📅 Original date posted:2017-05-18
📝 Original message:On Thu, May 18, 2017 at 9:44 AM, Cameron Garnham via bitcoin-dev
<bitcoin-dev at lists.linuxfoundation.org> wrote:
> 3. We should assign a CVE to the vulnerability exploited by ‘ASICBOOST’.
>
> ‘ASICBOOST’ is an attack on this Bitcoin’s security assumptions and
> should be considered an exploit of the Bitcoin Proof-of-Work
> Function.
On Thu, May 18, 2017 at 10:59 AM, Tier Nolan via bitcoin-dev
<bitcoin-dev at lists.linuxfoundation.org> wrote:
> Arguably as long as the effort to find a block is proportional to the block
> difficulty parameter, then it isn't an exploit. It is just an optimisation.
One principled way to proceed would be to fault not the exploit, but
the protocol design.
Bits in the block header have been discovered which could be used for
dual meanings, and at least one meaning does not preserve the
incentive balances intended and assumed by others. This unexpectedly
creates an incentive to block protocol improvements. The protocol
must be repaired.
In this view, which focuses on covert-ASICBOOST, how work is done is
up to the implementation. But if the hashing work specified possibly
could gain from blocking development work, then we have a
vulnerability.
I believe this is clear grounds for taking action without any delay.
Ryan Grant [ARCHIVE] /
npub19a…6mwcl
2023-06-07 18:01:18
in reply to nevent1q…jhrc
Author Public Key
npub19a2m7qm80t7mzhgqfgunswhm5c3q4fkqt89057ugy7u8jdxncf2q06mwclPublished at
2023-06-07 18:01:18Event JSON
{
"id": "156c5f25cda4a50bb5a2c9023d30d009c82142a423f7455811331c3a48d3dfd1",
"pubkey": "2f55bf03677afdb15d004a39383afba6220aa6c059cafa7b8827b87934d3c254",
"created_at": 1686160878,
"kind": 1,
"tags": [
[
"e",
"f70bddd64502508bed584572ca722b248b72bf405d306807bd48f551b97bae4d",
"",
"root"
],
[
"e",
"d8e35eec6c9d2a009d37606cbc2beff32c90184ee7519b0fade2c621f453248d",
"",
"reply"
],
[
"p",
"05ff1a1da79f4ed8e7928f7b6cf225a88de06820c57a7e5425d2ac5dac6068d9"
]
],
"content": "📅 Original date posted:2017-05-18\n📝 Original message:On Thu, May 18, 2017 at 9:44 AM, Cameron Garnham via bitcoin-dev\n\u003cbitcoin-dev at lists.linuxfoundation.org\u003e wrote:\n\u003e 3. We should assign a CVE to the vulnerability exploited by ‘ASICBOOST’.\n\u003e\n\u003e ‘ASICBOOST’ is an attack on this Bitcoin’s security assumptions and\n\u003e should be considered an exploit of the Bitcoin Proof-of-Work\n\u003e Function.\n\nOn Thu, May 18, 2017 at 10:59 AM, Tier Nolan via bitcoin-dev\n\u003cbitcoin-dev at lists.linuxfoundation.org\u003e wrote:\n\u003e Arguably as long as the effort to find a block is proportional to the block\n\u003e difficulty parameter, then it isn't an exploit. It is just an optimisation.\n\nOne principled way to proceed would be to fault not the exploit, but\nthe protocol design.\n\nBits in the block header have been discovered which could be used for\ndual meanings, and at least one meaning does not preserve the\nincentive balances intended and assumed by others. This unexpectedly\ncreates an incentive to block protocol improvements. The protocol\nmust be repaired.\n\nIn this view, which focuses on covert-ASICBOOST, how work is done is\nup to the implementation. But if the hashing work specified possibly\ncould gain from blocking development work, then we have a\nvulnerability.\n\nI believe this is clear grounds for taking action without any delay.",
"sig": "e14c39e6761b3b3432935117cc0da44acbf71c1fc4147147295f468d907890097fb101d9b17696ab33d8cdfb816182b9ed9d21dbc50d41886a622c4dac6d785f"
}