Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1UO5Vx-0005PR-89 for bitcoin-development@lists.sourceforge.net; Fri, 05 Apr 2013 12:13:05 +0000 Received-SPF: pass (sog-mx-1.v43.ch3.sourceforge.com: domain of petertodd.org designates 62.13.148.100 as permitted sender) client-ip=62.13.148.100; envelope-from=pete@petertodd.org; helo=outmail148100.authsmtp.co.uk; Received: from outmail148100.authsmtp.co.uk ([62.13.148.100]) by sog-mx-1.v43.ch3.sourceforge.com with esmtp (Exim 4.76) id 1UO5Vv-0002Ok-Eo for bitcoin-development@lists.sourceforge.net; Fri, 05 Apr 2013 12:13:05 +0000 Received: from mail-c233.authsmtp.com (mail-c233.authsmtp.com [62.13.128.233]) by punt5.authsmtp.com (8.14.2/8.14.2/Kp) with ESMTP id r35CCtCM058293; Fri, 5 Apr 2013 13:12:55 +0100 (BST) Received: from savin (76-10-178-109.dsl.teksavvy.com [76.10.178.109]) (authenticated bits=128) by mail.authsmtp.com (8.14.2/8.14.2/) with ESMTP id r35CCpe3065538 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES128-SHA bits=128 verify=NO); Fri, 5 Apr 2013 13:12:54 +0100 (BST) Date: Fri, 5 Apr 2013 08:12:51 -0400 From: Peter Todd To: Melvin Carvalho Message-ID: <20130405121251.GA18254@savin> References: MIME-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="AhhlLboLdkugWU4S" Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) X-Server-Quench: 25447145-9dea-11e2-a49c-0025907707a1 X-AuthReport-Spam: If SPAM / abuse - report it at: http://www.authsmtp.com/abuse X-AuthRoute: OCd2Yg0TA1ZNQRgX IjsJECJaVQIpKltL GxAVKBZePFsRUQkR aQdMdgcUGUUGAgsB AmUbWldeUV97XGc7 bAxPbAVDY01GQQRq WVdMSlVNFUsqAhly dV5LURl0cgBFcDB5 ZkdgEHJeWEB9dEJ4 X0cAQDwbZGY1an1O VEkLagNUcgZDfhhC alcuVT1vNG8XDQg5 AwQ0PjZ0MThBJSBS WgQAK04nCW9DGz86 RhYNVS0oGklNTjl7 c0JrQmv9 X-Authentic-SMTP: 61633532353630.1021:706 X-AuthFastPath: 0 (Was 255) X-AuthSMTP-Origin: 76.10.178.109/587 X-AuthVirus-Status: No virus detected - but ensure you scan with your own anti-virus system. X-Spam-Score: -1.5 (-) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain -0.0 SPF_PASS SPF: sender matches SPF record X-Headers-End: 1UO5Vv-0002Ok-Eo Cc: Bitcoin Dev Subject: Re: [Bitcoin-development] A mining pool at 46% X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 05 Apr 2013 12:13:05 -0000 --AhhlLboLdkugWU4S Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Apr 05, 2013 at 12:13:23PM +0200, Melvin Carvalho wrote: > Totally see the logic of this, and it makes sense. But I dont think the > only risk is in terms of double spend, but rather >=20 > 1) vandalize the block chain which may be difficult to unwind? Vandalize the chain how? By delibrately triggering bugs? (like the old OP_CHECKSIG abuse problem) Regardless of whether or not the vulnerability requires multiple blocks in a row, the underlying problem should be fixed. By putting illegal data into it? Fundementally we have no way to prevent people from doing that other than by making it expensive. An attacker having a lot of hashing power just means they can do so faster and a bit cheaper. --=20 'peter'[:-1]@petertodd.org --AhhlLboLdkugWU4S Content-Type: application/pgp-signature; name="signature.asc" Content-Description: Digital signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (GNU/Linux) iQEcBAEBAgAGBQJRXr/CAAoJEH+rEUJn5PoE1MsH/i6wLt5C1OSCWsfDK4ppVk6u M5MIbdbwIgPB5mKrirt36i69isQ/7UlulLffU3mvG/ZoKgHZwFqu5X8Q+dKup0v/ XkoLjAazBulNo9no56KmgR20O9SpnIfJitv2W7/w7HJsrlDvQiclM+yt4NnZN7Ef tybddiCgSd7T9sYwJBJISOH6iBB3zP/UY0jWYvnT/EiY1cGjda2kfZsmu5SEJZsG I06GnXMrAgykpH44NUP6r3vcOzL2sqmsSn7Re3FufEeZXZZg7mYXECQtyXoOwTwq 7LZpMv+ufe/SZ1TPOlsjQy2vSRaDIJlDW9h5xVRP4VGe8KGd6BWOwb4n6vXJ3WM= =1hMd -----END PGP SIGNATURE----- --AhhlLboLdkugWU4S--