1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
|
Delivery-date: Wed, 05 Feb 2025 16:57:28 -0800
Received: from mail-qt1-f188.google.com ([209.85.160.188])
by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256
(Exim 4.94.2)
(envelope-from <bitcoindev+bncBDL4XL646QOBB3ERSC6QMGQEQJYY2UA@googlegroups.com>)
id 1tfqCt-0002vN-He
for bitcoindev@gnusha.org; Wed, 05 Feb 2025 16:57:28 -0800
Received: by mail-qt1-f188.google.com with SMTP id d75a77b69052e-46791423fc9sf8919891cf.2
for <bitcoindev@gnusha.org>; Wed, 05 Feb 2025 16:57:27 -0800 (PST)
ARC-Seal: i=2; a=rsa-sha256; t=1738803441; cv=pass;
d=google.com; s=arc-20240605;
b=ROPAq3cEC4BXwXEq1qz3+gJFGen78M+Iy0PhDHDlYkJeHsmEJhcE1e6zy0oODJsEHt
ev4UbOdRk4Jmc/P74AdDENjs/R0QcxObY6ND3lcJUHEwILDMGWYXlZIHH1ODbkJMudxo
B6f4EsRbPvmCk/UT8wyjq8KHYyJcrCykF1nZdeVXOLRqHc8ajHc3zvIlRTqps9dC2Qx5
Kk2l+xSmQmLvluUDSEBlH6LOX90nkLvcRHQQJJnUnms+ma+PyZa05pMi+XV98f9DDzfV
LCyHJ0APZcD5wVW0mDVBQEVSwMReNlVlZtEY0gvClCkN2vs+UcOo1clqZwoIX70wABRG
PzKA==
ARC-Message-Signature: i=2; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:reply-to:mime-version:feedback-id
:message-id:subject:from:to:date:dkim-signature;
bh=iYa8N62VeS/+6Oa+5YiulcNdGgcwhO3FXIoyTeHj3ds=;
fh=TWtV/i8nCyNwmb8PpCf/7gpZW2BIdMKSTGUN+vCJ9Dg=;
b=Odubj3xZC5dL3i9yh44d3jdezWpKwnbXRKxBM9ASPGlfahQGaEFJr4+uOtCt0EQfB9
PLO5cVmQhuU5FR8ZEJ9c68zfGPrWyeQ+cvfX4pHU0N6IPtbsVNW24aMCS0e2cyy5ANqh
csO51E1PVDvYLGRwCJ6nCgdo4CA8jZXHV1hKv5QHlM8wRE/XT/01FcdhZkITIgJtJfZt
nhf29bZuH4FiZ4y9YgojVftyobpeBsq8sTUNWboSwBkkUMstobuFROEnairQP9GbIcdA
OVjeCnLv+7U5bsB+zSweTecdrSQt/FSK9uA+WvrBeWFmXKS5EgwyHfLiURzfdXW3YN/w
P6MA==;
darn=gnusha.org
ARC-Authentication-Results: i=2; gmr-mx.google.com;
dkim=pass header.i=@protonmail.com header.s=protonmail3 header.b=lxOvjbUA;
spf=pass (google.com: domain of darosior@protonmail.com designates 185.70.43.22 as permitted sender) smtp.mailfrom=darosior@protonmail.com;
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=protonmail.com
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=googlegroups.com; s=20230601; t=1738803441; x=1739408241; darn=gnusha.org;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:reply-to
:x-original-authentication-results:x-original-sender:mime-version
:feedback-id:message-id:subject:from:to:date:from:to:cc:subject:date
:message-id:reply-to;
bh=iYa8N62VeS/+6Oa+5YiulcNdGgcwhO3FXIoyTeHj3ds=;
b=nj2hPW8p00FRLt/bXXfJSAAQRlFF1nEhDAs/PvxWzUcvhrtKoF6woNZUZj6gARNZxK
nGiFLBTiJcUnuOR56XuRmzaU1E3EztPvbF4dyW2nCv2Ch7deqJY6OMdX9z1oHD/VIisQ
XPN0xY7I6qbZ7xhJPPADmcqHYRw3ay79gT1OetuF6C7oFmHWWCFT28H8dn/V5fclCwFI
B+/5Sw6KX/lVC0D9DSQRa8cbbL+SN5kOVMN+fQjzkn2ZEfMbM1jd38kLq3M4cYYMChdE
j3X0xl3mfI6qd2AcU4K3iMN2amHmWjUEqgeqppZZK9IkOw/tHWq7Vfso84dIau4MXY9q
kcQg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
d=1e100.net; s=20230601; t=1738803441; x=1739408241;
h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post
