
iaBw==
Sender: bitcoindev@googlegroups.com
X-Forwarded-Encrypted: i=2; AJvYcCUA5Ix3VBjSu1hNnSkRJcEDh3Y9MSJbN7PzGTDddXHFJfeiMN/ioung7VHR0Nh1SBtksZvvT6mtXTV7Zskca9NhLEKE0Fg=
X-Gm-Message-State: AOJu0YzUqklHec7XVFxoCt7u9IU1k8YYFmpYyNtd8TfTPrGy4lf+chiy
5CxJ2svw8AfZE9p2Pt54qDW7UpNWpFnq8M3rDNed8ATmEf2oBrhO
X-Google-Smtp-Source: AGHT+IHPAMT1FKMja/P9K6o4jVoVKaZEoHyLF/0saheLeW+Szzo/9iB87HSOZUfHhw1cGPSzKa/LQg==
X-Received: by 2002:a05:6870:390b:b0:221:b1ad:187f with SMTP id b11-20020a056870390b00b00221b1ad187fmr170565oap.29.1711654168690;
Thu, 28 Mar 2024 12:29:28 -0700 (PDT)
X-BeenThere: bitcoindev@googlegroups.com
Received: by 2002:ac8:45c5:0:b0:432:b2f9:64f3 with SMTP id e5-20020ac845c5000000b00432b2f964f3ls1136433qto.1.-pod-prod-01-us;
Thu, 28 Mar 2024 12:29:27 -0700 (PDT)
X-Forwarded-Encrypted: i=2; AJvYcCXun4d41P4JwA2zY7LqwHrz0Wxn2x5OREpPS47ULmrdE5VYzt92ArsJxbGVmsFgRD+7czywabfrSmze3tXePQmLnyoZCmtveYAjnPE=
X-Received: by 2002:a05:622a:14d:b0:431:508e:27e7 with SMTP id v13-20020a05622a014d00b00431508e27e7mr876qtw.3.1711654166992;
Thu, 28 Mar 2024 12:29:26 -0700 (PDT)
Received: by 2002:a05:620a:28d0:b0:78a:4813:d207 with SMTP id af79cd13be357-78bc5d1eca3ms85a;
Thu, 28 Mar 2024 12:16:32 -0700 (PDT)
X-Forwarded-Encrypted: i=2; AJvYcCWbjjmVnd0/lXE3IBhCUSVVMwxijnIhmszpymZ/kyBXR7DoR+EEqo02wtMWiZhG/7I6H9071ySCG0u7FP6i+ZOH5DDbmWrb98KAyxY=
X-Received: by 2002:a67:f8cf:0:b0:476:dcd0:e30d with SMTP id c15-20020a67f8cf000000b00476dcd0e30dmr36569vsp.8.1711653391100;
Thu, 28 Mar 2024 12:16:31 -0700 (PDT)
ARC-Seal: i=1; a=rsa-sha256; t=1711653391; cv=none;
d=google.com; s=arc-20160816;
b=v3dEnNCV9Tds9K7KcoDug4ghjqLMwGk94xt7yS8/oZG3Ne6Aoda7I/GDCE3zbdaLzQ
yHxiKpKylAAYvL31M5bpqMWol41BZoa+eM25f5+8xUCOl226qWFQPOtOkkc/rQPjd3Rf
oVK5ZWkvAbjdmNADdVqurxEPWQt5xwVXBCqkYDYES9TTNP5w6iwjCKfo1OOVNiN8eg9R
7j2stSaveIZKJZ3OjDFXKLmqg9hRnvID5BUCEOv4aU+a925ignTymIqyfa//KI6TeOWi
Qv/S4ClUB5pBNXQ1VblBphwhYHhKJR26R6KIFMbWc4sY3HqLei+/0T0WoO9+b0EKn67w
d0mw==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816;
h=in-reply-to:content-disposition:mime-version:references:message-id
:subject:cc:to:from:date:feedback-id:dkim-signature;
bh=cpO2TwUnqAUHgH1rfqIkrY12VqnHhb4o4l069jgK/xE=;
fh=sWiV54kOmo8ROKrghwW+MXZzTzZ0L10T4YCLAn/t348=;
b=PfyB2E6niz65XkXlzNE+XwQPwkJsfuIN9blF38NxX9bXCoF1CTEvdVAwgZpQESkC40
scd6Ldcx4Hza3McuC+QsGPqzaBop/I+F3sY7wEGrYSHOdD+1jpYZM1j2o5BMzK2jKVGq
mAvYuOsPaK7Q47pcIryHZF7+EVXq5nW0V9fJ1f6B5KbDv0rcoTwqxdfZ9JxZea7/DFrf
Qnste2lRvMmtK6p9Y/mZDuvc2UPQoqMxGJ0TI1ENWvX2IhPZeilsSkrr399UVMuKtiW7
