1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
|
Return-Path: <contact@taoeffect.com>
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
[172.17.192.35])
by mail.linuxfoundation.org (Postfix) with ESMTPS id 5F105955
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 6 Jun 2017 23:12:31 +0000 (UTC)
X-Greylist: from auto-whitelisted by SQLgrey-1.7.6
Received: from homiemail-a38.g.dreamhost.com (homie.mail.dreamhost.com
[208.97.132.208])
by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 8F95F15F
for <bitcoin-dev@lists.linuxfoundation.org>;
Tue, 6 Jun 2017 23:12:27 +0000 (UTC)
Received: from homiemail-a38.g.dreamhost.com (localhost [127.0.0.1])
by homiemail-a38.g.dreamhost.com (Postfix) with ESMTP id 108FF10AFB5;
Tue, 6 Jun 2017 16:12:27 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha1; c=relaxed; d=taoeffect.com; h=
content-type:mime-version:subject:from:in-reply-to:date:cc
:message-id:references:to; s=taoeffect.com; bh=gxmjHt9SVdM1h1B1g
4SMNOYnKkE=; b=atwyrQ9+M8xjDZvB63Rw8z01Nex8h0QxDwpx2XjSUKvvHDg48
ugfwqygFnlzdrwX9wJcBL5N/GrjViHPJaZoIvEae2d/2/R+qTfvxyA8/EaON7SgC
f3iI9awen1KogkAUsXTMuMhSWMTgzudF28YhptwGAK9iyIaF1k9kGDpLDc=
Received: from [192.168.42.64] (184-23-255-227.fiber.dynamic.sonic.net
[184.23.255.227])
(using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
(No client certificate requested)
(Authenticated sender: contact@taoeffect.com)
by homiemail-a38.g.dreamhost.com (Postfix) with ESMTPSA id DE86310AFB0;
Tue, 6 Jun 2017 16:12:26 -0700 (PDT)
Content-Type: multipart/signed;
boundary="Apple-Mail=_0BD8C917-84BF-42C4-838A-CABA3B5FDA63";
protocol="application/pgp-signature"; micalg=pgp-sha512
Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\))
From: Tao Effect <contact@taoeffect.com>
In-Reply-To: <CAAS2fgSU+UtbJSSAhf0-Sd0GH-RGnZmv+WHWtFV2zHFW2q6_yg@mail.gmail.com>
Date: Tue, 6 Jun 2017 16:12:26 -0700
X-Mao-Original-Outgoing-Id: 518483546.214948-ccdee8c8a2381643cac7bf9da1a27a3c
Message-Id: <7117CE7C-3C6F-4342-8A43-072605EB3D1E@taoeffect.com>
References: <31833011-7179-49D1-A07E-8FD9556C4534@taoeffect.com>
<CAAS2fgSU+UtbJSSAhf0-Sd0GH-RGnZmv+WHWtFV2zHFW2q6_yg@mail.gmail.com>
To: Gregory Maxwell <greg@xiph.org>
X-Mailer: Apple Mail (2.3273)
X-Spam-Status: No, score=-2.0 required=5.0 tests=BAYES_00,DKIM_SIGNED,
DKIM_VALID, DKIM_VALID_AU, HTML_MESSAGE,
RCVD_IN_DNSWL_NONE autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
smtp1.linux-foundation.org
X-Mailman-Approved-At: Tue, 06 Jun 2017 23:22:18 +0000
Cc: Bitcoin Dev <bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] Replay attacks make BIP148 and BIP149 untennable
X-BeenThere: bitcoin-dev@lists.linuxfoundation.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: Bitcoin Protocol Discussion <bitcoin-dev.lists.linuxfoundation.org>
List-Unsubscribe: <https://lists.linuxfoundation.org/mailman/options/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=unsubscribe>
List-Archive: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/>
List-Post: <mailto:bitcoin-dev@lists.linuxfoundation.org>
List-Help: <mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=help>
List-Subscribe: <https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev>,
<mailto:bitcoin-dev-request@lists.linuxfoundation.org?subject=subscribe>
X-List-Received-Date: Tue, 06 Jun 2017 23:12:31 -0000
--Apple-Mail=_0BD8C917-84BF-42C4-838A-CABA3B5FDA63
Content-Type: multipart/alternative;
boundary="Apple-Mail=_C5232B32-55E4-4545-A3E5-425A67E7309D"
--Apple-Mail=_C5232B32-55E4-4545-A3E5-425A67E7309D
Content-Transfer-Encoding: quoted-printable
Content-Type: text/plain;
charset=us-ascii
Hey Greg,
It wasn't my intention to insult anyone (a bit defensive?).
