This message was too old and has been purged

[Evil-Knievel]

This message was too old and has been purged

[1714805028]

1714805028

[1714805028]

1714805028

[1714805028]

1714805028

[instagibbs]

going to need a little more than that from someone who's already raised questionable alarms before

[RodeoX]

If you have discovered a new exploit you might want to send a description to the dev team. I'm sure your help would be appreciated.

[gmaxwell]

going to need a little more than that from someone who's already raised questionable alarms before

You mean outright fraudulent alarms. You note even here he says "probably".

I call bullshit.  Real cryptanalysis is specific.

[Evil-Knievel]

This message was too old and has been purged

[instagibbs]

going to need a little more than that from someone who's already raised questionable alarms before

You mean outright fraudulent alarms. You note even here he says "probably".

I call bullshit.  Real cryptanalysis is specific.

I'm from the midwest, sue me 

Too nice.

[crazynoggin]

If you find any possible code issues with Bitcoin, its best to bring it up to the Dev team. They might even reward you if its serious enough, who knows.

[Evil-Knievel]

This message was too old and has been purged

[Evil-Knievel]

This message was too old and has been purged

[Automatic]

going to need a little more than that from someone who's already raised questionable alarms before

You mean outright fraudulent alarms. You note even here he says "probably".

I call bullshit.

Even though I am a person who is willing to help in most cases, I have never expected such a "direct" response from the community.
And as the community seems not to honor my work, well - then I will just shut up about it at all.

I mean I could ask someone of you to post a text along with a signed signature from one of your wallets so I can generate dozens of other valid signatures for it, but I am not sure if this will change my mind at all.
I can demonstrate it if you want, but with this kind of response I will definitely not invest a single minute in explaining the complex mathematics behind it.

Unfortunately, my crypto ability is next to none, so, even if you do it, it'll mean nothing to me, but, I am interested in what you say:-

Code:

13SdzWe5JCASoyvXr4kAgGnB6n3PNPSSQe

Code:

This is my amazing note.

Code:

HMzLVDA8Nsf79Le1JHHqD7Uc0MXvCERLalWpJrqWe9KGDWhD38W41oDkeix92jP2RBCmMgkerkYkvZcu+Kmm8Zw=

Like I said though, my crpyto knowledge is next to none, and, the same with my trust, so, it's really proving nothing (Even if what you say is valid), as, anyone looking in will just say "Hey, those two are working together"

[nottm28]

But I would prove it to you anyway. Just sign some text and post it along with a signature. Maybe the significance will become clear then.

Ok, I'm mathematically minded - what do you want me to do exactly - please post clear reproducible instructions and I'll give it a go...

[Rampion]

But I would prove it to you anyway. Just sign some text and post it along with a signature. Maybe the significance will become clear then.

Ok, I'm mathematically minded - what do you want me to do exactly - please post clear reproducible instructions and I'll give it a go...

Just sign a message with a btc address, and post message + signature + public key (the "address") - just as Automatic did.

[nottm28]

But I would prove it to you anyway. Just sign some text and post it along with a signature. Maybe the significance will become clear then.

Ok, I'm mathematically minded - what do you want me to do exactly - please post clear reproducible instructions and I'll give it a go...

Just sign a message with a btc address, and post message + signature + public key (the "address") - just as Automatic did.

sig : Hzkosd/No+cUbW8WvUdJvgCIV0F4xkPVKk2anyMp7NPedJkcmg/VD8BrAgGGuaP52tlsCv/csnAcpmTNDc3YH6A=

message : This is my Transaction Malleability Reloaded message

address : 1JuRLLT7YrtPKWooSPsuqgFU2EHSCN6Hdq

[Lord F(r)og]

So what's up? Do we have devcon 1 or is this just an alarm drill?

Hello Everyone!

It was hard to miss the recent implications of the transaction malleability issue, in which context for example nearly all MtGox funds were lost. Now the simple idea was to take the negative value of a part of the signature which also resultet in a valid signature (at least in the bitcoin implementation which falsely accepts this non-standard type of signatures).

I have probably found a way to resign "already signed" messages with perfectly correct signatures. Filtering for these typical "transaction malleability signatures" will therefore be not enough. Now the problem might be huge and not just solved by filtering out these "changed and non-standard signatures".

If you like we can discuss these issues here.

[nottm28]

So what's up? Do we have devcon 1 or is this just an alarm drill?

It is possible I think but would take some kind of genius inspiration to break the encryption algorithm. I remember there was some Chinese girl who did (then didn't yeah right) break the sha256 algorithm... still waiting for his asics to crunch the numbers...

[Lord F(r)og]

So what's up? Do we have devcon 1 or is this just an alarm drill?

It is possible I think but would take some kind of genius inspiration to break the encryption algorithm. I remember there was some Chinese girl who did (then didn't yeah right) break the sha256 algorithm... still waiting for his asics to crunch the numbers...

This means if his Asperger turns out misunderstood genius, sha256 is basically broken? Is there a way we can "easily" follow/confirm his claim?

[nottm28]

So what's up? Do we have devcon 1 or is this just an alarm drill?

It is possible I think but would take some kind of genius inspiration to break the encryption algorithm. I remember there was some Chinese girl who did (then didn't yeah right) break the sha256 algorithm... still waiting for his asics to crunch the numbers...

This means if his Asperger turns out misunderstood genius, sha256 is basically broken? Is there a way we can "easily" follow/confirm his claim?

Well if he posts a message that I can verify as signed my me - then yeah shit hits the fan. Probability is low though but you can't rule out a mule (isaac asimov )

[edit] and then we would need to know how he did it... yeah

[edit2] even if he did manage to post a message that I could verify as signed by me - it's more likely to be a a 'feature' in bitcoin qt 0.8.6 rather than a crack for sha256...

[Lord F(r)og]

Okay, it's highly unlikely that sha256 becomes broken near-term. But let's wait if he found a workaround on that signing procedure. In this case he would deserve some serious worship for publishing it here. Let us pray, let the unicorns fly!

[Evil-Knievel]

This message was too old and has been purged

[Caesium]

I'm sure it'll be retracted pretty quickly if you do something with the signed messages above, as you requested