0M3ldrrE1U8mw7HjhyZxLVeuPGRyxv2sXmsSZYlIINMMcy5m+ygmf/Ztdn7dtnyskroR
XB/Q==;
dara=google.com
ARC-Authentication-Results: i=1; gmr-mx.google.com;
dkim=pass header.i=@messagingengine.com header.s=fm2 header.b=vhtgtI8J;
spf=pass (google.com: domain of pete@petertodd.org designates 64.147.123.147 as permitted sender) smtp.mailfrom=pete@petertodd.org
Received: from wfout4-smtp.messagingengine.com (wfout4-smtp.messagingengine.com. [64.147.123.147])
by gmr-mx.google.com with ESMTPS id h13-20020a0561023d8d00b0047309ffd6fesi263326vsv.2.2024.03.28.12.16.30
for <bitcoindev@googlegroups.com>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Thu, 28 Mar 2024 12:16:30 -0700 (PDT)
Received-SPF: pass (google.com: domain of pete@petertodd.org designates 64.147.123.147 as permitted sender) client-ip=64.147.123.147;
Received: from compute1.internal (compute1.nyi.internal [10.202.2.41])
by mailfout.west.internal (Postfix) with ESMTP id B6E261C00074;
Thu, 28 Mar 2024 15:16:29 -0400 (EDT)
Received: from mailfrontend1 ([10.202.2.162])
by compute1.internal (MEProxy); Thu, 28 Mar 2024 15:16:30 -0400
X-ME-Sender: <xms:DMIFZlIh2q72e8Dc2X-Ilb_-5HMwOnDDKh99PWHTTkLz_N2g0a_XVg>
<xme:DMIFZhL4XYjzaCeJaW0c-D3AzWrnq4tBbVO2C2xTW91W_-TXI7e8W0VVuPAbfhr9m
q2GXH26atCMY2yaZPc>
X-ME-Received: <xmr:DMIFZtsj28AjApSlym7cMQ-qeVkkoHf8vYGsIly3DA2c-m4BgLRXsPDuCg>
X-ME-Proxy-Cause: gggruggvucftvghtrhhoucdtuddrgedvledrudduledguddvtdcutefuodetggdotefrod
ftvfcurfhrohhfihhlvgemucfhrghsthforghilhdpqfgfvfdpuffrtefokffrpgfnqfgh
necuuegrihhlohhuthemuceftddtnecusecvtfgvtghiphhivghnthhsucdlqddutddtmd
enucfjughrpeffhffvvefukfhfgggtuggjsehgtderredttddvnecuhfhrohhmpefrvght
vghrucfvohguugcuoehpvghtvgesphgvthgvrhhtohguugdrohhrgheqnecuggftrfgrth
htvghrnhepheefjeegfeegffetteevvedugfejkeegleduueehffeuhfejgeefheeguefg
keejnecuffhomhgrihhnpegsihhtshhlohhgrdgtohhmpdhpvghtvghrthhouggurdhorh
hgnecuvehluhhsthgvrhfuihiivgeptdenucfrrghrrghmpehmrghilhhfrhhomhepphgv
thgvsehpvghtvghrthhouggurdhorhhg
X-ME-Proxy: <xmx:DMIFZmZyTDx4vNYm7vIIlDcbalqk3fAAUlx5aKdB52WXKMX5vWIOWw>
<xmx:DMIFZsYdoIFs4re1o4BQ4juFkU7zH6XsaVoo_EQa8L2Jdl39FXDZDg>
<xmx:DMIFZqAtW7MdeNZlnWOzGYCRASO8YK0PDR2bw_paJgKZuyHRWKZ6Jw>
<xmx:DMIFZqa-7YqSNSANxsXqizYAMs_KYnXd4cy-qWv3yB5BCFONyCllhA>
<xmx:DcIFZiO51kSFij48psHWjpgplpBr8BYu-VYv1beOhEqE0c9p4Dry-zT9vE4>
Feedback-ID: i525146e8:Fastmail
Received: by mail.messagingengine.com (Postfix) with ESMTPA; Thu,
28 Mar 2024 15:16:28 -0400 (EDT)
Received: by localhost (Postfix, from userid 1000)
id EB0945F87B; Thu, 28 Mar 2024 19:16:22 +0000 (UTC)
