Received-SPF: pass (sog-mx-4.v43.ch3.sourceforge.com: domain of gmail.com
	designates 209.85.219.52 as permitted sender)
	client-ip=209.85.219.52; envelope-from=mh.in.england@gmail.com;
	helo=mail-oa0-f52.google.com; 
MIME-Version: 1.0
Sender: mh.in.england@gmail.com
In-Reply-To: <20140204130312.GA23538@savin>
References: <1D8E0828-D07F-46EF-9F9F-5CA83AA9DB59@plan99.net>
	<20140204130312.GA23538@savin>
Date: Tue, 4 Feb 2014 14:13:12 +0100
Message-ID: <CANEZrP2NyvRKwSEZORjAOq6G7UqLv=F3FjxmGNTPMT10yWGxzw@mail.gmail.com>
From: Mike Hearn <mike@plan99.net>
To: Peter Todd <pete@petertodd.org>
Content-Type: multipart/alternative; boundary=047d7b342c96fdb84104f19466e4
Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] bitcoinj 0.11 released, with p2sh,
 bip39 and payment protocol support
Precedence: list

--047d7b342c96fdb84104f19466e4
Content-Type: text/plain; charset=UTF-8

Hah, good point. If nobody completes the homework, I'll post a fixed
version tomorrow :)


On Tue, Feb 4, 2014 at 2:03 PM, Peter Todd <pete@petertodd.org> wrote:

> On Tue, Feb 04, 2014 at 01:01:12PM +0100, Mike Hearn wrote:
> > Hello,
> >
> > I'm pleased to announce the release of bitcoinj 0.11, a library for
> writing Bitcoin applications that run on the JVM. BitcoinJ is widely used
> across the Bitcoin community; some users include Bitcoin Wallet for
> Android, MultiBit, Hive, blockchain.info, the biteasy.com block explorer
> (written in Lisp!), Circle, Neo/Bee (Cypriot payment network), bitpos.me,
> Bitcoin Touch, BlueMatt's relay network and DNS crawler, academic advanced
> contracts research and more.
> >
> > The release-0.11 git tag is signed by Andreas Schildbach's GPG key. The
> commit hash is 410d4547a7dd. This paragraph is signed by the same Bitcoin
> key as with previous releases (check their release announcements to
> establish continuity). Additionally, this email is signed using DKIM and
> for the first time, a key that was ID verified by the Swiss government.
> >
> > Key: 16vSNFP5Acsa6RBbjEA7QYCCRDRGXRFH4m
> > Signature for last paragraph:
> H3DvWBqFHPxKW/cdYUdZ6OHjbq6ZtC5PHK4ebpeiE+FqTHyRLJ58BItbC0R2vo77h+DthpQigdEZ0V8ivSM7VIg=
>
> The above makes for a great homework problem for budding cryptographers:
> Why did the three forms of signature, DKIM, long-lived bitcoin address,
> and Official Swiss Government Identity fail to let you actually verify
> you have the right code? (but make for great security theater)
>
> Bonus question: Who has the smallest work-factor for such an attack?
>
> Two rewards of 25mBTC for correct responses to each question from a
> crypto newbie.
>
> > Thanks to Mike Belshe, the wallet can now send to P2SH addresses.
>
> Thanks
>
> > Generated signatures now use canonical S values. This will aid a future
> hard-forking rule change which bans malleable signatures.
>
> Soft-forking rule change.
>
> --
> 'peter'[:-1]@petertodd.org
> 000000000000000075829f6169c79d7d5aaa20bfa8da6e9edb2393c4f8662ba0
>

--047d7b342c96fdb84104f19466e4
Content-Type: text/html; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

<div dir=3D"ltr">Hah, good point. If nobody completes the homework, I&#39;l=
l post a fixed version tomorrow :)</div><div class=3D"gmail_extra"><br><br>=
<div class=3D"gmail_quote">On Tue, Feb 4, 2014 at 2:03 PM, Peter Todd <span=
 dir=3D"ltr">&lt;<a href=3D"mailto:pete@petertodd.org" target=3D"_blank">pe=
te@petertodd.org</a>&gt;</span> wrote:<br>
<blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p=
x #ccc solid;padding-left:1ex"><div class=3D"im">On Tue, Feb 04, 2014 at 01=
:01:12PM +0100, Mike Hearn wrote:<br>
&gt; Hello,<br>
&gt;<br>
&gt; I&#39;m pleased to announce the release of bitcoinj 0.11, a library fo=
r writing Bitcoin applications that run on the JVM. BitcoinJ is widely used=
 across the Bitcoin community; some users include Bitcoin Wallet for Androi=
d, MultiBit, Hive, <a href=3D"http://blockchain.info" target=3D"_blank">blo=
ckchain.info</a>, the <a href=3D"http://biteasy.com" target=3D"_blank">bite=
asy.com</a> block explorer (written in Lisp!), Circle, Neo/Bee (Cypriot pay=
ment network), <a href=3D"http://bitpos.me" target=3D"_blank">bitpos.me</a>=
, Bitcoin Touch, BlueMatt&#39;s relay network and DNS crawler, academic adv=
anced contracts research and more.<br>

&gt;<br>
&gt; The release-0.11 git tag is signed by Andreas Schildbach&#39;s GPG key=
. The commit hash is 410d4547a7dd. This paragraph is signed by the same Bit=
coin key as with previous releases (check their release announcements to es=
tablish continuity). Additionally, this email is signed using DKIM and for =
the first time, a key that was ID verified by the Swiss government.<br>

&gt;<br>
&gt; Key: 16vSNFP5Acsa6RBbjEA7QYCCRDRGXRFH4m<br>
&gt; Signature for last paragraph: H3DvWBqFHPxKW/cdYUdZ6OHjbq6ZtC5PHK4ebpei=
E+FqTHyRLJ58BItbC0R2vo77h+DthpQigdEZ0V8ivSM7VIg=3D<br>
<br>
</div>The above makes for a great homework problem for budding cryptographe=
rs:<br>
Why did the three forms of signature, DKIM, long-lived bitcoin address,<br>
and Official Swiss Government Identity fail to let you actually verify<br>
you have the right code? (but make for great security theater)<br>
<br>
Bonus question: Who has the smallest work-factor for such an attack?<br>
<br>
Two rewards of 25mBTC for correct responses to each question from a<br>
crypto newbie.<br>
<div class=3D"im"><br>
&gt; Thanks to Mike Belshe, the wallet can now send to P2SH addresses.<br>
<br>
Thanks<br>
<br>
</div><div class=3D"im">&gt; Generated signatures now use canonical S value=
s. This will aid a future hard-forking rule change which bans malleable sig=
natures.<br>
<br>
</div>Soft-forking rule change.<br>
<span class=3D"HOEnZb"><font color=3D"#888888"><br>
--<br>
&#39;peter&#39;[:-1]@<a href=3D"http://petertodd.org" target=3D"_blank">pet=
ertodd.org</a><br>
000000000000000075829f6169c79d7d5aaa20bfa8da6e9edb2393c4f8662ba0<br>
</font></span></blockquote></div><br></div>

--047d7b342c96fdb84104f19466e4--