Zooko Wilcox-O'Hearn [ARCHIVE] on Nostr: 📅 Original date posted:2012-02-28 📝 Original message:Could you spell out the ...
📅 Original date posted:2012-02-28
📝 Original message:Could you spell out the attack explicitly? Presumably there aren't a
lot of people with the "malice energy" to perform the attack but not
to figure it out for themselves. I, however, have the "niceness
energy" to think about it for a few minutes but not to figure it out
for myself. If in your opinion it is realistically dangerous to post
it publicly, would you be so kind as to include me in the private
sharing of the explanation?
By the way, I found a couple of cases of slightly bad handling of
merkle trees when I inspected the code (v0.4) that was, I'm 99% sure,
not exploitable. I never got around to reporting it yet. I'm sorry
about that. My discoveries might interact with the one you're talking
about here. I should definitely explain mine to y'all soon. (Possibly
in private for the first pass, in case it is more exploitable than I
thought, or has become exploitable since v0.4.)
I showed it to a couple of other people at the time who helped me make
sure that it wasn't exploitable.
I'll make time to explain what I found within a week.
Regards,
Zooko
Published at
2023-06-07 03:09:49Event JSON
{
"id": "bfff41e9224e9fd9d1aec069bbc9c1467162899837b26bd71fcbc6d1f0c5df4a",
"pubkey": "29ef37dbe6ee79a52907a84f1511b5ba3f9b3ef1097043f6dfb60cca6b03a59c",
"created_at": 1686107389,
"kind": 1,
"tags": [
[
"e",
"431de1b2053f2297a5c4d8abb946e01d3f305001a64415bafb02369c2320d799",
"",
"root"
],
[
"e",
"56472c2fb9324a3862c3b819bea85ce1acf706a9b59b6958d12e3097796f48c0",
"",
"reply"
],
[
"p",
"5ab461bc713c73739adbc543fe021553ac026ff18e60267a0999d45ffdc3a943"
]
],
"content": "📅 Original date posted:2012-02-28\n📝 Original message:Could you spell out the attack explicitly? Presumably there aren't a\nlot of people with the \"malice energy\" to perform the attack but not\nto figure it out for themselves. I, however, have the \"niceness\nenergy\" to think about it for a few minutes but not to figure it out\nfor myself. If in your opinion it is realistically dangerous to post\nit publicly, would you be so kind as to include me in the private\nsharing of the explanation?\n\nBy the way, I found a couple of cases of slightly bad handling of\nmerkle trees when I inspected the code (v0.4) that was, I'm 99% sure,\nnot exploitable. I never got around to reporting it yet. I'm sorry\nabout that. My discoveries might interact with the one you're talking\nabout here. I should definitely explain mine to y'all soon. (Possibly\nin private for the first pass, in case it is more exploitable than I\nthought, or has become exploitable since v0.4.)\n\nI showed it to a couple of other people at the time who helped me make\nsure that it wasn't exploitable.\n\nI'll make time to explain what I found within a week.\n\nRegards,\n\nZooko",
"sig": "2973dd6091d3db5dc5f618a65413c2ef27911056e0a60507cb9df816492fca8d781f29cb47462d05e25beed66a2f89ee0e7ca8492f72538fa344993cb1eaa41a"
}