Maybe this is yet another example of a recurring criticism of Core: that =
core doesn't community these issues very well to journalists / reports / =
media / community outside of this list.
Because outside of this list it's been all about those 148 coins, and =
almost zero mention of replay attacks.
> BIP149 is arguably something of another matter in particular because
> it has a time-frame that allows dealing with replay and other issues--
> and particularly because it has a time-frame that can allow for the
> avoidance of a meaningful fork at all.
Are there other, more reasonable / feasible ways of addressing replay =
attacks in Bitcoin / BIP149 scenario?
Cheers,
Greg
--
Please do not email me anything that you are not comfortable also =
sharing with the NSA.
> On Jun 6, 2017, at 4:02 PM, Gregory Maxwell <greg@xiph.org =
<mailto:greg@xiph.org>> wrote:
>=20
> On Tue, Jun 6, 2017 at 10:39 PM, Tao Effect via bitcoin-dev
> <bitcoin-dev@lists.linuxfoundation.org =
<mailto:bitcoin-dev@lists.linuxfoundation.org>> wrote:
>> I believe the severity of replay attacks is going unvoiced and is not
>> understood within the bitcoin community because of their lack of =
experience
>> with them.
>=20
> Please don't insult our community-- the issues with replay were
> pointed out by us to Ethereum in advance and were cited specifically
> in prior hardfork discussions long before Ethereum started editing
> their ledger for the economic benefit of its centralized
> administrators.
>=20
> The lack of extensive discussion on these issues you're seeing is
> rather symptomatic of engineers that take stability seriously not
> taking BIP148 seriously; not symptomatic of people not knowing about
> them. The same concerns also applies to all these HF proposals (which
> for some reason you don't mention), arguably even stronger. The same
> basic pattern exists: There are people that just don't care about the
> technical issues who have made up their minds, and so you don't see
> technical discussion. Those people who do see the issues already
> called out the proposals as being ill-advised. Replay isn't even the
> largest of the technical issues (network partitioning, for example, is
> a much larger one).
>=20
> BIP149 is arguably something of another matter in particular because
> it has a time-frame that allows dealing with replay and other issues--
> and particularly because it has a time-frame that can allow for the
> avoidance of a meaningful fork at all.
