1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
|
Return-Path: <laanwj@gmail.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id BEC8C1389
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 1 Sep 2015 18:03:21 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.7.6
Received: from mail-wi0-f180.google.com (mail-wi0-f180.google.com
[209.85.212.180])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 19870170
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 1 Sep 2015 18:03:21 +0000 (UTC)
Received: by wicjd9 with SMTP id jd9so41772326wic.1
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 01 Sep 2015 11:03:20 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113;
h=date:from:to:cc:subject:message-id:references:mime-version
:content-type:content-disposition:in-reply-to;
bh=XDtHTonWjl12OcxNfmvV40cP4taLSrhc22kcJ7xEomo=;
b=O35oRmcNWHlyA/pfXVl+7mg6VylTMD9lgQGUEUbogCN409vQYaJhZal8ST9IsPyXQr
HBcXwZ+EUQ3wyHMvTj9kAYqsVJqt4LnBSi1yhbt8tz8rSI8Hr+N6svLLY3Pl6lIAf9TL
Im62ulbDe39cO/oWXs7HLOEVrmWAiZXW6JOiZOn/p05GIY+pcjRk4FlyUvE+zlEstTzS
8aigeftKzV53hu63MNOfGr4W0/9jhRvxtlt0g74sLFbC+0Kqe6sYPWgXUq8IeaDzKeVn
nqsAxjA9+W5DcGdztp/UvN8iHcprLFHIttyF8c+cQHcET4kpCKw4GTVdUsTDSvoW8ipj
mKWQ==
X-Received: by 10.180.104.68 with SMTP id gc4mr5014790wib.67.1441130599858;
Tue, 01 Sep 2015 11:03:19 -0700 (PDT)
Received: from amethyst.visucore.com (dhcp-089-098-228-253.chello.nl.
[89.98.228.253]) by smtp.gmail.com with ESMTPSA id
cd16sm3860745wib.19.2015.09.01.11.03.18
(version=TLS1_2 cipher=AES128-SHA256 bits=128/128);
Tue, 01 Sep 2015 11:03:19 -0700 (PDT)
Date: Tue, 1 Sep 2015 20:03:34 +0200
From: "Wladimir J. van der Laan" <laanwj@gmail.com>
To: Monarch <monarch@cock.li>
Message-ID: <20150901180333.GA3914@amethyst.visucore.com>
References: <CAGH37S+daPddzwo1bJ0sPs3RfLOE63TPkCrc-X6qhNw7nu6=Xg@mail.gmail.com>
<e5c1d53a1387dce141d30c9eee6ee2ce@cock.li>
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
In-Reply-To: <e5c1d53a1387dce141d30c9eee6ee2ce@cock.li>
X-Spam-Status: No, score=-2.7 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID, DKIM_VALID_AU, FREEMAIL_FROM,
RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
Cc: bitcoin-dev@lists.linuxfoundation.org
Subject: Re: [bitcoin-dev] push tx fuzzing
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Development Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Tue, 01 Sep 2015 18:03:21 -0000
On Tue, Sep 01, 2015 at 04:59:15PM +0000, Monarch via bitcoin-dev wrote:
> which uses Bitcoin Core for validation. If they aren't validating
> transactions before broadcast they won't make it more than a single
> hop through the P2P the network so they are of minimum concern.
blockchain.info had some problems here for a while. They were not using a full validating node underneath:
- Signatures were not verified properly. This resulted in some panic when it looked like (on their site) a massive number of very old coins were being spent.
- They were relaying loose coinbase transactions. This caused them to be instantly banned from nodes they were connected to.
So there's certainly some scope for fun with fuzzing those APIs.
Wladimir
|
