|
Title: Vulnerability found that affects privacy of OLD miners, including Satoshi Post by: Sergio_Demian_Lerner on April 17, 2013, 11:15:51 AM Check the thread https://bitcointalk.org/index.php?topic=178629.0 or my blog http://bitslog.wordpress.com/2013/04/17/the-well-deserved-fortune-of-satoshi-nakamoto/.
The loss of anonymity can give Bitcoin economists and historians a great opportunity to compute interesting metrics about mining in general and the role of Satoshi in the project inception years. The vulnerability relies on the use of the extraNonce field. The extraNonce fields increments every time the nonce fields (which is 32 bits) overflows, so it's a slow realtime clock, until the application is restarted, in which case it goes back to 1. GMaxwell have carefully analyzed each version and found that only the oldest ones were vulnerable, but not after October 2010 (e.g. v0.3.14) . Best regards, Sergio. Title: Re: Vulnerability found that affects privacy of miners, including Satoshi Post by: Rampion on April 17, 2013, 11:19:35 AM Sergio: you are brilliant.
Thanks for your work! Title: Re: Vulnerability found that affects privacy of miners, including Satoshi Post by: gmaxwell on April 17, 2013, 11:41:32 AM I haven't checked all versions of the Satoshi client, but I believe all are affected by the vulnerability. When you say you haven't checked 'all versions' you mean to say 'any versions except one really old one'?Currently it's reset on every block: Code: if (hashPrevBlock != pblock->hashPrevBlock) I don't mind correcting you because that took all of two seconds ... but ... really? "vulnerability"? What is your motivation in not spending two seconds to actually look before claiming that "all are affected by the vulnerability"? Even back in October 2010 (e.g. v0.3.14): Code: if (nNewTime != pblock->nTime && bnExtraNonce > 10) Title: Re: Vulnerability found that affects privacy of miners, including Satoshi Post by: Sergio_Demian_Lerner on April 17, 2013, 11:55:51 AM Great GMaxwell!
Now we see your work with mine work can be complemented. It didn't understood the "if (hashPrevBlock != pblock->hashPrevBlock)" line of code, so I thought the counter only reset on orphan blocks.. Title: Re: Vulnerability found that affects privacy of miners, including Satoshi Post by: gmaxwell on April 17, 2013, 12:16:52 PM so I thought the counter only reset on orphan blocks.. Why did you claim it was only reset on restart?Title: Re: Vulnerability found that affects privacy of OLD miners, including Satoshi Post by: 🏰 TradeFortress 🏰 on April 17, 2013, 12:20:43 PM Nice find Sergio. Quite old vulnerability through
Title: Re: Vulnerability found that affects privacy of miners, including Satoshi Post by: Sergio_Demian_Lerner on April 17, 2013, 01:37:52 PM so I thought the counter only reset on orphan blocks.. Why did you claim it was only reset on restart?Because I know nothing about Bitcoin. If you paid me a salary I would spend time checking every word I said. Because I'm not being paid, I use vague words so people that work on Bitcoin AS A JOB can go and check all the infinite ramifications of my words, and they should, because their money is at stake and I'm a human being that can be mistaken. Title: Re: Vulnerability found that affects privacy of OLD miners, including Satoshi Post by: gmaxwell on April 17, 2013, 04:04:40 PM I hereby grant you exactly the salary I receive for working on Bitcoin. :P
|