--Apple-Mail=_C5232B32-55E4-4545-A3E5-425A67E7309D
Content-Transfer-Encoding: quoted-printable
Content-Type: text/html;
charset=us-ascii
<html><head><meta http-equiv=3D"Content-Type" content=3D"text/html =
charset=3Dus-ascii"><meta http-equiv=3D"Content-Type" content=3D"text/html=
charset=3Dus-ascii"></head><body style=3D"word-wrap: break-word; =
-webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" =
class=3D"">Hey Greg,<div class=3D""><br class=3D""></div><div =
class=3D"">It wasn't my intention to insult anyone (a bit =
defensive?).<div class=3D""><br class=3D""></div><div class=3D"">Maybe =
this is yet another example of a recurring criticism of Core: that core =
doesn't community these issues very well to journalists / reports / =
media / community outside of this list.</div><div class=3D""><br =
class=3D""></div><div class=3D"">Because outside of this list it's been =
all about those 148 coins, and almost zero mention of replay =
attacks.</div><div class=3D""><br class=3D""></div><div =
class=3D""><blockquote type=3D"cite" class=3D"">BIP149 is arguably =
something of another matter in particular because<br class=3D"">it has a =
time-frame that allows dealing with replay and other issues--<br =
class=3D"">and particularly because it has a time-frame that can allow =
for the<br class=3D"">avoidance of a meaningful fork at all.<br =
class=3D""></blockquote><div class=3D""><br class=3D""></div><div =
class=3D"">Are there other, more reasonable / feasible ways of =
addressing replay attacks in Bitcoin / BIP149 scenario?</div><div =
class=3D""><br class=3D"webkit-block-placeholder"></div><div =
class=3D"">Cheers,</div><div class=3D"">Greg</div><div class=3D"">
<span style=3D"color: rgb(0, 0, 0); font-family: Helvetica; font-size: =
14px; font-style: normal; font-variant-caps: normal; font-weight: =
normal; letter-spacing: normal; text-align: start; text-indent: 0px; =
text-transform: none; white-space: normal; word-spacing: 0px; =
-webkit-text-stroke-width: 0px; font-variant-ligatures: normal; =
font-variant-position: normal; font-variant-numeric: normal; =
font-variant-alternates: normal; font-variant-east-asian: normal; =
line-height: normal; orphans: 2; widows: 2;" class=3D""><br =
class=3D"Apple-interchange-newline">--</span><br style=3D"color: rgb(0, =
0, 0); font-family: Helvetica; font-size: 14px; font-style: normal; =
font-variant-caps: normal; font-weight: normal; letter-spacing: normal; =
text-align: start; text-indent: 0px; text-transform: none; white-space: =
normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; =
font-variant-ligatures: normal; font-variant-position: normal; =
font-variant-numeric: normal; font-variant-alternates: normal; =
font-variant-east-asian: normal; line-height: normal; orphans: 2; =
widows: 2;" class=3D""><span style=3D"color: rgb(0, 0, 0); font-family: =
Helvetica; font-size: 14px; font-style: normal; font-variant-caps: =
normal; font-weight: normal; letter-spacing: normal; text-align: start; =
text-indent: 0px; text-transform: none; white-space: normal; =
word-spacing: 0px; -webkit-text-stroke-width: 0px; =
font-variant-ligatures: normal; font-variant-position: normal; =
font-variant-numeric: normal; font-variant-alternates: normal; =
font-variant-east-asian: normal; line-height: normal; orphans: 2; =
widows: 2;" class=3D"">Please do not email me anything that you are not =
comfortable also sharing</span><span style=3D"color: rgb(0, 0, 0); =
font-family: Helvetica; font-size: 14px; font-style: normal; =
font-variant-caps: normal; font-weight: normal; letter-spacing: normal; =
text-align: start; text-indent: 0px; text-transform: none; white-space: =
normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; =
font-variant-ligatures: normal; font-variant-position: normal; =
