1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
|
Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191]
helo=mx.sourceforge.net)
by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <pete@petertodd.org>) id 1USjz4-0003E9-Sm
for bitcoin-development@lists.sourceforge.net;
Thu, 18 Apr 2013 08:14:22 +0000
Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of petertodd.org
designates 62.13.149.78 as permitted sender)
client-ip=62.13.149.78; envelope-from=pete@petertodd.org;
helo=outmail149078.authsmtp.net;
Received: from outmail149078.authsmtp.net ([62.13.149.78])
by sog-mx-1.v43.ch3.sourceforge.com with esmtp (Exim 4.76)
id 1USjz3-0006j4-DP for bitcoin-development@lists.sourceforge.net;
Thu, 18 Apr 2013 08:14:22 +0000
Received: from mail-c226.authsmtp.com (mail-c226.authsmtp.com [62.13.128.226])
by punt8.authsmtp.com (8.14.2/8.14.2/Kp) with ESMTP id
r3I8EEeA064370; Thu, 18 Apr 2013 09:14:14 +0100 (BST)
Received: from savin (76-10-178-109.dsl.teksavvy.com [76.10.178.109])
(authenticated bits=128)
by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id r3I8E8UR031109
(version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO);
Thu, 18 Apr 2013 09:14:10 +0100 (BST)
Date: Thu, 18 Apr 2013 04:14:07 -0400
From: Peter Todd <pete@petertodd.org>
To: John Dillon <john.dillon892@googlemail.com>
Message-ID: <20130418081407.GC27888@savin>
References: <CANEZrP1yKeQMayFHsEUWtA3=q+v5rPAutjzEFVVHopPGNZ4jGQ@mail.gmail.com>
<453bfc69-b2ab-4992-9807-55270fbda0db@email.android.com>
<CANEZrP0z6W0ZDsytQ7Rcqb5L6rswn1wv8cbR7c383Dmpzu+gyg@mail.gmail.com>
<CAPaL=UVJd3mdd0bs6Oo9vFHnv_6RbFowjmp0tD-ZbOzZxJEJ3g@mail.gmail.com>
MIME-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="TiqCXmo5T1hvSQQg"
Content-Disposition: inline
In-Reply-To: <CAPaL=UVJd3mdd0bs6Oo9vFHnv_6RbFowjmp0tD-ZbOzZxJEJ3g@mail.gmail.com>
User-Agent: Mutt/1.5.21 (2010-09-15)
X-Server-Quench: f33a3f04-a7ff-11e2-98a9-0025907ec6c5
X-AuthReport-Spam: If SPAM / abuse - report it at:
http://www.authsmtp.com/abuse
X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR
aQdMdwoUGUUGAgsB AmUbW11eUVl7WGI7 bAxPbAVDY01GQQRq
WVdMSlVNFUsqAmUJ cxZ7MBlxdgRGcTBx ZkVmXj4NX0crdhB9
RlMFEjtQeGZhPWIC WUgJfh5UcAFPdx9C PwN5B3ZDAzANdhES
HhM4ODE3eDlSNilR RRkIIFQOdA4iGCI9 DzwFJn0hGldNWzV7
NRE+LlcXEUMcNFla
X-Authentic-SMTP: 61633532353630.1020:706
X-AuthFastPath: 0 (Was 255)
X-AuthSMTP-Origin: 76.10.178.109/587
X-AuthVirus-Status: No virus detected - but ensure you scan with your own
anti-virus system.
X-Spam-Score: -1.5 (-)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
-0.0 SPF_PASS SPF: sender matches SPF record
X-Headers-End: 1USjz3-0006j4-DP
Cc: bitcoin-development@lists.sourceforge.net
Subject: Re: [Bitcoin-development] Anti DoS for tx replacement
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Thu, 18 Apr 2013 08:14:23 -0000
--TiqCXmo5T1hvSQQg
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
On Thu, Apr 18, 2013 at 06:07:23AM +0000, John Dillon wrote:
> Gavin do you actually agree with Mike on this stuff like he implies?
> Because if you do, I think people should know. Myself I wouldn't want
> to be contributing to your salary as a foundation member if you don't
> take Bitcoin security seriously.
FWIW Gavin has spent quite a bit of time and effort ensuring that
Bitcoin is resistent to DoS attacks, as well as spearheading a move
towards better testing. The latter in particular is helpful against
chain-forking bugs, so better testing is very much a security issue. He
also spearheaded P2SH, and the current efforts to get a payment protocol
implemented. I'm less convinced about his stance against attackers that
pose a threat to the system as a whole, but it's not fair to accuse him
of not taking security seriously.
> Strict replacement by fee should be written so it can be tested
> properly and people in the Bitcoin ecosystem use proper security
> practices with regard to unconfirmed transactions. I'm willing to
> pledge $500USD to anyone who implements it. That is write the core
> functionality that does replacement by fee, and a simple 'undo' RPC
> command. I would do it myself but my programming is rusty.
You should clarify if you want this patch to compute fees recursively or
not, IE, should the patch include fees paid by child transactions in how
it computes the total fee the transaction pays. Doing this is
non-trivial, although Luke-Jr has written a patch to do this without
replacement: https://github.com/bitcoin/bitcoin/pull/1647
Also, clarify if you want unit-tests and similar things included in the
implementation.
--=20
'peter'[:-1]@petertodd.org
--TiqCXmo5T1hvSQQg
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQEcBAEBAgAGBQJRb6tPAAoJEH+rEUJn5PoED2kH/jid46nAJ1l6q1JdElWYmkJ6
HQq+2xgAt5doVOrcCK8g16XKcmPL5MSOc5d8ufpQrxe9rjq9Zp2fC6mmynGqXh0G
Y8rKpUDbAJfOH5HTvwOhevJ+BWXuao2U3PLqGn8pFEbgMAvTgVWd/mmyfiYf0usC
ukLs7lnf23TvjmYLhTdBphg0bjYFbNzPRowtSldYFtU5GgSuAXXhZSn3p5hs6jc+
ScdSAB60YumiwbOQN3zJIhPG6GoiZxzkqi9Q3HEYXZUhnlmxyZjZagv4ZNLQEhwn
hXfM97ESEbcnO7LLEq+SlbenGgqY8lDz7ZaxQKlqyg7bST7Y+qGEu3EsbaXr02U=
=i6FS
-----END PGP SIGNATURE-----
--TiqCXmo5T1hvSQQg--
|
