Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id BEC8C1389 for ; Tue, 1 Sep 2015 18:03:21 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-wi0-f180.google.com (mail-wi0-f180.google.com [209.85.212.180]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 19870170 for ; Tue, 1 Sep 2015 18:03:21 +0000 (UTC) Received: by wicjd9 with SMTP id jd9so41772326wic.1 for ; Tue, 01 Sep 2015 11:03:20 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=date:from:to:cc:subject:message-id:references:mime-version :content-type:content-disposition:in-reply-to; bh=XDtHTonWjl12OcxNfmvV40cP4taLSrhc22kcJ7xEomo=; b=O35oRmcNWHlyA/pfXVl+7mg6VylTMD9lgQGUEUbogCN409vQYaJhZal8ST9IsPyXQr HBcXwZ+EUQ3wyHMvTj9kAYqsVJqt4LnBSi1yhbt8tz8rSI8Hr+N6svLLY3Pl6lIAf9TL Im62ulbDe39cO/oWXs7HLOEVrmWAiZXW6JOiZOn/p05GIY+pcjRk4FlyUvE+zlEstTzS 8aigeftKzV53hu63MNOfGr4W0/9jhRvxtlt0g74sLFbC+0Kqe6sYPWgXUq8IeaDzKeVn nqsAxjA9+W5DcGdztp/UvN8iHcprLFHIttyF8c+cQHcET4kpCKw4GTVdUsTDSvoW8ipj mKWQ== X-Received: by 10.180.104.68 with SMTP id gc4mr5014790wib.67.1441130599858; Tue, 01 Sep 2015 11:03:19 -0700 (PDT) Received: from amethyst.visucore.com (dhcp-089-098-228-253.chello.nl. [89.98.228.253]) by smtp.gmail.com with ESMTPSA id cd16sm3860745wib.19.2015.09.01.11.03.18 (version=TLS1_2 cipher=AES128-SHA256 bits=128/128); Tue, 01 Sep 2015 11:03:19 -0700 (PDT) Date: Tue, 1 Sep 2015 20:03:34 +0200 From: "Wladimir J. van der Laan" To: Monarch Message-ID: <20150901180333.GA3914@amethyst.visucore.com> References: MIME-Version: 1.0 Content-Type: text/plain; charset=utf-8 Content-Disposition: inline In-Reply-To: X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM, RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Cc: bitcoin-dev@lists.linuxfoundation.org Subject: Re: [bitcoin-dev] push tx fuzzing X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Development Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 01 Sep 2015 18:03:21 -0000 On Tue, Sep 01, 2015 at 04:59:15PM +0000, Monarch via bitcoin-dev wrote: > which uses Bitcoin Core for validation. If they aren't validating > transactions before broadcast they won't make it more than a single > hop through the P2P the network so they are of minimum concern. blockchain.info had some problems here for a while. They were not using a full validating node underneath: - Signatures were not verified properly. This resulted in some panic when it looked like (on their site) a massive number of very old coins were being spent. - They were relaying loose coinbase transactions. This caused them to be instantly banned from nodes they were connected to. So there's certainly some scope for fun with fuzzing those APIs. Wladimir