2941
|
Bitcoin / Development & Technical Discussion / Re: [IMP] Malleability : Attack scheme
|
on: February 10, 2014, 08:57:07 PM
|
so ... is it possible to modify the script such that is has more rules that make the recipient unable to receive the coins in some circumstances now that transaction have available extra script operations?
No. The scriptpubkeys are under signature, otherwise you could just steal the output of people's transactions. All of the mutants possible are functionally identical (ignoring the node-local rules that may refuse to relay some forms, and the txid).
|
|
|
2942
|
Bitcoin / Development & Technical Discussion / Re: [IMP] Malleability : Attack scheme
|
on: February 10, 2014, 07:42:19 PM
|
The only safe way to reissue a transaction is to double-spend the original transaction in progress. This eliminates the entire class of user-got-paid-twice vulnerability. To do otherwise is insane: You're giving someone a check, and then a second check— and never canceling the first.
|
|
|
2943
|
Economy / Service Discussion / Re: New Mt Gox Press Release - Feb 10 - they are claiming flaw in bitcoin protocol !
|
on: February 10, 2014, 05:13:03 PM
|
Had Mt Gox been competent at all when designing their custom wallet software, they would have noted that tx-ids are mutable
You overstate your case, unless you wish to argue that Satoshi was not competent. In any case, the reissue fraud is more or less independent of mutation. The way you protect yourself against double payment when reissuing is that you must spend at least some of the same coins so that only one transaction or the other can get mined. If you do this, no amount of mutation will result in funds loss (though it might confuse people!), if you don't do this then you can still have payments doubled up even with no mutation at all. (E.g. first payment delay, second authored, second gets confirmed, first gets rebroadcast and makes it in too).
|
|
|
2944
|
Economy / Service Discussion / Re: New Mt Gox Press Release - Feb 10 - they are claiming flaw in bitcoin protocol !
|
on: February 10, 2014, 01:30:49 PM
|
Is it actually a flaw in the Bitcoin protocol, or something wrong with Gox's software? Allowing fraud? Thats exclusively a problem with Gox's transaction handling practices and really has little to do with malleability (which is a long known, usually minor, issue in Bitcoin which is slowly being fixed). The issue is that fraud is made possible by _failing_ to double-spend when you cancel or reissue a transaction. If you do correctly double-spend then the fraud cannot occur regardless of the malleability. If you don't, it can occur, again— with or without malleability. See also: http://sourceforge.net/mailarchive/forum.php?thread_name=CAAS2fgTx8UzQiocyNMfMNkt2uUZRTmhagb2BY9TPuAupVjVa2g%40mail.gmail.com&forum_name=bitcoin-developmentThe malleability issue seems real enough. Something was published on it on 21 january on bitcoin.it, maybe someone had to try it out
21 January 2013And you'll note that page is citing a forum thread from 2011. Bitcoin v0.8 rolled out the first round of fixes to eventually remove malleability way back then too... and we've seen bouts of amounts of malleability use on the network, back in 2012 if not sooner— I haven't grepped my logs.
|
|
|
2949
|
Economy / Currency exchange / Re: MTGOX <-> BTC BID/ASK
|
on: February 10, 2014, 12:25:43 AM
|
I find it astounding how difficult it is for some people here to just trade per pm. I was asked for skype and viber and even irc...
I didn't get the people asking me multiple times to skype after I politely declined— not going to be running some binary-blob intelligence surveillance tool on anything in my home if I can avoid it. I understand that people are concerned about safety— and you should research the people you trade with or ask to use bitrated.com. Skyping with them will be little actual protection. Right now the demand for these trades is so great that I'm needing to raise my rates above what I'd prefer otherwise just to rate limit the flood. I am willing to split up the transfers to help people feel more comfortable but I'm not going to jump through a bunch of additional hoops. (Though I am fine with IRC, feel free to /msg gmaxwell)
|
|
|
2953
|
Alternate cryptocurrencies / Altcoin Discussion / Re: Turing complete language vs non-Turing complete (Ethereum vs Bitcoin)
|
on: February 06, 2014, 03:14:41 AM
|
Ugh. Cryptocurrency. or at least Bitcoin at a minimum— is _NOT_ about "democratic consensus" cue the trope about democracy is wolves voting to have the sheep for supper. Democratic consensus is a terrible way to handle things, but sometimes its the best available of all possible terrible ways to handle things, but that doesn't make it good. Ideally people could operate on a purely consensual basis and never be coerced just because someone amassed superior numbers. "Democracy" is particularly intolerable, however, when voting power isn't tied to people-with-shared-interests but is instead tied to spending (as it must be in a POW blockchain consensus).
In Bitcoin the rules of the system are fixed in the software and autonomously enforced by everyone, without reference to any consensus. No simple majority of users or miners can change them, they are as immune to a majority tyranny as anything we know how to make. Sadly the whole system can't work on this alone, since there is no known decenteralized way to autonomously decide transaction order, but it is only in narrow-as-we-can make it way that we compromise on that.
You do not make your proposals look good when you justify them with such vulgar misunderstandings of the structure and motivations that enable Bitcoin to be (possibly!) viable.
|
|
|
2959
|
Bitcoin / Hardware / Re: Black Arrow 28nm 100Ghash Bitcoin ASIC from $1.99/GH/s, miners from $2.97/GH/s
|
on: February 03, 2014, 10:20:56 PM
|
FUN FACT: Literally EVERYONE who preordered an asic from ANY manufacturer that delivered made a profit in USD if they mined for a week or two then resold the hardware.
The only people who think they are getting scammed are the nerds who think that btc mining must result in a positive ROI in btc and think that the hardware manufacturer can be held accountable for that.
This is going a bit off-topic... but it really shouldn't be left unchallenged. I think you're taking an exceptionally stupid position here. You have a stack of USD, you could do at least three things: (0) Sit on your USD and do nothing. (1) Buy Bitcoin. (2) But a Bitcoin miner. If (2) yields less bitcoin than you would have gotten with (1) you are worse off in every way. The miner takes up space, consumes power, has shipping and delivery risks, and is just as worthless as the Bitcoin if Bitcoin loses value, but is far less liquid. You take all the risks of owning Bitcoin, multiplied by illiquidity, plus some hardware specific risks. There is no scenario in which (2) is better than (1) if (2) yields less Bitcoin, not if bitcoin goes up in value, not if it goes down, not if bitcoin becomes worthless, not on a boat, not with a goat. Unless you want to consider incompetent people with no self control who can't manage to buy and hold things on their own— in which case I'll gladly offer second signer service for multisig at far less of a loss than ripoff prices from asic hardware vendors and a lot fewer risks.
|
|
|
|