Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 33EEAB62 for ; Fri, 26 May 2017 06:52:29 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-oi0-f52.google.com (mail-oi0-f52.google.com [209.85.218.52]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 7545C161 for ; Fri, 26 May 2017 06:52:28 +0000 (UTC) Received: by mail-oi0-f52.google.com with SMTP id h4so2502087oib.3 for ; Thu, 25 May 2017 23:52:28 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=antonopoulos.com; s=antonopoulos; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc; bh=1nUSjHIY5trW2dKoLiTfjcfgcY3fs0nuve9jgdVkkn8=; b=ME2YqtU9ZPoDQYqOl0XOHzEowXuqYOQarP0qa0LEWTdCBn+SA+eUEf3E1GF7TG56sr yAOuOHVrBOL4ASV5nRhsTu8SHpAVPEi+mCi2kCnq3VQAnX6BPuwlp0vy2P6IxtTUEstg SNVG2agwLfCSOXL+RpCH+5kfOgP0yMQXzBHt0= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc; bh=1nUSjHIY5trW2dKoLiTfjcfgcY3fs0nuve9jgdVkkn8=; b=Nrj+AZgntNH4VtF1wJDnG5Fx+8zItyOZDVrLqquV4P62+eSjglyJ+eVYq4IAl+tHWc idulTBES3YIy/OEWVjO/WbVBBieYahtSyZWvWlzqWNDpHLPQN8QAAe5kYxBjSPbjP8dI MwPOAUJG9en5DQVunHlmKiDJ9LyqWI3csVcCmaocJFpKHDiJunPJKKdRFr86VPKwQqo8 3X8X56gMdrKRNVde97MWJ1Ju1IBDdtVsoUOtWPi5PlrNALGnZH8sZW5Q/8yZgBuGfFp+ 5n0Mo11zL+lIKbtRFP7HMOWHmRcLAypnzTXTC6KAfAMbF0Jc+oalQxWOwMLjwU9obZVt KYjw== X-Gm-Message-State: AODbwcCD0YKbDmqZYGtvMForB7Dp/EzRqsdiY4KO4fPpWZByiAB+ATHw cGQ7/zhIMq0LlNI3ao/cAOrIIIieh1AX X-Received: by 10.202.79.7 with SMTP id d7mr177888oib.55.1495781547533; Thu, 25 May 2017 23:52:27 -0700 (PDT) MIME-Version: 1.0 Received: by 10.182.111.103 with HTTP; Thu, 25 May 2017 23:52:26 -0700 (PDT) Received: by 10.182.111.103 with HTTP; Thu, 25 May 2017 23:52:26 -0700 (PDT) In-Reply-To: References: From: "Andreas M. Antonopoulos" Date: Fri, 26 May 2017 16:52:26 +1000 Message-ID: To: Cameron Garnham Content-Type: multipart/alternative; boundary="001a113d720ecd87b5055067c733" X-Spam-Status: No, score=-1.3 required=5.0 tests=BAYES_00,DKIM_SIGNED, HTML_MESSAGE, RCVD_IN_SORBS_SPAM, T_DKIM_INVALID autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org X-Mailman-Approved-At: Fri, 26 May 2017 13:59:31 +0000 Cc: Bitcoin Protocol Discussion Subject: Re: [bitcoin-dev] Emergency Deployment of SegWit as a partial mitigation of CVE-2017-9230 X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 May 2017 06:52:29 -0000 --001a113d720ecd87b5055067c733 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable I rarely post here, out of respect to the mailing list. But since my name was mentioned... I much prefer Gregory Maxwell's proposal to defuse covert ASICBOOST (only) with a segwit-like commitment to the coinbase which does not obligate miners to signal Segwit or implement Segwit, thus disarming any suspicion that the issue is being exploited only to activate Segwit. This proposal is unnecessarily conflating two contentious issues and will attract criticism of self serving motivation. Politicising CVE is damaging to the long term bitcoin development and to its security. Not claiming that is the intent here, but the damage is done by the mere appearance of motive. On May 26, 2017 16:30, "Cameron Garnham via bitcoin-dev" < bitcoin-dev@lists.linuxfoundation.org> wrote: > Hello Bitcoin-Dev, > > CVE-2017-9230 (1) (2), or commonly known as =E2=80=98ASICBOOST=E2=80=99 i= s a severe (3) > (4) and actively exploited (5) security vulnerability. > > To learn more about this vulnerability please read Jeremy Rubin=E2=80=99s= detailed > report: > http://www.mit.edu/~jlrubin//public/pdfs/Asicboost.pdf > > Andreas Antonopoulos has an excellent presentation on why asicboost is > dangerous: > https://www.youtube.com/watch?v=3Dt6jJDD2Aj8k > > In decisions on the #bitcoin-core-dev IRC channel; It was proposed, > without negative feedback, that SegWit be used as a partial-mitigation of > CVE-2017-9230. > > SegWit partially mitigates asicboost with the common reasonable assumptio= n > that any block that doesn=E2=80=99t include a witness commit in it's coin= base > transaction was mined using covert asicboost. Making the use of covert > asicboost far more conspicuous. > > It was also proposed that this partial mitigation should be quickly > strengthened via another soft-fork that makes the inclusion of witness > commits mandatory, without negative feedback. > > The security trade-offs of deploying a partial-mitigation to CVE-2017-923= 0 > quickly vs more slowly but more conservatively is under intense debate. > The author of this post has a strong preference to the swiftest viable > option. > > Cameron. > > > (1) CVE Entry: > https://cve.mitre.org/cgi-bin/cvename.cgi?name=3D+CVE-2017-9230 > > (2) Announcement of CVE to Mailing List: > https://lists.linuxfoundation.org/pipermail/bitcoin-dev/ > 2017-May/014416.html > > (3) Discussion of the perverse incentives created by 'ASICBOOST' by Ryan > Grant: > https://lists.linuxfoundation.org/pipermail/bitcoin-dev/ > 2017-May/014352.html > > (4) Discussion of ASICBOOST's non-independent PoW calculation by Tier > Nolan: > https://lists.linuxfoundation.org/pipermail/bitcoin-dev/ > 2017-May/014351.html > > (5) Evidence of Active Exploit by Gregory Maxwell: > https://lists.linuxfoundation.org/pipermail/bitcoin-dev/ > 2017-April/013996.html > > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev > --001a113d720ecd87b5055067c733 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
I rarely post here, out of respect to the mailing list. B= ut since my name was mentioned...=C2=A0