Date: Thu, 28 Mar 2024 19:16:22 +0000
From: Peter Todd <pete@petertodd.org>
To: Antoine Riard <antoine.riard@gmail.com>
Cc: Steve Lee <steven.j.lee@gmail.com>, "David A. Harding" <dave@dtrt.org>,
bitcoindev@googlegroups.com
Subject: Re: [bitcoindev] A Free-Relay Attack Exploiting RBF Rule #6
Message-ID: <ZgXCBhL2E6UECXVJ@petertodd.org>
References: <f7fbeb4f58904fc5a24b6fc2d829036c@dtrt.org>
<ZgRfvrYatcpqPNRn@petertodd.org>
<bbc33ff01e464f8c84a593ac05c5722c@dtrt.org>
<ZgSB6kmLiDG08Yrd@petertodd.org>
<CABu3BAeYsMG7TuM_htTYREgDdGOKV=gwFJ+T59L=qHqbewz4vw@mail.gmail.com>
<CALZpt+EK26=E6U9OdY+c9LVQnGtb-f5zzKt5RTwBoHpr_SSxcA@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature"; boundary="mz1UYETDl4+YGTjN"
Content-Disposition: inline
In-Reply-To: <CALZpt+EK26=E6U9OdY+c9LVQnGtb-f5zzKt5RTwBoHpr_SSxcA@mail.gmail.com>
X-Original-Sender: pete@petertodd.org
X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass
header.i=@messagingengine.com header.s=fm2 header.b=vhtgtI8J; spf=pass
(google.com: domain of pete@petertodd.org designates 64.147.123.147 as
permitted sender) smtp.mailfrom=pete@petertodd.org
Precedence: list
Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com
List-ID: <bitcoindev.googlegroups.com>
X-Google-Group-Id: 786775582512
List-Post: <https://groups.google.com/group/bitcoindev/post>, <mailto:bitcoindev@googlegroups.com>
List-Help: <https://groups.google.com/support/>, <mailto:bitcoindev+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/bitcoindev
List-Subscribe: <https://groups.google.com/group/bitcoindev/subscribe>, <mailto:bitcoindev+subscribe@googlegroups.com>
List-Unsubscribe: <mailto:googlegroups-manage+786775582512+unsubscribe@googlegroups.com>,
<https://groups.google.com/group/bitcoindev/subscribe>
X-Spam-Score: -0.8 (/)
--mz1UYETDl4+YGTjN
Content-Type: text/plain; charset="UTF-8"
Content-Disposition: inline
On Thu, Mar 28, 2024 at 06:34:42PM +0000, Antoine Riard wrote:
> Hi Steve,
>
> > He literally cites a reference to an example.
>
> About CVE-2017-12842, the report of Sergio Demian Lerner available here
> gives more information on the reporting process of the vulnerability:
> https://bitslog.com/2018/06/09/leaf-node-weakness-in-bitcoin-merkle-tree-design/
>
> I'll attract attention on the following words of Sergio himself:
>
> "and as I said in the first paragraph, the weakness was already known by
> some developers. But I still don't understand (1) why so many people knew
> about it but underestimated it badly, (2) why there was no attempt to fix
> it."