:list-id:mailing-list:precedence:reply-to
:x-original-authentication-results:x-original-sender:mime-version
:feedback-id:message-id:subject:from:to:date:x-beenthere
:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to;
bh=iYa8N62VeS/+6Oa+5YiulcNdGgcwhO3FXIoyTeHj3ds=;
b=MZmVQ6v0qGdSqFO+D0GzKcGDBD2VnRgVakrievKzkHtQO2gLv94dpUVvW7OJDCQ35k
irR2g3TY39kHb8Eo44ZJejrHiBkgp4Xz8yIOyg+E7TsngxF6SJCnt8Ds3fiHKG9aIRvw
mS0TsxanX87ymD3BxsWRrWwTPyGqTAJze3kM/xn7ghCC95GdC0Dczl4R0yQkkgP+4M1O
pSG8ndGkFsOZ9qJC92KMyzX4T5bB98HNRgY2dOiAkFtg04J+fsJ5ObKsHCugvyPxZ4nQ
xEwatunKsoWjx/Q8PVGMwSZxk+eB4TtbY4ykVS/2L6FOGWEeFlQMRGhkcN7a36a5KZFM
bwNA==
X-Forwarded-Encrypted: i=2; AJvYcCUT7KeN/umMP/m1CpYeZHaAz7Oknxb49F823Zwm9Weg0AqkvOwHAtyUvcL3irac1lotrvQj5hoXKEvu@gnusha.org
X-Gm-Message-State: AOJu0YzIW5uYtIQIz0tvyKiNVbIHw3Taiyz3yZRVDyUvys6RyEHgiRyF
oPJAz1e6F6WxKe0mGM5uCyy8O4TWgJIlJBr1IQddeZEXMyCPjb+A
X-Google-Smtp-Source: AGHT+IGzewGqPItvNoU6FqwkdqL16HEYIdPgtcquu+qk+8PcPDmTwZ4LuDkwPeT3Z1oY7EfR/+/7NQ==
X-Received: by 2002:a05:622a:229e:b0:467:83f1:71d9 with SMTP id d75a77b69052e-47028016243mr77079631cf.0.1738803439703;
Wed, 05 Feb 2025 16:57:19 -0800 (PST)
X-BeenThere: bitcoindev@googlegroups.com
Received: by 2002:a05:622a:418f:b0:467:5082:dafc with SMTP id
d75a77b69052e-47033119356ls1615561cf.2.-pod-prod-02-us; Wed, 05 Feb 2025
16:57:16 -0800 (PST)
X-Received: by 2002:a05:620a:4247:b0:7be:3cf0:d712 with SMTP id af79cd13be357-7c039fa5765mr580374985a.3.1738803436111;
Wed, 05 Feb 2025 16:57:16 -0800 (PST)
Received: by 2002:a05:620a:47d3:b0:7b6:d314:a4e5 with SMTP id af79cd13be357-7c038ff52b4ms85a;
Wed, 5 Feb 2025 10:09:56 -0800 (PST)
X-Received: by 2002:a05:6512:3d1b:b0:543:e4a3:7c41 with SMTP id 2adb3069b0e04-54405a1cd04mr1091974e87.29.1738778993190;
Wed, 05 Feb 2025 10:09:53 -0800 (PST)
ARC-Seal: i=1; a=rsa-sha256; t=1738778993; cv=none;
d=google.com; s=arc-20240605;
b=g9v9IcazMVDyW1/0Nkl+CVYgnfY0pIEd08U6DgQusFFK9894YgZsN/CgBPf4lhAkys
8JV3UXoQHp/TL8CpejRIcO9lfBc66Emns8Md5JcvAamxqm6c6M6yLpcsM+hQLZCK2EdL
uYk0U0yN+OfuqgJ7SG9DF5JuBq4UphiLTJZHb1Dg2UF1xaqub0aakpLFKP3QZzer0N5R
Mbeg8L3B7GkTUJ7ThJ6yOqCSLCVWm/09nePktXMZQbxoaAhcNC6vOCZ6tOGmS2T5BjVo
ZBxfT1R7a+kt47NZHJ5lnTK48c5fzaMH4pVCnU/fBwnOTj/MhIfHyqvD1471A4xzRSSz
/ZsA==
ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20240605;
h=content-transfer-encoding:mime-version:feedback-id:message-id
:subject:from:to:date:dkim-signature;
bh=EUtb8wznq/VNOeDyD4nu9TLWRjDzczggwLN4bUWFvMw=;
fh=DMP0F9ULS1guKiqimntQRCN8ZraraesEgQuVcn7F0Z0=;
b=ewfhF9OIyGfX4nInk5p6OoSmx2b92h0+tHwc0UC80n4cEgO8gm9AlwbLNV5t0aKmK/
inZrJcFqZstW1axDN0xYl1dQWHuQ7ElJhXgQtJTLAyaHGJdE5sq3stKP4rUuCcn28nuZ
8eoKl6ULMZekyKjBilsZDToOQVFeps8yTsHcVSAzLfFtmlZrG9lTTqWBetxQsLr1987q
n7ZQSLp3Q/O3QtmDWt0CYqqUo7NDbaeNYPBAbs68Dib6bRlb+vyJ2lHNmK9JRs8uhwLN
QPmzi5adkn3TeCUG14ZR7XAp9ahIBsZ0mMNYiA+JImE/qK7McpkJ3hdP5Dc/EodXUbbb
DgLQ==;
dara=google.com