I much prefer Gregory Maxwell's proposal to defuse covert ASI= CBOOST (only) with a segwit-like commitment to the coinbase which does not = obligate miners to signal Segwit or implement Segwit, thus disarming any su= spicion that the issue is being exploited only to activate Segwit.

This proposal is unnecessarily c= onflating two contentious issues and will attract criticism of self serving= motivation.

Politicisin= g CVE =C2=A0is damaging to the long term bitcoin development and to its sec= urity. Not claiming that is the intent here, but the damage is done by the = mere appearance of motive.=C2=A0



On May 26, 2017 16:30, "Cameron Garnham via bitcoin-dev"= <bitcoin-dev@l= ists.linuxfoundation.org> wrote:
Hello Bitcoin-Dev,

CVE-2017-9230 (1) (2), or commonly known as =E2=80=98ASICBOOST=E2=80=99 is = a severe (3) (4) and actively exploited (5) security vulnerability.

To learn more about this vulnerability please read Jeremy Rubin=E2=80=99s d= etailed report:
http://www.mit.edu/~jlrubin//public/pdfs/= Asicboost.pdf

Andreas Antonopoulos has an excellent presentation on why asicboost is dang= erous:
https://www.youtube.com/watch?v=3Dt6jJDD2Aj8k<= br>
In decisions on the #bitcoin-core-dev IRC channel; It was proposed, without= negative feedback, that SegWit be used as a partial-mitigation of CVE-2017= -9230.

SegWit partially mitigates asicboost with the common reasonable assumption = that any block that doesn=E2=80=99t include a witness commit in it's co= inbase transaction was mined using covert asicboost.=C2=A0 Making the use o= f covert asicboost far more conspicuous.

It was also proposed that this partial mitigation should be quickly strengt= hened via another soft-fork that makes the inclusion of witness commits man= datory, without negative feedback.

The security trade-offs of deploying a partial-mitigation to CVE-2017-9230 = quickly vs more slowly but more conservatively is under intense debate.=C2= =A0 The author of this post has a strong preference to the swiftest viable = option.

Cameron.


(1) CVE Entry:
https://cve.mitre.org/cgi-bin/cv= ename.cgi?name=3D+CVE-2017-9230

(2) Announcement of CVE to Mailing List:
https://lists.linuxfound= ation.org/pipermail/bitcoin-dev/2017-May/014416.html

(3) Discussion of the perverse incentives created by 'ASICBOOST' by= Ryan Grant:
=C2=A0https://lists.linu= xfoundation.org/pipermail/bitcoin-dev/2017-May/014352.html
(4) Discussion of ASICBOOST's non-independent PoW calculation by Tier N= olan:
=C2=A0https://lists.linu= xfoundation.org/pipermail/bitcoin-dev/2017-May/014351.html
(5) Evidence of Active Exploit by Gregory Maxwell:
https://lists.linuxfou= ndation.org/pipermail/bitcoin-dev/2017-April/013996.html

_______________________________________________
bitcoin-dev mailing list
bitcoin-dev@lists.= linuxfoundation.org
https://lists.linuxfoundation.org= /mailman/listinfo/bitcoin-dev
--001a113d720ecd87b5055067c733--