📅 Original date posted:2015-01-23
📝 Original message:You mean an isolated signing device without memory right?
An isolated node would still know the transactions substantiating its coins, why would it sign them away to fees ?
Tamas Blummer
On Jan 23, 2015, at 4:47 PM, slush <slush at centrum.cz> wrote:
> Correct, plus the most likely scenario in such attack is that the malware even don't push such tx with excessive fees to the network, but send it directly to attacker's pool/miner.
>
> M.
>
> On Fri, Jan 23, 2015 at 4:42 PM, Alan Reiner <etotheipi at gmail.com> wrote:
> Unfortunately, one major attack vector is someone isolating your node, getting you to sign away your whole wallet to fee, and then selling it to a mining pool to mine it before you can figure why your transactions aren't making it to the network. In such an attack, the relay rules aren't relevant, and if the attacker can DoS you for 24 hours, it doesn't take a ton of mining power to make the attack extremely likely to succeed.
>
>
>
>
> On 01/23/2015 10:31 AM, Tamas Blummer wrote:
>> Not a fix, but would reduce the financial risk, if nodes were not relaying excessive fee transactions.
>>
>> Tamas Blummer
>>
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150123/5dc6f4b7/attachment.html>;
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 496 bytes
Desc: Message signed with OpenPGP using GPGMail
URL: <http://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150123/5dc6f4b7/attachment.sig>;
Tamas Blummer [ARCHIVE] /
npub1cc…ex8m8
2023-06-07 15:29:06
in reply to nevent1q…95xg
Author Public Key
npub1ccegg9n9lnx6huppxg43m95488yur7pfemkn3pz0agjws5ffvtts0ex8m8Published at
2023-06-07 15:29:06Event JSON
{
"id": "ebd35cb93f2434349960b92da6686a1949cb775ca4cd885e1aad5932ee171fd6",
"pubkey": "c632841665fccdabf021322b1d969539c9c1f829ceed38844fea24e8512962d7",
"created_at": 1686151746,
"kind": 1,
"tags": [
[
"e",
"6dc832bdb706e2f61589ea679669c46a49f00ca991f53b93fef09a1a229115c6",
"",
"root"
],
[
"e",
"20bbd9e9f7af6719b2a73b0e6bb222766b7b295b8259a5cfca389143ff57e4d7",
"",
"reply"
],
[
"p",
"eb7ca795057ca7cabde6f541c741e661d013414934e5934c2e04c6677625c99a"
]
],
"content": "📅 Original date posted:2015-01-23\n📝 Original message:You mean an isolated signing device without memory right? \n\nAn isolated node would still know the transactions substantiating its coins, why would it sign them away to fees ?\n\nTamas Blummer\n\nOn Jan 23, 2015, at 4:47 PM, slush \u003cslush at centrum.cz\u003e wrote:\n\n\u003e Correct, plus the most likely scenario in such attack is that the malware even don't push such tx with excessive fees to the network, but send it directly to attacker's pool/miner.\n\u003e \n\u003e M.\n\u003e \n\u003e On Fri, Jan 23, 2015 at 4:42 PM, Alan Reiner \u003cetotheipi at gmail.com\u003e wrote:\n\u003e Unfortunately, one major attack vector is someone isolating your node, getting you to sign away your whole wallet to fee, and then selling it to a mining pool to mine it before you can figure why your transactions aren't making it to the network. In such an attack, the relay rules aren't relevant, and if the attacker can DoS you for 24 hours, it doesn't take a ton of mining power to make the attack extremely likely to succeed.\n\u003e \n\u003e \n\u003e \n\u003e \n\u003e On 01/23/2015 10:31 AM, Tamas Blummer wrote:\n\u003e\u003e Not a fix, but would reduce the financial risk, if nodes were not relaying excessive fee transactions.\n\u003e\u003e \n\u003e\u003e Tamas Blummer\n\u003e\u003e \n\u003e\u003e \n\u003e \n\u003e \n\n-------------- next part --------------\nAn HTML attachment was scrubbed...\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150123/5dc6f4b7/attachment.html\u003e\n-------------- next part --------------\nA non-text attachment was scrubbed...\nName: signature.asc\nType: application/pgp-signature\nSize: 496 bytes\nDesc: Message signed with OpenPGP using GPGMail\nURL: \u003chttp://lists.linuxfoundation.org/pipermail/bitcoin-dev/attachments/20150123/5dc6f4b7/attachment.sig\u003e",
"sig": "17013eaf42d234da253f4d91a8452a4e677bf3fa4f933307ca8e1b40ae6dbfad1a171ec1a675161ba485a0fb745c5dcb4af6f38308848dd9c19587b6f464619b"
}