Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 5C86DC94 for ; Sat, 10 Sep 2016 00:42:32 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-ua0-f182.google.com (mail-ua0-f182.google.com [209.85.217.182]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id D85821E2 for ; Sat, 10 Sep 2016 00:42:31 +0000 (UTC) Received: by mail-ua0-f182.google.com with SMTP id 31so81574908uao.0 for ; Fri, 09 Sep 2016 17:42:31 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=mime-version:sender:from:date:message-id:subject:to; bh=8rjH7XX0duQ3HCjTn00PQtmBPAd5ZPIiNfbcVJzdqhs=; b=Lg9ugZNWTsLAVVTrHjwXZ8K/Y4k0z1ajud5QBUGEe/me1kG2m9i2fbra+UBmynndwg r7jAdKZMETSt6yOvk3IZXUhP5gVdTX12ERaw+I9Jcc7tDOddCCnSKfrKbY6VHdOd8Y0a 0+VWiTpRkhgQKYhAsjFjSSU0+7LzKX024jlloW+tDmp0SK/FZUojdkN4sp8yso3wOoEZ USEd9HVHvKlr9RH2LVmqpFpNmTnRJX5Sc2dnozv2Gvhb/j1iWrwX8fLX+tGWI5E6/pQ+ u1Q62zOXfPyuqykBSyQsfK6d9xRDuXVx3O87ypCz9kWfV2M2LhSLBsnjrfAgTO3+rIA3 G/fg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:from:date:message-id:subject :to; bh=8rjH7XX0duQ3HCjTn00PQtmBPAd5ZPIiNfbcVJzdqhs=; b=IJ1fSwU4gP3kAEOEydhb1No3Las1Zr6soCv1Gf1p39z0TxzX4qixdomOn5P+dFxXMR WTULixoV7ptfpEOtd3sssD0rsUUX8Zmji/+05I6ZQTN8u1tKrllJHQuqczO1IBNMa66q hiRzOnQMUwcxQS7QtBdfUpLvKOoWNBQddvk5kEjP4bxqcB5Rwgn0Eh+MDJGdC+EY2GRK Usn17yVRJfRGod31CFBdPOjaoR2LIpEcnMkw6UaDKzcSF5OQoWRZDHt6MtvhTbohjdOg oa1OJCgeiCTdgXMl2qOfdS9/5oEdE/TE4uHPa9xCHdGVoYxLC/8CydLdJwInsZtK55Im t9+Q== X-Gm-Message-State: AE9vXwOksT6mIuMPL7ly1rADjJVTy1so37jwwHwEBWK6DSqATMQVJnOBFeN6XiE3fdSL8Zm0YlMQSs59UT/Zhw== X-Received: by 10.176.64.66 with SMTP id h60mr4619749uad.102.1473468150695; Fri, 09 Sep 2016 17:42:30 -0700 (PDT) MIME-Version: 1.0 Sender: gmaxwell@gmail.com Received: by 10.103.118.69 with HTTP; Fri, 9 Sep 2016 17:42:30 -0700 (PDT) From: Gregory Maxwell Date: Sat, 10 Sep 2016 00:42:30 +0000 X-Google-Sender-Auth: 8j-NtLxYBdu0PlZeDOFyUUOs28s Message-ID: To: Bitcoin Dev Content-Type: text/plain; charset=UTF-8 X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID, FREEMAIL_FROM, RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: [bitcoin-dev] Completing the retirement of the alert system X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 10 Sep 2016 00:42:32 -0000 The alert system was a centralized facility to allow trusted parties to send messages to be displayed in wallet software (and, very early on, actually remotely trigger the software to stop transacting). It has been removed completely in Bitcoin Core after being disabled for a while. While the system had some potential uses, there were a number of problems with it. The alert system was a frequent source of misunderstanding about the security model and 'effective governance', for example a years ago a BitcoinJ developer wanted it to be used to control fee levels on the network and few months back one of Bloq's staff was pushing for a scheme where "the developers" would use it to remotely change the difficulty-- apparently with no idea how abhorrent others would find it. The system also had a problem of not being scalable to different software vendors-- it didn't really make sense that core would have that facility but armory had to do something different (nor would it really make sense to constantly have to maintain some list of keys in the node software). It also had the problem of being unaccountable. No one can tell which of the key holders created a message. This creates a risk of misuse with a false origin to attack someone's reputation. Finally, there is good reason to believe that the key has been compromised-- It was provided to MTGox by a developer and MTGox's systems' were compromised and later their CEO's equipment taken by the Japanese police. In any case, it's gone now in Core and most other current software-- and I think it's time to fully deactivate it. I've spent some time going around the internet looking for all software that contains this key (which included a few altcoins) and asked them to remove it. I will continue to do that. One of the facilities in the alert system is that you can send a maximum sequence alert which cannot be overridden and displays only a static key compromise text message and blocks all other alerts. I plan to send a triggering alert in the not-distant future (exact time to be announced well in advance) feedback on timing would be welcome. There are likely a few production systems that automatically shut down when there is an alert, so this risks some small one-time disruption of those services-- but none worse than if an alert were sent to advise about a new system upgrade. At some point after that, I would then plan to disclose this private key in public, eliminating any further potential of reputation attacks and diminishing the risk of misunderstanding the key as some special trusted source of authority. Cheers,