ARC-Authentication-Results: i=1; gmr-mx.google.com;
dkim=pass header.i=@protonmail.com header.s=protonmail3 header.b=lxOvjbUA;
spf=pass (google.com: domain of darosior@protonmail.com designates 185.70.43.22 as permitted sender) smtp.mailfrom=darosior@protonmail.com;
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=protonmail.com
Received: from mail-4322.protonmail.ch (mail-4322.protonmail.ch. [185.70.43.22])
by gmr-mx.google.com with ESMTPS id 2adb3069b0e04-5440d217b83si6130e87.3.2025.02.05.10.09.53
for <bitcoindev@googlegroups.com>
(version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
Wed, 05 Feb 2025 10:09:53 -0800 (PST)
Received-SPF: pass (google.com: domain of darosior@protonmail.com designates 185.70.43.22 as permitted sender) client-ip=185.70.43.22;
Date: Wed, 05 Feb 2025 18:09:49 +0000
To: Bitcoin Development Mailing List <bitcoindev@googlegroups.com>
From: "'Antoine Poinsot' via Bitcoin Development Mailing List" <bitcoindev@googlegroups.com>
Subject: [bitcoindev] Update on the Great Consensus Cleanup Revival
Message-ID: <jiyMlvTX8BnG71f75SqChQZxyhZDQ65kldcugeIDJVJsvK4hadCO3GT46xFc7_cUlWdmOCG0B_WIz0HAO5ZugqYTuX5qxnNLRBn3MopuATI=@protonmail.com>
Feedback-ID: 7060259:user:proton
X-Pm-Message-ID: 017dd9a6636c54e1f64e72f4c37adf2d359028aa
MIME-Version: 1.0
Content-Type: text/plain; charset="UTF-8"
X-Original-Sender: darosior@protonmail.com
X-Original-Authentication-Results: gmr-mx.google.com; dkim=pass
header.i=@protonmail.com header.s=protonmail3 header.b=lxOvjbUA;
spf=pass (google.com: domain of darosior@protonmail.com designates
185.70.43.22 as permitted sender) smtp.mailfrom=darosior@protonmail.com;
dmarc=pass (p=QUARANTINE sp=QUARANTINE dis=NONE) header.from=protonmail.com
X-Original-From: Antoine Poinsot <darosior@protonmail.com>
Reply-To: Antoine Poinsot <darosior@protonmail.com>
Precedence: list
Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com
List-ID: <bitcoindev.googlegroups.com>
X-Google-Group-Id: 786775582512
List-Post: <https://groups.google.com/group/bitcoindev/post>, <mailto:bitcoindev@googlegroups.com>
List-Help: <https://groups.google.com/support/>, <mailto:bitcoindev+help@googlegroups.com>
List-Archive: <https://groups.google.com/group/bitcoindev
List-Subscribe: <https://groups.google.com/group/bitcoindev/subscribe>, <mailto:bitcoindev+subscribe@googlegroups.com>
List-Unsubscribe: <mailto:googlegroups-manage+786775582512+unsubscribe@googlegroups.com>,
<https://groups.google.com/group/bitcoindev/subscribe>
X-Spam-Score: -1.0 (-)
Hi everyone,
A bit over a year ago i started working on revisiting the 2019 Great Consensus Cleanup proposal from
Matt Corallo [0]. His proposal included:
- making <=64 bytes transactions invalid to fix merkle tree weaknesses;
- making non-pushonly scriptSigs, FindAndDelete matches, OP_CODESEPARATOR and non-standard sighash
types fail script validation to mitigate the worst case block validation time;
