1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
|
Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192]
helo=mx.sourceforge.net)
by sfs-ml-4.v29.ch3.sourceforge.com with esmtp (Exim 4.76)
(envelope-from <etotheipi@gmail.com>) id 1YEgNy-0001Kb-Le
for bitcoin-development@lists.sourceforge.net;
Fri, 23 Jan 2015 15:43:02 +0000
Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of gmail.com
designates 209.85.216.174 as permitted sender)
client-ip=209.85.216.174; envelope-from=etotheipi@gmail.com;
helo=mail-qc0-f174.google.com;
Received: from mail-qc0-f174.google.com ([209.85.216.174])
by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128)
(Exim 4.76) id 1YEgNx-0000rD-M7
for bitcoin-development@lists.sourceforge.net;
Fri, 23 Jan 2015 15:43:02 +0000
Received: by mail-qc0-f174.google.com with SMTP id s11so6849711qcv.5
for <bitcoin-development@lists.sourceforge.net>;
Fri, 23 Jan 2015 07:42:56 -0800 (PST)
X-Received: by 10.224.4.74 with SMTP id 10mr10432404qaq.37.1422027776070;
Fri, 23 Jan 2015 07:42:56 -0800 (PST)
Received: from [192.168.1.28] (c-69-143-204-74.hsd1.md.comcast.net.
[69.143.204.74])
by mx.google.com with ESMTPSA id h6sm1746692qgh.32.2015.01.23.07.42.55
for <bitcoin-development@lists.sourceforge.net>
(version=TLSv1.2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
Fri, 23 Jan 2015 07:42:55 -0800 (PST)
Message-ID: <54C26BFE.1080103@gmail.com>
Date: Fri, 23 Jan 2015 10:42:54 -0500
From: Alan Reiner <etotheipi@gmail.com>
User-Agent: Mozilla/5.0 (X11; Linux i686 on x86_64;
rv:31.0) Gecko/20100101 Thunderbird/31.3.0
MIME-Version: 1.0
To: bitcoin-development@lists.sourceforge.net
References: <CAJna-HjwMRff_+7BvcR2YME9f2yUQPvfKOGZ1qq9d0nOGqORkg@mail.gmail.com>
<78662993-6C67-4480-8062-55CC9FA63908@bitsofproof.com>
In-Reply-To: <78662993-6C67-4480-8062-55CC9FA63908@bitsofproof.com>
Content-Type: multipart/alternative;
boundary="------------050708060006090709090707"
X-Spam-Score: -0.6 (/)
X-Spam-Report: Spam Filtering performed by mx.sourceforge.net.
See http://spamassassin.org/tag/ for more details.
-1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for
sender-domain
0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider
(etotheipi[at]gmail.com)
-0.0 SPF_PASS SPF: sender matches SPF record
1.0 HTML_MESSAGE BODY: HTML included in message
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from
author's domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature,
not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
X-Headers-End: 1YEgNx-0000rD-M7
Subject: Re: [Bitcoin-development] SIGHASH_WITHINPUTVALUE
X-BeenThere: bitcoin-development@lists.sourceforge.net
X-Mailman-Version: 2.1.9
Precedence: list
List-Id: <bitcoin-development.lists.sourceforge.net>
List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe>
List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development>
List-Post: <mailto:bitcoin-development@lists.sourceforge.net>
List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help>
List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>,
<mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe>
X-List-Received-Date: Fri, 23 Jan 2015 15:43:02 -0000
This is a multi-part message in MIME format.
--------------050708060006090709090707
Content-Type: text/plain; charset=windows-1252
Content-Transfer-Encoding: 7bit
Unfortunately, one major attack vector is someone isolating your node,
getting you to sign away your whole wallet to fee, and then selling it
to a mining pool to mine it before you can figure why your transactions
aren't making it to the network. In such an attack, the relay rules
aren't relevant, and if the attacker can DoS you for 24 hours, it
doesn't take a ton of mining power to make the attack extremely likely
to succeed.
On 01/23/2015 10:31 AM, Tamas Blummer wrote:
> Not a fix, but would reduce the financial risk, if nodes were not
> relaying excessive fee transactions.
>
> Tamas Blummer
>
>
--------------050708060006090709090707
Content-Type: text/html; charset=windows-1252
Content-Transfer-Encoding: 8bit
<html>
<head>
<meta content="text/html; charset=windows-1252"
http-equiv="Content-Type">
</head>
<body bgcolor="#FFFFFF" text="#000000">
Unfortunately, one major attack vector is someone isolating your
node, getting you to sign away your whole wallet to fee, and then
selling it to a mining pool to mine it before you can figure why
your transactions aren't making it to the network. In such an
attack, the relay rules aren't relevant, and if the attacker can DoS
you for 24 hours, it doesn't take a ton of mining power to make the
attack extremely likely to succeed.<br>
<br>
<br>
<br>
<br>
<div class="moz-cite-prefix">On 01/23/2015 10:31 AM, Tamas Blummer
wrote:<br>
</div>
<blockquote
cite="mid:78662993-6C67-4480-8062-55CC9FA63908@bitsofproof.com"
type="cite">
<meta http-equiv="Content-Type" content="text/html;
charset=windows-1252">
<div>Not a fix, but would reduce the financial risk, if nodes were
not relaying excessive fee transactions.</div>
<div><br>
</div>
<div apple-content-edited="true">
<div style="color: rgb(0, 0, 0); font-family: Helvetica;
font-size: 12px; font-style: normal; font-variant: normal;
font-weight: normal; letter-spacing: normal; line-height:
normal; orphans: auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: normal; widows: auto;
word-spacing: 0px; -webkit-text-stroke-width: 0px;">Tamas
Blummer</div>
<div style="color: rgb(0, 0, 0); font-family: Helvetica;
font-size: 12px; font-style: normal; font-variant: normal;
font-weight: normal; letter-spacing: normal; line-height:
normal; orphans: auto; text-align: start; text-indent: 0px;
text-transform: none; white-space: normal; widows: auto;
word-spacing: 0px; -webkit-text-stroke-width: 0px;"><br>
</div>
</div>
<br>
</blockquote>
<br>
</body>
</html>
--------------050708060006090709090707--
|
