Received: from sog-mx-4.v43.ch3.sourceforge.com ([172.29.43.194] helo=mx.sourceforge.net) by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1R1gPJ-0000Zi-Lu for bitcoin-development@lists.sourceforge.net; Thu, 08 Sep 2011 15:20:49 +0000 Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of bluematt.me designates 173.246.101.161 as permitted sender) client-ip=173.246.101.161; envelope-from=bitcoin-list@bluematt.me; helo=mail.bluematt.me; Received: from vps.bluematt.me ([173.246.101.161] helo=mail.bluematt.me) by sog-mx-4.v43.ch3.sourceforge.com with esmtp (Exim 4.76) id 1R1gPI-0001Uq-M9 for bitcoin-development@lists.sourceforge.net; Thu, 08 Sep 2011 15:20:49 +0000 Received: from [152.23.101.121] (dhcp05455.highsouth-resnet.unc.edu [152.23.101.121]) by mail.bluematt.me (Postfix) with ESMTPSA id 2CA06EBC for ; Thu, 8 Sep 2011 17:20:08 +0200 (CEST) From: Matt Corallo To: bitcoin-development@lists.sourceforge.net In-Reply-To: References: Content-Type: text/plain; charset="UTF-8" Date: Thu, 08 Sep 2011 11:20:42 -0400 Message-ID: <1315495242.2795.4.camel@BMThinkPad.lan.bluematt.me> Mime-Version: 1.0 X-Mailer: Evolution 2.32.2 Content-Transfer-Encoding: 7bit X-Spam-Score: -1.6 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain -0.0 SPF_PASS SPF: sender matches SPF record -0.5 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain 0.4 AWL AWL: From: address is in the auto white-list X-Headers-End: 1R1gPI-0001Uq-M9 Subject: Re: [Bitcoin-development] Alert System X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 08 Sep 2011 15:20:49 -0000 On Thu, 2011-09-08 at 07:42 -0700, David Perry wrote: > There has been some discussion on the new Bitcoin StackExchange site > lately about the alert protocol. A few have suggested that it might > carry the potential for abuse (spam/DoS) and others have argued that > it's merely deprecated. In any case, enough have voiced concerns that > I've forked bitcoin/bitcoin, removed the snippet of code from main.cpp > that makes the questionable call and submitted a pull request. On that > pull request it was noted by Gavin Andresen that it merited discussion > here and some kind of consensus should be reached before acting on > that pull request. It was also mentioned that he thought the feature > was still more useful than dangerous and that he would argue against. > > > So I pose the question to you fine fellows: Is the alert system > valuable, an unnecessary risk or merely a snippet of deprecated code? > Should it be removed? The alert system requires a signature verification when it receives an alert, but so do blocks and transactions so it really isn't a DoS target (remember that the alert system requires alerts to be signed by a key that only gavin and satoshi have). The alert system could prove very, very valuable. In much software it carries the risk for abuse or simply seems wrong that the developers can send a message to everyone's computer to notify them of something, but keep in mind that Bitcoin is financial software. If there is an urgent problem (like the overflow bug) there must be a way to notify people to upgrade immediately, which is exactly what alerts provide. Since alerts no longer carry the ability to put Bitcoin into RPC safe-mode, they are literally just a message and I see no reason why they should be removed.