1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
|
Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191]
helo=mx.sourceforge.net)
by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <adam.back@gmail.com>) id 1VUHoc-0001xm-8K
for bitcoin-development@lists.sourceforge.net;
Thu, 10 Oct 2013 15:06:14 +0000
Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of gmail.com
designates 74.125.83.47 as permitted sender)
client-ip=74.125.83.47; envelope-from=adam.back@gmail.com;
helo=mail-ee0-f47.google.com;
Received: from mail-ee0-f47.google.com ([74.125.83.47])
by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1VUHob-0008UX-I5
for bitcoin-development@lists.sourceforge.net;
Thu, 10 Oct 2013 15:06:14 +0000
Received: by mail-ee0-f47.google.com with SMTP id d49so1222552eek.6
for <bitcoin-development@lists.sourceforge.net>;
Thu, 10 Oct 2013 08:06:07 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20130820;
h=date:from:to:cc:subject:message-id:references:mime-version
:content-type:content-disposition:in-reply-to:user-agent;
bh=ie0udnWoWCwItCCNPJW84qG6ZFyW9G6zN3v51IcdtAA=;
b=c/dID0t4J9da56DB/ygRT7kjhx9K0kI9xlk5mTneBPgyl/Ez38yCD0Ofv/u6+w2mfT
B+c9FUdpNfoRq7eaU2vVZ+KILjmirdG+1jwcSYCY1EnraTWVl4X3i2o6Gpt/JYDSIZ7f
BSC/0YBCobZomCqXqxQ8wEQtMz2vl66TQxKmjQi5R5bnpN5/b3GU4ZG8MttyA7LeyplV
7BpY29Z4oJ+ROGuIKX2aQX+ZEkKX40GA8S0hblHHyucDG23SufQIPthxCOGblwzgoJle
vto4jrVVo5ZRhCo3uPxNqzahRFSxeGAWpcKJHVNjuZeczHUwMaYg6RdhoK3amOsuLUC9
cqCw==
X-Received: by 10.15.35.67 with SMTP id f43mr24698eev.100.1381417567266;
Thu, 10 Oct 2013 08:06:07 -0700 (PDT)
Received: from netbook (c83-90.i07-21.onvol.net. [92.251.83.90])
by mx.google.com with ESMTPSA id
h52sm102600221eez.3.1969.12.31.16.00.00
(version=TLSv1.1 cipher=ECDHE-RSA-RC4-SHA bits=128/128);
Thu, 10 Oct 2013 08:06:06 -0700 (PDT)
Received: by netbook (Postfix, from userid 1000)
id 2368C2E0887; Thu, 10 Oct 2013 17:06:07 +0200 (CEST)
Received: by flare (hashcash-sendmail, from uid 1000);
Thu, 10 Oct 2013 17:06:04 +0200
Date: Thu, 10 Oct 2013 17:06:03 +0200
From: Adam Back <adam@cypherspace.org>
To: Jeremy Spilman <jeremy@taplink.co>
Message-ID: <20131010150603.GA30538@netbook.cypherspace.org>
References: <CAEz79PrCSjSV=FcSMyYtNip8Jg8oa8nMaHbqKNKKyoB-NEqRDQ@mail.gmail.com>
<op.w4p0i7a3yldrnw@laptop-air>
<20131010142154.GA28656@netbook.cypherspace.org>
MIME-Version: 1.0
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Disposition: inline
In-Reply-To: <20131010142154.GA28656@netbook.cypherspace.org>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-Hashcash: 1:20:131010:jeremy@taplink.co::nVX423C4kfSE5oHy:00000000000000000000
000000000000000000000000Bt4x
X-Hashcash: 1:20:131010:bitcoin-development@lists.sourceforge.net::wXvL7v9I0ffgz
e06:000000000000000000007FUe
X-Hashcash: 1:20:131010:adam@cypherspace.org::ALNBneTYJL8W0S24:00000000000000000
0000000000000000000000002ifC
X-Spam-Score: -1.5 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(adam.back[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
X-Headers-End: 1VUHob-0008UX-I5
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] malleability work-around vs fix (Re:
0.8.5 with libsecp256k1)
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Thu, 10 Oct 2013 15:06:14 -0000
btw if I got that right, it means you dont even have to fix the asn.1 level
ambiguity (though its a good idea to remove openSSL asn.1 parsing code) to
have conditional payments using not yet broadcast txid outputs as inputs to
work with high assurance. (And even in the event that a new crypto level
malleability is discovered in ECDSA it remains secure.)
Adam
Adam Back wrote:
>So I was thinking a more generic / robust way to fix this would be to change
>the txid from H(sig,inputs,outputs,script) to H(pubkey,inputs,outputs,script)
>or something like that in effect so that the malleability of the signature
>mechanism doesnt affect the security of conditional payments.
Adam
|