Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 1A9E5B6B for ; Fri, 26 May 2017 08:02:33 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-lf0-f52.google.com (mail-lf0-f52.google.com [209.85.215.52]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 311B113D for ; Fri, 26 May 2017 08:02:32 +0000 (UTC) Received: by mail-lf0-f52.google.com with SMTP id h4so2098588lfj.3 for ; Fri, 26 May 2017 01:02:32 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=zvlOGkcHJ7MfsNDUOUYI39qXNW8MC7F8EOwmcded0cY=; b=keZMxFCuHBljYoyqDzalrU1mrr6qut36nz+OfAqErGHGQxF8XKzweC8AdDHIcDxFT4 dnmSvqcPomkZSQqHELgY/6RHa7LYhZN0A/5bif/VnYn+BgJEfeZaVbPALVphVxg6xtZl evGguRM2MxFPvv2NmFj+9kRqZEpBp0B9PYIy3tjg6cqi6EKlTgp3LzD5CdT5MAnbHQO6 gV9TUMxa8xIbq8O48mpk51M7n08MP0P1NRcUJKC31ngH53a2EU8Ly8Wyu5ap5rqYb70O bYQD82hfrNCgyOmdvoxb0VfMo7n3N1ZqGgZe/AW/oDh6D1EbPaI/kHPJ/+8PKZ+MRf7D qKyg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:subject:from:in-reply-to:date:cc :content-transfer-encoding:message-id:references:to; bh=zvlOGkcHJ7MfsNDUOUYI39qXNW8MC7F8EOwmcded0cY=; b=mAufoJptR6YMNUHCvPysUM/JZfGBRSUy3uGZJC2hwGibFUVS98PGwEJoL/dsN5cCYu Nk54LelTJ/SFPkgxeA08HEYpn45bFD1AJcUBwIAej2nRC27cjd4p2u61hEkNz8+7d9B8 KXGPqM0cwn/hkqOk9hUQ9KcmdW8zMqeh5TQ5DvIXqiZCiuNAzvt/mN/hE4TzvIAsau/6 k5JdmwWDjuCXnM2vfXKsyTMDiEipDw3Gy/0JZ+qEdZCOdyAbEGEwVAzmI/gNS/O+aqNV 0iH/oo/vp4v/6Lq0+VpFB+d4+vYNJr/2wgFECQmOD6pkbKkzFeLqtL71yy8luXDAIJnn pMHw== X-Gm-Message-State: AODbwcDwjQjUBxKxr9iahIKuxq20HEXFJu+2hWJVhekeYJenOmhCbmzB MRd2mnT5rt089g== X-Received: by 10.25.22.213 with SMTP id 82mr240431lfw.46.1495785750341; Fri, 26 May 2017 01:02:30 -0700 (PDT) Received: from [192.168.1.73] (37-145-225-221.broadband.corbina.ru. [37.145.225.221]) by smtp.gmail.com with ESMTPSA id u18sm27460lff.10.2017.05.26.01.02.28 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 26 May 2017 01:02:28 -0700 (PDT) Content-Type: text/plain; charset=utf-8 Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\)) From: Cameron Garnham In-Reply-To: Date: Fri, 26 May 2017 11:02:27 +0300 Content-Transfer-Encoding: quoted-printable Message-Id: <2E6BB6FA-65FF-497F-8AEA-4CC8655BAE69@gmail.com> References: To: "Andreas M. Antonopoulos" X-Mailer: Apple Mail (2.3273) X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE,RCVD_IN_SORBS_SPAM autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Cc: Bitcoin Protocol Discussion Subject: Re: [bitcoin-dev] Emergency Deployment of SegWit as a partial mitigation of CVE-2017-9230 X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 May 2017 08:02:33 -0000 Thank you for your reply Andreas, I can assure you that I have many motivations for activating SegWit. Before studding ASICBOOST I wanted to activate SegWit as it is a = wonderful upgrade for Bitcoin. It seems to me that virtually the entire = Bitcoin Ecosystem agrees with me. Except for around 67% of the mining = hash-rate who very conspicuously refuse to signal for it=E2=80=99s = activation.=20 So, I started searching for the motivations of such a large amount of = the mining hash-rate holding a position that isn=E2=80=99t at-all = represented in the wider Bitcoin Community. My study of ASICBOOST lead = to a =E2=80=98bingo=E2=80=99 moment: If one assumes that the 67% of the = hash rate that refuse to signal for SegWit are using ASICBOOST. The = entire picture of this political stalemate became much more = understandable. This only strengthened my resolve to activate SegWit: not only is SegWit = great, it partially mitigates a very serious security vulnerability. This is why I call into question why you would suggest: =E2=80=9CThis proposal is unnecessarily conflating two contentious = issues and will attract criticism of self serving motivation.=E2=80=9D 1. I am not conflating the issues. I would argue that very fact that = SegWit has not been activated yet is directly because of CVE-2017-9230. 2. I have no reason to believe that SegWit is contentious, except for = the attackers who it would frustrate. 