1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
|
Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191]
helo=mx.sourceforge.net)
by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <mh.in.england@gmail.com>) id 1YHusx-0002LQ-0p
for bitcoin-development@lists.sourceforge.net;
Sun, 01 Feb 2015 13:48:23 +0000
Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of gmail.com
designates 209.85.212.176 as permitted sender)
client-ip=209.85.212.176; envelope-from=mh.in.england@gmail.com;
helo=mail-wi0-f176.google.com;
Received: from mail-wi0-f176.google.com ([209.85.212.176])
by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1YHusv-0007w8-95
for bitcoin-development@lists.sourceforge.net;
Sun, 01 Feb 2015 13:48:22 +0000
Received: by mail-wi0-f176.google.com with SMTP id bs8so11647341wib.3
for <bitcoin-development@lists.sourceforge.net>;
Sun, 01 Feb 2015 05:48:15 -0800 (PST)
MIME-Version: 1.0
X-Received: by 10.194.7.103 with SMTP id i7mr32511483wja.53.1422798495238;
Sun, 01 Feb 2015 05:48:15 -0800 (PST)
Sender: mh.in.england@gmail.com
Received: by 10.194.188.11 with HTTP; Sun, 1 Feb 2015 05:48:15 -0800 (PST)
In-Reply-To: <88211D58-DE9D-4B4A-B3A5-2EEFDFC5E02B@gmail.com>
References: <27395C55-CF59-4E65-83CA-73F903272C5F@gmail.com>
<CAAt2M18kRgJeNGu9GeKabRpTKPX9rVeoYiKoanz99bmV2jaf4w@mail.gmail.com>
<1348028F-26F8-42CB-9859-C9CB751BF0C9@gmail.com>
<CAAt2M1_3BdKQTVxsN7Hc-W=q0_NWyhBg1UAuSwxRQ8BePDa-8g@mail.gmail.com>
<CAAt2M1-b7ByF0yVSmwD_nj3uUSo5GFOmH860n1k6oKX_sqvEkw@mail.gmail.com>
<88211D58-DE9D-4B4A-B3A5-2EEFDFC5E02B@gmail.com>
Date: Sun, 1 Feb 2015 14:48:15 +0100
X-Google-Sender-Auth: DR4XzFYhbUJM6460XAHGznLaXTY
Message-ID: <CANEZrP0w4CchDmDm3qvWTmf_J8rpe+5BfmAUU4EXFvWosgEeNg@mail.gmail.com>
From: Mike Hearn <mike@plan99.net>
To: Brian Erdelyi <brian.erdelyi@gmail.com>
Content-Type: multipart/alternative; boundary=047d7b5d43f4e55392050e07167e
X-Spam-Score: -0.5 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(mh.in.england[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
1.0 HTML_MESSAGE BODY: HTML included in message
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1YHusv-0007w8-95
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] Proposal to address Bitcoin malware
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Sun, 01 Feb 2015 13:48:23 -0000
--047d7b5d43f4e55392050e07167e
Content-Type: text/plain; charset=UTF-8
>
> I see how BIP 70 verifies the payment request, however, is there any way
> to verify that the transaction signed by the wallet matches the request
> before it is sent to the blockchain (and how can this support out of band
> verification)?
>
No. It cannot be done in the Bitcoin context. Your wallet MUST be secure.
Otherwise BIP70 is irrelevant - if the attacker can make your wallet sign
some other transaction than what you expect, they can also just steal your
private keys and use them directly. BIP70 is based on the assumption of a
secure signing core that cannot be compromised, with devices like the
TREZOR and 2-factor pairings of desktops and mobiles being an obvious use
case.
--047d7b5d43f4e55392050e07167e
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><div class=3D"gmail_extra"><div class=3D"gmail_quote"><blo=
ckquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1px #c=
cc solid;padding-left:1ex"><div style=3D"word-wrap:break-word"><div>I see h=
ow BIP 70 verifies the payment request, however, is there any way to verify=
that the transaction signed by the wallet matches the request before it is=
sent to the blockchain (and how can this support out of band verification)=
?</div></div></blockquote><div><br></div><div>No. It cannot be done in the =
Bitcoin context. Your wallet MUST be secure. Otherwise BIP70 is irrelevant =
- if the attacker can make your wallet sign some other transaction than wha=
t you expect, they can also just steal your private keys and use them direc=
tly. BIP70 is based on the assumption of a secure signing core that cannot =
=C2=A0be compromised, with devices like the TREZOR and 2-factor pairings of=
desktops and mobiles being an obvious use case.</div></div></div></div>
--047d7b5d43f4e55392050e07167e--
|