Received: from sog-mx-3.v43.ch3.sourceforge.com ([172.29.43.193] helo=mx.sourceforge.net) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1S2YnS-0002Lt-Ka for bitcoin-development@lists.sourceforge.net; Wed, 29 Feb 2012 01:57:38 +0000 X-ACL-Warn: Received: from zim.maski.org ([173.230.137.215]) by sog-mx-3.v43.ch3.sourceforge.com with esmtps (TLSv1:AES256-SHA:256) (Exim 4.76) id 1S2YnR-0007ur-T4 for bitcoin-development@lists.sourceforge.net; Wed, 29 Feb 2012 01:57:38 +0000 Received: from mail-ee0-f47.google.com (mail-ee0-f47.google.com [74.125.83.47]) (using TLSv1 with cipher RC4-SHA (128/128 bits)) (No client certificate requested) (Authenticated sender: zooko) by zim.maski.org (Postfix) with ESMTPSA id 2A61B23111 for ; Wed, 29 Feb 2012 01:41:33 +0000 (UTC) Received: by eekc1 with SMTP id c1so1152370eek.34 for ; Tue, 28 Feb 2012 17:41:32 -0800 (PST) Received-SPF: pass (google.com: domain of zooko@zooko.com designates 10.14.200.129 as permitted sender) client-ip=10.14.200.129; Authentication-Results: mr.google.com; spf=pass (google.com: domain of zooko@zooko.com designates 10.14.200.129 as permitted sender) smtp.mail=zooko@zooko.com Received: from mr.google.com ([10.14.200.129]) by 10.14.200.129 with SMTP id z1mr12583089een.124.1330479692127 (num_hops = 1); Tue, 28 Feb 2012 17:41:32 -0800 (PST) MIME-Version: 1.0 Received: by 10.14.200.129 with SMTP id z1mr9518442een.124.1330479692014; Tue, 28 Feb 2012 17:41:32 -0800 (PST) Received: by 10.14.94.199 with HTTP; Tue, 28 Feb 2012 17:41:31 -0800 (PST) In-Reply-To: References: Date: Tue, 28 Feb 2012 18:41:31 -0700 Message-ID: From: "Zooko Wilcox-O'Hearn" To: Pieter Wuille Content-Type: text/plain; charset=UTF-8 X-Spam-Score: -1.5 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain X-Headers-End: 1S2YnR-0007ur-T4 Cc: Bitcoin Dev Subject: Re: [Bitcoin-development] Duplicate transactions vulnerability X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Feb 2012 01:57:38 -0000 Could you spell out the attack explicitly? Presumably there aren't a lot of people with the "malice energy" to perform the attack but not to figure it out for themselves. I, however, have the "niceness energy" to think about it for a few minutes but not to figure it out for myself. If in your opinion it is realistically dangerous to post it publicly, would you be so kind as to include me in the private sharing of the explanation? By the way, I found a couple of cases of slightly bad handling of merkle trees when I inspected the code (v0.4) that was, I'm 99% sure, not exploitable. I never got around to reporting it yet. I'm sorry about that. My discoveries might interact with the one you're talking about here. I should definitely explain mine to y'all soon. (Possibly in private for the first pass, in case it is more exploitable than I thought, or has become exploitable since v0.4.) I showed it to a couple of other people at the time who helped me make sure that it wasn't exploitable. I'll make time to explain what I found within a week. Regards, Zooko