font-variant-numeric: normal; font-variant-alternates: normal; =
font-variant-east-asian: normal; line-height: normal; orphans: 2; =
widows: 2;" class=3D""> with the NSA.</span>
</div>
<br class=3D""><div><blockquote type=3D"cite" class=3D""><div =
class=3D"">On Jun 6, 2017, at 4:02 PM, Gregory Maxwell <<a =
href=3D"mailto:greg@xiph.org" class=3D"">greg@xiph.org</a>> =
wrote:</div><br class=3D"Apple-interchange-newline"><div class=3D""><div =
class=3D"">On Tue, Jun 6, 2017 at 10:39 PM, Tao Effect via =
bitcoin-dev<br class=3D""><<a =
href=3D"mailto:bitcoin-dev@lists.linuxfoundation.org" =
class=3D"">bitcoin-dev@lists.linuxfoundation.org</a>> wrote:<br =
class=3D""><blockquote type=3D"cite" class=3D"">I believe the severity =
of replay attacks is going unvoiced and is not<br class=3D"">understood =
within the bitcoin community because of their lack of experience<br =
class=3D"">with them.<br class=3D""></blockquote><br class=3D"">Please =
don't insult our community-- the issues with replay were<br =
class=3D"">pointed out by us to Ethereum in advance and were cited =
specifically<br class=3D"">in prior hardfork discussions long before =
Ethereum started editing<br class=3D"">their ledger for the economic =
benefit of its centralized<br class=3D"">administrators.<br class=3D""><br=
class=3D"">The lack of extensive discussion on these issues you're =
seeing is<br class=3D"">rather symptomatic of engineers that take =
stability seriously not<br class=3D"">taking BIP148 seriously; not =
symptomatic of people not knowing about<br class=3D"">them. The same =
concerns also applies to all these HF proposals (which<br class=3D"">for =
some reason you don't mention), arguably even stronger. The =
same<br class=3D"">basic pattern exists: There are people that just =
don't care about the<br class=3D"">technical issues who have made up =
their minds, and so you don't see<br class=3D"">technical discussion. =
Those people who do see the issues already<br class=3D"">called =
out the proposals as being ill-advised. Replay isn't even =
the<br class=3D"">largest of the technical issues (network partitioning, =
for example, is<br class=3D"">a much larger one).<br class=3D""><br =
class=3D"">BIP149 is arguably something of another matter in particular =
because<br class=3D"">it has a time-frame that allows dealing with =
replay and other issues--<br class=3D"">and particularly because it has =
a time-frame that can allow for the<br class=3D"">avoidance of a =
meaningful fork at all.<br class=3D""></div></div></blockquote></div><br =
class=3D""></div></div></body></html>=
--Apple-Mail=_C5232B32-55E4-4545-A3E5-425A67E7309D--
--Apple-Mail=_0BD8C917-84BF-42C4-838A-CABA3B5FDA63
Content-Transfer-Encoding: 7bit
Content-Disposition: attachment;
filename=signature.asc
Content-Type: application/pgp-signature;
name=signature.asc
Content-Description: Message signed with OpenPGP
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCgAGBQJZNzbaAAoJEOxnICvpCVJH2NAP/1weE6JxAUcP0axh4UVJKEpk
oS0LOceuDM6A7+Hc7tumoNq+2wRhZER5g0PBMPMqHrpeVeuVPN02Pse0Wu8boV8b
7odg9I415pixHzaZ/4NFxT++x19HYBL/rO40QFs7QMgpjkvoDiqkDsozJTiifviH
m/5UBHefvXXWrIwle7vNBzFqjR3wwYSMZfU/oqWH03WAL6l21IW7/gVrjPRUJnFI
rgskk+FUSR9Mt3YIa9xVQpmwZzLDN+9wRluKrO/3qjXiyXPuXuPFEjdjiJJkEfLY
EUel6D1z1yGLfZ5hkm/CebALX2dWulxx8rjd7VOkWUUitliL6hStNtsCjewgjl9n
qhp0DNPP4QVEbb1VLGttoDmBVlXUW1zp2vLIOWs352pQPYNcug83FLfMUoq/H2Ol
ibwy4E+ZQDR7e4Y9dSdTz+uhYjTEmy7GbP/cIxyZiiytocSAliVsWp985ZeCWQpe
6hMCHzGTllABsijEl4ZrAT+Cv1f70uW225N+D8BXBxmgwpH6j/UEezKM6vTOmmq8
hsqCKVgkcEoj0v1UWD60kkFDJw1lrygpAapQdvyqcUHhCwp6S5t498nRr7w5quqF
tWE3r18T3DG5AcEZD74Bbt120NByVMSyWAdAlnYMFn+7sxbf/hiRM4NGl4NK6CEo
4sD6BdTmrgDHxQzKlqVr
=MufQ
-----END PGP SIGNATURE-----
--Apple-Mail=_0BD8C917-84BF-42C4-838A-CABA3B5FDA63--
|