3. I have no negative responses to my endeavours to get ASICBOOST as = regarded as a legitimate security vulnerability. This would suggest = that it is not contentious in the wider technical community. If SegWit is NOT contentious within the technical community and it is = NOT contentious to regard CVE-2017-9230 as a credible security = vulnerability. Then using it as partial security fix for a security = vulnerability SHOULD NOT be contentious. If you believe that SegWit is contentious within the technical = community. Or you believe CVE-2017-9230 should not be regarded as a = credible security vulnerability. Then I would logically agree with you = that we should separate the issues so that we may gain consensus. = However, I just don=E2=80=99t see this as the case. Cameron. > On 26 May 2017, at 09:52 , Andreas M. Antonopoulos = wrote: >=20 > I rarely post here, out of respect to the mailing list. But since my = name was mentioned...=20 >=20 > I much prefer Gregory Maxwell's proposal to defuse covert ASICBOOST = (only) with a segwit-like commitment to the coinbase which does not = obligate miners to signal Segwit or implement Segwit, thus disarming any = suspicion that the issue is being exploited only to activate Segwit. >=20 > This proposal is unnecessarily conflating two contentious issues and = will attract criticism of self serving motivation. >=20 > Politicising CVE is damaging to the long term bitcoin development and = to its security. Not claiming that is the intent here, but the damage is = done by the mere appearance of motive.=20 >=20 >=20 >=20 > On May 26, 2017 16:30, "Cameron Garnham via bitcoin-dev" = wrote: > Hello Bitcoin-Dev, >=20 > CVE-2017-9230 (1) (2), or commonly known as =E2=80=98ASICBOOST=E2=80=99 = is a severe (3) (4) and actively exploited (5) security vulnerability. >=20 > To learn more about this vulnerability please read Jeremy Rubin=E2=80=99= s detailed report: > http://www.mit.edu/~jlrubin//public/pdfs/Asicboost.pdf >=20 > Andreas Antonopoulos has an excellent presentation on why asicboost is = dangerous: > https://www.youtube.com/watch?v=3Dt6jJDD2Aj8k >=20 > In decisions on the #bitcoin-core-dev IRC channel; It was proposed, = without negative feedback, that SegWit be used as a partial-mitigation = of CVE-2017-9230. >=20 > SegWit partially mitigates asicboost with the common reasonable = assumption that any block that doesn=E2=80=99t include a witness commit = in it's coinbase transaction was mined using covert asicboost. Making = the use of covert asicboost far more conspicuous. >=20 > It was also proposed that this partial mitigation should be quickly = strengthened via another soft-fork that makes the inclusion of witness = commits mandatory, without negative feedback. >=20 > The security trade-offs of deploying a partial-mitigation to = CVE-2017-9230 quickly vs more slowly but more conservatively is under = intense debate. The author of this post has a strong preference to the = swiftest viable option. >=20 > Cameron. >=20 >=20 > (1) CVE Entry: > https://cve.mitre.org/cgi-bin/cvename.cgi?name=3D+CVE-2017-9230 >=20 > (2) Announcement of CVE to Mailing List: > = https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-May/014416.ht= ml >=20 > (3) Discussion of the perverse incentives created by 'ASICBOOST' by = Ryan Grant: > = https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-May/014352.ht= ml >=20 > (4) Discussion of ASICBOOST's non-independent PoW calculation by Tier = Nolan: > = https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-May/014351.ht= ml >=20 > (5) Evidence of Active Exploit by Gregory Maxwell: > = https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-April/013996.= html >=20 > _______________________________________________ > bitcoin-dev mailing list > bitcoin-dev@lists.linuxfoundation.org > https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev