Bitcoin Forum
September 22, 2018, 08:10:25 PM *
News: ♦♦ New info! Bitcoin Core users absolutely must upgrade to previously-announced 0.16.3 [Torrent]. All Bitcoin users should temporarily trust confirmations slightly less. More info.
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Bounty for successful attacks of the BANK RUN protocol  (Read 569 times)
k99
Sr. Member
****
Offline Offline

Activity: 346
Merit: 252

Manfred Karrer


View Profile WWW
February 19, 2014, 04:34:34 PM
 #1

I ask for security audits/attacks.

Details see here:
https://bitcointalk.org/index.php?topic=462236.msg5239335#msg5239335

You can win 0.11 BTC if you succeed.

br,
Manfred

https://www.bitsquare.io  |  GPG Key: 6A6B2C46 or 57D66BDA
1537647025
Hero Member
*
Offline Offline

Posts: 1537647025

View Profile Personal Message (Offline)

Ignore
1537647025
Reply with quote  #2

1537647025
Report to moderator
Make a difference with your Ether.
Donate Ether for the greater good.
SPRING.WETRUST.IO
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Sukrim
Legendary
*
Offline Offline

Activity: 2394
Merit: 1002


View Profile
February 20, 2014, 03:52:36 PM
 #2

Why would I break your schme for just 0.11 BTC if I find a weakness and could later scam people for much more?

Anyways, you're asking for attacks on only the Bitcoin side of your idea (which is not the weak part) - in essence you want us to break multisig. Imho the weakness of your protocol is not the stuff that happens on the block chain, it's what happens besides that.

Also your announces are not signed, you should include that as a step (Alice could list ANY transaction on the chain as "hers" and Bob might tie up funds because of that). The TXID of the escrow TX is only final once it has been mined and buried a few blocks - so adding that to the protocol might be a wise thing to do. Again these messages need to be clearsigned by their private key at least.

https://www.coinlend.org <-- automated lending at various exchanges. No fees(!).
Mail me at Bitmessage: BM-BbiHiVv5qh858ULsyRDtpRrG9WjXN3xf
k99
Sr. Member
****
Offline Offline

Activity: 346
Merit: 252

Manfred Karrer


View Profile WWW
February 20, 2014, 10:57:25 PM
 #3

Why would I break your schme for just 0.11 BTC if I find a weakness and could later scam people for much more?

Anyways, you're asking for attacks on only the Bitcoin side of your idea (which is not the weak part) - in essence you want us to break multisig. Imho the weakness of your protocol is not the stuff that happens on the block chain, it's what happens besides that.

Also your announces are not signed, you should include that as a step (Alice could list ANY transaction on the chain as "hers" and Bob might tie up funds because of that). The TXID of the escrow TX is only final once it has been mined and buried a few blocks - so adding that to the protocol might be a wise thing to do. Again these messages need to be clearsigned by their private key at least.

You can wait until its out and then scam people if you like. I was just asking for help of people who like to support.

I described above the limited scope of that attack test. I think that part is not only to break btc multisig, that is pretty clear that nobody will break that, but there could be some other flaws in the protocol or usage of some rpc commands.

The double spend attack scenario when Alice has published the deposit tx is described in the paper (it was recently added).

The communication between the peer is done via bitmessage (or twister) so thats a secure channel already.
Regarding the offer: Yes Alice need to sign her msg, so Bob can verify with her pub key. I will add that to the paper, thanks for pointing to that.



https://www.bitsquare.io  |  GPG Key: 6A6B2C46 or 57D66BDA
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!