From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 8340E87A for ; Thu, 6 Apr 2017 09:18:21 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from zinan.dashjr.org (zinan.dashjr.org [192.3.11.21]) by smtp1.linuxfoundation.org (Postfix) with ESMTP id 8DE4CF4 for ; Thu, 6 Apr 2017 09:18:20 +0000 (UTC) Received: from ishibashi.localnet (unknown [IPv6:2001:470:5:265:a45d:823b:2d27:961c]) (Authenticated sender: luke-jr) by zinan.dashjr.org (Postfix) with ESMTPSA id 2FBD538ABE75; Thu, 6 Apr 2017 09:17:50 +0000 (UTC) X-Hashcash: 1:25:170406:bitcoin-dev@lists.linuxfoundation.org::HpGM4jPGw5l4xDOa:cti6G X-Hashcash: 1:25:170406:greg@xiph.org::JrFnYZyi6Uz+iDFe:aw5MZ From: Luke Dashjr To: bitcoin-dev@lists.linuxfoundation.org, Gregory Maxwell Date: Thu, 6 Apr 2017 09:17:48 +0000 User-Agent: KMail/1.13.7 (Linux/4.9.16-gentoo; KDE/4.14.29; x86_64; ; ) References: In-Reply-To: X-PGP-Key-Fingerprint: E463 A93F 5F31 17EE DE6C 7316 BD02 9424 21F4 889F X-PGP-Key-ID: BD02942421F4889F X-PGP-Keyserver: hkp://pgp.mit.edu MIME-Version: 1.0 Content-Type: Text/Plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <201704060917.49139.luke@dashjr.org> X-Spam-Status: No, score=-1.9 required=5.0 tests=BAYES_00,RP_MATCHES_RCVD autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: Re: [bitcoin-dev] BIP proposal: Inhibiting a covert attack on the Bitcoin POW function X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 06 Apr 2017 09:18:21 -0000 On Wednesday, April 05, 2017 9:37:45 PM Gregory Maxwell via bitcoin-dev wrote: > Beginning block X and until block Y the coinbase transaction of > each block MUST either contain a BIP-141 segwit commitment or a > correct WTXID commitment with ID 0xaa21a9ef. Why not simply require the BIP-141 commitment? > Existing segwit using miners are automatically compatible with > this proposal. Not entirely. The commitment is not required until segwit activates. But this should be trivial to implement at least. > == Overt attack == > > The non-covert form can be trivially blocked by requiring that > the header version match the coinbase transaction version. > > This proposal does not include this block because this method > may become generally available without restriction in the future, > does not generally interfere with improvements in the protocol, > and because it is so easily detected that it could be blocked if > it becomes an issue in the future. How does it not interfere with BIP 9? I suppose the versionbits could be moved to the generation transaction version, but this would hide them from light clients. > This document is placed in the public domain. Could you please use one of these? https://github.com/bitcoin/bips/blob/master/bip-0002.mediawiki#Recommended_licenses Luke