- restrict the nTime field of the first block in each difficulty adjustment interval to be no less
than 600 seconds lower than the previous block's;
I set out to research the impact of each of the vulnerabilities this intended to patch, the
alternative fixes possible for each and finally if there was any other protocol bug fix we'd want to
include if we went through the considerable effort of soft forking Bitcoin already.
Later in March i shared some first findings on Delving [1] and advertized the effort on this mailing
list [2]. I also created a companion thread on Delving, kept private, to discuss the details of the
worst case block validation time [3]. As one would expect due to the larger design space available
to fix this issue, this private thread is where most of the discussion would happen. Thank you to
everyone who contributed feedback, insights, ideas and argumented opinions on the different issues
all along the process.
Now i would like to update the broader Bitcoin development community on the outcome of this effort.
I believe a Consensus Cleanup proposal should include the following.
- A fix for vulnerabilities surrounding the use of timestamps in the difficulty adjustment
algorithm. In particular, a fix for the timewarp attack with a 7200 seconds grace period as well
as a fix for the Murch-Zawy attack [4] by making invalid any difficulty adjustment period with a
negative duration.
- A fix for long block validation times with a minimal "confiscation surface", by introducing a
per-transaction limit on the number of legacy sigops in the inputs.
- A fix for merkle tree weaknesses by making transactions which serialize to exactly 64 bytes
invalid.
- A fix for duplicate transactions to supplement BIP34 in order to avoid resuming unnecessary BIP30
validation in the future. This is achieved by mandating the nLockTime field of coinbase
transaction to be set to the height of their block minus 1.
I have started drafting a BIP draft with the detailed specs for this.
Antoine Poinsot
[0] https://github.com/TheBlueMatt/bips/blob/7f9670b643b7c943a0cc6d2197d3eabe661050c2/bip-XXXX.mediawiki
[1] https://delvingbitcoin.org/t/great-consensus-cleanup-revival/710
[2] https://groups.google.com/g/bitcoindev/c/CAfm7D5ppjo/m/bYJ3BiOuAAAJ
[3] https://delvingbitcoin.org/t/worst-block-validation-time-inquiry/711
[4] https://delvingbitcoin.org/t/zawy-s-alternating-timestamp-attack/1062#variant-on-zawys-attack-2
--
You received this message because you are subscribed to the Google Groups "Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an email to bitcoindev+unsubscribe@googlegroups.com.
To view this discussion visit https://groups.google.com/d/msgid/bitcoindev/jiyMlvTX8BnG71f75SqChQZxyhZDQ65kldcugeIDJVJsvK4hadCO3GT46xFc7_cUlWdmOCG0B_WIz0HAO5ZugqYTuX5qxnNLRBn3MopuATI%3D%40protonmail.com.
|
