📅 Original date posted:2015-09-29
📝 Original message:-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Hello, (see my remarks below)
jl2012 via bitcoin-dev:
> Jonathan Toomim (Toomim Bros) via bitcoin-dev 於 2015-09-29 09:30 寫
> 到:
>> SPV clients will appear to behave normally, and will continue to
>> show new transactions and get confirmations in a timely fashion.
>> However, they will be systematically susceptible to attack from
>> double-spends that attempt to spend funds in a way that the
>> upgraded nodes will reject. These transactions will appear to
>> get 1 confirmation, then regress to zero conf, every single time.
>> These attacks can be performed for as long as someone mines with
>> the old version.
>
> 1. Who told you to accept 1-confirmation tx? Satoshi recommended 6
> confirmations in the whitepaper. Take your own risk if you do not
> follow his advice.
>
> 2. This is true only if your SPV client naively follows the
> longest chain without even looking at the block version. This might
> be good enough for the 1st generation SPV client, but future
> generations should at least have basic fraud detecting mechanism.
>
>
Regarding "basic fraud detecting mechanism" of which you speak, being
as I personally enjoy SPV for the time being (Electrum), and I know
that people will continue to keep using SPV wallets because they are
light and handy, I think that you make a good point that "basic fraud
detecting mechanism" is needed, but how to verify that such a
mechanism in an SPV wallet is good, and/or that the software and
version information provided by the server admins via the banner is
valid (being as it's not validated)? I have made a thread on this
conundrum. Which is posted here if you are interested.
https://bitcointalk.org/index.php?topic=1157545.0
So as to avoid repeating stuff please read whole thead before
answering in it or posting back to list. It seems that there are
definitely unanswered questions...
I may open this up as an issue on https://github.com/spesmilo/electrum
about this stuff, but I wanted to post comment here also, for the record
.
>
>> If an attacker thinks he could get more than 25 BTC of
>> double-spends per block, he might even choose to mine with the
>> obsolete version in order to get predictable orphans and to trick
>> SPV clients and fully verifying wallets on the old version.
>
> This point is totally irrelevant. No matter there is a softfork or
> not, SPV users are always vulnerable to such double-spending attack
> if they blindly follow the longest chain AND accept 1-confirmation.
> The fiat currency system might be safer for them.
> _______________________________________________ bitcoin-dev mailing
> list bitcoin-dev at lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
- --
http://abis.io ~
"a protocol concept to enable decentralization
and expansion of a giving economy, and a new social good"
https://keybase.io/odinn
-----BEGIN PGP SIGNATURE-----
iQEcBAEBCgAGBQJWCuyBAAoJEGxwq/inSG8CtpAH/R6N1QYzMFWPo75RsP46VYbi
k33QbsbhlEznEEWX/ayKEzmnbt7DkXFXQtesuabongFr9UpwxED0OGQJztyRz5NC
iS8ty+Kfi9/Aq/e79A6IPSYfRCPB1w+oP/cEsV/LB4BPkut2mdpMbdwDZ3TQuLRq
LnFLmz8tY+CUqSbyrPUx/FKJ7ZbQsAlammMTKoUYaAYRytDBPzW4PdYtTyrK2QTK
jjt11n5U8ShmXdsCo/E0pWVbggQlhFgrCoIYjGNfmDyK/eYaskD5O6czIdqd5WPs
P+2zMC1Cukkr5l8BQXiSedVXGpMyaYhMgWB7MD6sNDIAE9IFbfEpkse/Ek4aJII=
=Ud4C
-----END PGP SIGNATURE-----
odinn [ARCHIVE] /
npub1xv…5j2ga
2023-06-07 17:41:37
in reply to nevent1q…wsjh
Author Public Key
npub1xv3g4rkhj7eyape0cqjhc9g4ljdu5axqkgcdewma854a8r7e0mtsl5j2gaPublished at
2023-06-07 17:41:37Event JSON
{
"id": "dd01e6bee113cebf6f1ad98f85a4e32bc582be9c22447e9cb6f823d43a4bde3a",
"pubkey": "33228a8ed797b24e872fc0257c1515fc9bca74c0b230dcbb7d3d2bd38fd97ed7",
"created_at": 1686159697,
"kind": 1,
"tags": [
[
"e",
"f5bb1bf208994917ac3ec4154383520df2a8573df815c54d28bae4e41ef024c8",
"",
"root"
],
[
"e",
"f1d768893b573c95318219cd27ea9b9a48c72da2f4a8e4f3d931bd0f2c99b112",
"",
"reply"
],
[
"p",
