Bitcoin Forum
December 11, 2017, 02:40:32 AM *
News: Latest stable version of Bitcoin Core: 0.15.1  [Torrent].
 
   Home   Help Search Donate Login Register  
Pages: [1]
  Print  
Author Topic: Bounty for successful attacks of the BANK RUN protocol  (Read 558 times)
k99
Sr. Member
****
Offline Offline

Activity: 345

Manfred Karrer


View Profile WWW
February 19, 2014, 04:34:34 PM
 #1

I ask for security audits/attacks.

Details see here:
https://bitcointalk.org/index.php?topic=462236.msg5239335#msg5239335

You can win 0.11 BTC if you succeed.

br,
Manfred

https://www.bitsquare.io  |  GPG Key: 6A6B2C46 or 57D66BDA
1512960032
Hero Member
*
Offline Offline

Posts: 1512960032

View Profile Personal Message (Offline)

Ignore
1512960032
Reply with quote  #2

1512960032
Report to moderator
Advertised sites are not endorsed by the Bitcoin Forum. They may be unsafe, untrustworthy, or illegal in your jurisdiction. Advertise here.
Sukrim
Legendary
*
Offline Offline

Activity: 2212


View Profile
February 20, 2014, 03:52:36 PM
 #2

Why would I break your schme for just 0.11 BTC if I find a weakness and could later scam people for much more?

Anyways, you're asking for attacks on only the Bitcoin side of your idea (which is not the weak part) - in essence you want us to break multisig. Imho the weakness of your protocol is not the stuff that happens on the block chain, it's what happens besides that.

Also your announces are not signed, you should include that as a step (Alice could list ANY transaction on the chain as "hers" and Bob might tie up funds because of that). The TXID of the escrow TX is only final once it has been mined and buried a few blocks - so adding that to the protocol might be a wise thing to do. Again these messages need to be clearsigned by their private key at least.

https://bitfinex.com <-- leveraged trading of BTCUSD, LTCUSD and LTCBTC (long and short) - 10% discount on fees for the first 30 days with this refcode: x5K9YtL3Zb
Mail me at Bitmessage: BM-BbiHiVv5qh858ULsyRDtpRrG9WjXN3xf
k99
Sr. Member
****
Offline Offline

Activity: 345

Manfred Karrer


View Profile WWW
February 20, 2014, 10:57:25 PM
 #3

Why would I break your schme for just 0.11 BTC if I find a weakness and could later scam people for much more?

Anyways, you're asking for attacks on only the Bitcoin side of your idea (which is not the weak part) - in essence you want us to break multisig. Imho the weakness of your protocol is not the stuff that happens on the block chain, it's what happens besides that.

Also your announces are not signed, you should include that as a step (Alice could list ANY transaction on the chain as "hers" and Bob might tie up funds because of that). The TXID of the escrow TX is only final once it has been mined and buried a few blocks - so adding that to the protocol might be a wise thing to do. Again these messages need to be clearsigned by their private key at least.

You can wait until its out and then scam people if you like. I was just asking for help of people who like to support.

I described above the limited scope of that attack test. I think that part is not only to break btc multisig, that is pretty clear that nobody will break that, but there could be some other flaws in the protocol or usage of some rpc commands.

The double spend attack scenario when Alice has published the deposit tx is described in the paper (it was recently added).

The communication between the peer is done via bitmessage (or twister) so thats a secure channel already.
Regarding the offer: Yes Alice need to sign her msg, so Bob can verify with her pub key. I will add that to the paper, thanks for pointing to that.



https://www.bitsquare.io  |  GPG Key: 6A6B2C46 or 57D66BDA
Pages: [1]
  Print  
 
Jump to:  

Sponsored by , a Bitcoin-accepting VPN.
Powered by MySQL Powered by PHP Powered by SMF 1.1.19 | SMF © 2006-2009, Simple Machines Valid XHTML 1.0! Valid CSS!