I do not consider CVE-2017-12842 to be serious. Indeed, I'm skeptical that we
should even fix it with a fork. SPV validation is very sketchy, and the amount
of work and money required to trigger CVE-2017-12842 is probably as or more
expensive than simply creating fake blocks.
Sergio's RSK Bridge contract being vulnerable to it just indicates it was a
reckless design.
> I believe in the present "free-relay" bandwidth wasting, letting a minimal
> 2-weeks delay would have been more reasonable. Security list members might
> be in flight travels or at conferences, or under other operational
> constraints and domain experts in the area of transaction-relay might not
> be available to give full-fledged answers. Even if you have private
> contacts of someone, don't rush them to get an answer when it can be
> midnight in their time zones and they're recovering from jet lags.
To be clear, in this particular case I had specific, insider, knowledge that
the relevant people had in fact seen my report and had already decided to
dismiss it. This isn't a typical case where you're emailing some random company
and don't have any contacts. I personally knew prior to publication that the
relevant people had been given a fair chance to comment, had chosen not to, and
I would likely receive no response at all. Which is really annoying as I have
my own deadlines for (paid) things this research was relevant to: much more
useful to me to get the issue published publicly, so I can get actual comments
from people like yourself, and move forward with my work.
I'm not going to say anything further on how I knew this, because I'm not about
to put up people who have been co-operating with me to the risk of harassment
from people like Harding and others; I'm not very popular right now with many
of the Bitcoin Core people working on the mempool code.
Anyway, I think the lesson learned here is it's probably not worth bothering
with a disclosure process at all for this type of issue. It just created a
bunch of distracting political drama when simply publishing this exploit
variation immediately probably would not have.
--
https://petertodd.org 'peter'[:-1]@petertodd.org
--
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/bitcoindev/ZgXCBhL2E6UECXVJ%40petertodd.org.
--mz1UYETDl4+YGTjN
Content-Type: application/pgp-signature; name="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEE0RcYcKRzsEwFZ3N5Lly11TVRLzcFAmYFwgQACgkQLly11TVR
Lzfm8w/+IA717utqZBAHKlbQoX2jTL/a9Aq7FiI9q0dIaXkTA8ieK/hreLgvOF2A
5PJ14jqjgfecY4HBMBrelo8tvSJWFCOx3V3ug8f4QTC3/AYUY3wBvjITJR80MX6t
mGW95ZDJxaJn7z+EdWXo6++XJ2Bm4AE3h6aM4akkDfRpEePo5wYF3uVSs1mAoH2L
sLz5UHsnVjhjx2muxQb8IxZ3o0+JM42K8sXt02crB2Bwl9T3fxFBOpq1O4rxDO2c
UTo9R9ITCIOztTe5t8fcnIypvsyleGevzPuT9MxnYLNhq8/nkqN780eRn2di33GO
DBEy4/pukldwnJ+vXojdqvtQSlo1rv7tWRXBjfcGEKvm3VAUGdPpLcbCG5pKY0bE
5oykEAXrTLpIm/urg5DehTRecmef4LLhw986IhttjYGZ72Br2Dax3ZAoId4PJZFa
e5FCYm1L3kljUfpchqcV33d77NEzJCcKKl7wO3BQ08S4Er+ny6F4QTD70FPiA0qD
Ca4EGZOSj1FcbUgI1Ku1tBA1gljABxahFNBj03vj9knCftvqCn0VpGGDvazefjJ0
UbyOzIpJwcqbU1xEAx5JY8MAa3mP1CfbqwkmTcHZTihJki9F2m1xQslmu+GO0Zaz
/Z0FWwvbA6fsEufTT8Vlep5Iz9S/3Gm2Cf8ufaAB1f/3j/a55xc=
=r9TN
-----END PGP SIGNATURE-----
--mz1UYETDl4+YGTjN--
|