"b61e2e7ccbf4abd7f49715c62f4ac7a93cbdd5ead0316279c5f5fe9b18dd0aaa"
]
],
"content": "📅 Original date posted:2015-09-29\n📝 Original message:-----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA512\n\nHello, (see my remarks below)\n\njl2012 via bitcoin-dev:\n\u003e Jonathan Toomim (Toomim Bros) via bitcoin-dev 於 2015-09-29 09:30 寫\n\u003e 到:\n\u003e\u003e SPV clients will appear to behave normally, and will continue to\n\u003e\u003e show new transactions and get confirmations in a timely fashion.\n\u003e\u003e However, they will be systematically susceptible to attack from\n\u003e\u003e double-spends that attempt to spend funds in a way that the\n\u003e\u003e upgraded nodes will reject. These transactions will appear to\n\u003e\u003e get 1 confirmation, then regress to zero conf, every single time.\n\u003e\u003e These attacks can be performed for as long as someone mines with\n\u003e\u003e the old version.\n\u003e \n\u003e 1. Who told you to accept 1-confirmation tx? Satoshi recommended 6 \n\u003e confirmations in the whitepaper. Take your own risk if you do not\n\u003e follow his advice.\n\u003e \n\u003e 2. This is true only if your SPV client naively follows the\n\u003e longest chain without even looking at the block version. This might\n\u003e be good enough for the 1st generation SPV client, but future\n\u003e generations should at least have basic fraud detecting mechanism.\n\u003e \n\u003e \n\nRegarding \"basic fraud detecting mechanism\" of which you speak, being\nas I personally enjoy SPV for the time being (Electrum), and I know\nthat people will continue to keep using SPV wallets because they are\nlight and handy, I think that you make a good point that \"basic fraud\ndetecting mechanism\" is needed, but how to verify that such a\nmechanism in an SPV wallet is good, and/or that the software and\nversion information provided by the server admins via the banner is\nvalid (being as it's not validated)? I have made a thread on this\nconundrum. Which is posted here if you are interested.\n\nhttps://bitcointalk.org/index.php?topic=1157545.0\n\nSo as to avoid repeating stuff please read whole thead before\nanswering in it or posting back to list. It seems that there are\ndefinitely unanswered questions...\n\nI may open this up as an issue on https://github.com/spesmilo/electrum\nabout this stuff, but I wanted to post comment here also, for the record\n.\n\n\n\u003e \n\u003e\u003e If an attacker thinks he could get more than 25 BTC of \n\u003e\u003e double-spends per block, he might even choose to mine with the \n\u003e\u003e obsolete version in order to get predictable orphans and to trick\n\u003e\u003e SPV clients and fully verifying wallets on the old version.\n\u003e \n\u003e This point is totally irrelevant. No matter there is a softfork or\n\u003e not, SPV users are always vulnerable to such double-spending attack\n\u003e if they blindly follow the longest chain AND accept 1-confirmation.\n\u003e The fiat currency system might be safer for them. \n\u003e _______________________________________________ bitcoin-dev mailing\n\u003e list bitcoin-dev at lists.linuxfoundation.org \n\u003e https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev\n\n- -- \nhttp://abis.io ~\n\"a protocol concept to enable decentralization\nand expansion of a giving economy, and a new social good\"\nhttps://keybase.io/odinn\n-----BEGIN PGP SIGNATURE-----\n\niQEcBAEBCgAGBQJWCuyBAAoJEGxwq/inSG8CtpAH/R6N1QYzMFWPo75RsP46VYbi\nk33QbsbhlEznEEWX/ayKEzmnbt7DkXFXQtesuabongFr9UpwxED0OGQJztyRz5NC\niS8ty+Kfi9/Aq/e79A6IPSYfRCPB1w+oP/cEsV/LB4BPkut2mdpMbdwDZ3TQuLRq\nLnFLmz8tY+CUqSbyrPUx/FKJ7ZbQsAlammMTKoUYaAYRytDBPzW4PdYtTyrK2QTK\njjt11n5U8ShmXdsCo/E0pWVbggQlhFgrCoIYjGNfmDyK/eYaskD5O6czIdqd5WPs\nP+2zMC1Cukkr5l8BQXiSedVXGpMyaYhMgWB7MD6sNDIAE9IFbfEpkse/Ek4aJII=\n=Ud4C\n-----END PGP SIGNATURE-----",
"sig": "89d22584f967d8928ce69790f08a5c1a8ef107aca9e5f9b9ea797a4865e76daccbf932c5b411ea60f5578fd1d9d10a91c9490dafd348a5ab734d2a4848c3c4ec"
}