From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Thu, 01 Aug 2024 14:14:13 -0700 Received: from mail-yw1-f184.google.com ([209.85.128.184]) by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1sZd7j-0001n2-VW for bitcoindev@gnusha.org; Thu, 01 Aug 2024 14:14:13 -0700 Received: by mail-yw1-f184.google.com with SMTP id 00721157ae682-654d96c2bb5sf139418027b3.2 for ; Thu, 01 Aug 2024 14:14:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1722546846; x=1723151646; darn=gnusha.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-sender:mime-version :subject:references:in-reply-to:message-id:to:from:date:sender:from :to:cc:subject:date:message-id:reply-to; bh=LvTUfx/U6ZPepQTXcPiViO0mrqeKeXVnjjijBlVSDx8=; b=TClOPusvaDvsCgcedYGvOewnF7cBevtv1QdX//rb8t3PxpAZm43cMsargRjBwsDbXI EVNd+r/bk7rJESmXpj+TFvbRFZj5aYDNo91Jl0S/Mp/wTZKHDkpXOXJC91QnFK6uK5Ri xjGqJ6U3TmOqpXfmkN8Bo9G7umxM56MSnwJeRlTH5T5aor5n0mh26K81h/n1NGHjkrH2 nGOqDthMq9DJii0J0DwMwwqYEVYryO4YNM+8iWJSmgibtTrnTNQ6j+9xGjyXb0IhAlvO owP1cb8oEx4CvmqPzZWJJxCMSyidh91g2qfDeYauNYyJjNaeRfnY8ZSJYSzuQ56vGkG1 N8yw== DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1722546846; x=1723151646; darn=gnusha.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-sender:mime-version :subject:references:in-reply-to:message-id:to:from:date:from:to:cc :subject:date:message-id:reply-to; bh=LvTUfx/U6ZPepQTXcPiViO0mrqeKeXVnjjijBlVSDx8=; b=AXZgA1F3EEYdwfYv48ljzuLxM9h1ibZaYsFFZhPfitSMr6O46E+Q2t4bUv4wyYZo10 YFGHQH2KbhMemSg14kowkd18y83EXqpXARkUzqOod/D1P8mN3NvLzL9qr0qWlCB0S8TG T+6R1hVMMuy9gdwC/zFHgJsFmeHpX2FIZT1w1FpKGFhvy4V0hGH4xKlVs/+ei74xgwOK Ga8+JZr4f2Ov4Xr97lCxjFy+8Axzg3rA5HP/rG1huRdeqPrG0R9fg0zqnSi5wEVNRPZ9 rLd5CRUZL7aH/JZtpZPQhMtiwLPSg4CLISH7Ti/Ol+xXE96OcqlNCuNslxq+uLu0ywUO TzTg== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1722546846; x=1723151646; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:x-original-sender:mime-version :subject:references:in-reply-to:message-id:to:from:date:x-beenthere :x-gm-message-state:sender:from:to:cc:subject:date:message-id :reply-to; bh=LvTUfx/U6ZPepQTXcPiViO0mrqeKeXVnjjijBlVSDx8=; b=OYxI8gWjmzhQMEAOU7jZA1XQ13XLPHwcK5tUSPJFKixPvKKzrrXEQwt+d+Rdc/DyMg Yt+wFI5tAT21aZCkYc5TSiiRWXQtpc6uNi3gBuo0amuVVl93jod/3B2kDfM7EdSqF/1n 8y4ofdpQhGZlKxcApeFx6yO0HDQbqQZ1k9ye+Pw/Rmq+CPWItiapDsHtl3ICgJOsX0mj YRdLc319bS1tTVoBTl+ERAoe63jtBrku2k5U2RNIOyZFH/5eL0qGolrmiPGvVk/o2Boj IWx2n4TWxiWHK4xbD7biEIEsDEgSPTfEbYcr9zgvqcBwpHKMbY8HUhr/o3NTSTsnbMuZ jiWg== Sender: bitcoindev@googlegroups.com X-Forwarded-Encrypted: i=1; AJvYcCX7RFjUBzjBJvMJDds/h1PMLCSZybudzE5pXVYAqoYbQrMiMBPTyyN+AU7Z2WsT9UbfCWUZ+hWEQ+2/FK3v8sGZEiSDcwI= X-Gm-Message-State: AOJu0YwJSR005pozZsrIlGigfVEk4QAsBKwlKEn8uR4GSQlLpumh4dCO Ix88366yLS+ZTalvj0L2RbpzCyXZJsos/tQMk54TtG8bPkBwRONJ X-Google-Smtp-Source: AGHT+IG7+QMEffSUiS2JWu/IP9gCFEe+nHA0MW0uX2zJA5UsyA+l3hRUi+LMO7S6ouhZ2nQBczuuqw== X-Received: by 2002:a25:75c2:0:b0:e0b:d018:c4e0 with SMTP id 3f1490d57ef6-e0bde34be50mr1584509276.28.1722546845502; Thu, 01 Aug 2024 14:14:05 -0700 (PDT) X-BeenThere: bitcoindev@googlegroups.com Received: by 2002:a05:6902:729:b0:e05:a978:7726 with SMTP id 3f1490d57ef6-e0b228e5275ls3487912276.2.-pod-prod-00-us; Thu, 01 Aug 2024 14:14:03 -0700 (PDT) X-Received: by 2002:a05:690c:10c:b0:648:2f1d:1329 with SMTP id 00721157ae682-6895ec46b94mr650507b3.1.1722546843799; Thu, 01 Aug 2024 14:14:03 -0700 (PDT) Received: by 2002:a81:ae12:0:b0:627:7f59:2eee with SMTP id 00721157ae682-6847fb12387ms7b3; Wed, 31 Jul 2024 22:57:59 -0700 (PDT) X-Received: by 2002:a05:6902:c0e:b0:e05:a1b5:adc0 with SMTP id 3f1490d57ef6-e0bcd3a1138mr2816276.10.1722491878526; Wed, 31 Jul 2024 22:57:58 -0700 (PDT) Date: Wed, 31 Jul 2024 22:57:58 -0700 (PDT) From: Garlo Nicon To: Bitcoin Development Mailing List Message-Id: <24cd7816-1912-41f9-a6ef-f740801245e2n@googlegroups.com> In-Reply-To: <3f7d43bd-af9e-4af5-860a-223504bb4fcan@googlegroups.com> References: <18fc443d-c347-4a84-94fe-81308ae20b76n@googlegroups.com> <4d950527-4430-49f2-8e38-3755bc58e301n@googlegroups.com> <4f7eddff-9e2d-4beb-bcc6-832584cb939d@achow101.com> <2aa2d6fa-ae72-4aef-9fda-49e2f7c657abn@googlegroups.com> <3f7d43bd-af9e-4af5-860a-223504bb4fcan@googlegroups.com> Subject: Re: [bitcoindev] Re: A "Free" Relay Attack Taking Advantage of The Lack of Full-RBF In Core MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_Part_49950_456227870.1722491878263" X-Original-Sender: garlonicon@gmail.com Precedence: list Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com List-ID: X-Google-Group-Id: 786775582512 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Score: -0.5 (/) ------=_Part_49950_456227870.1722491878263 Content-Type: multipart/alternative; boundary="----=_Part_49951_646384883.1722491878263" ------=_Part_49951_646384883.1722491878263 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable > Here is a last resort solution by launching this attack in production. I hope you will pick some testnet, for example testnet3 or testnet4, or=20 even signet, instead of launching it on mainnet. Also because test networks= =20 are better suited for file sharing scenarios, because if coins are=20 worthless, and there are no real transactions, then pushing data is the=20 only purpose of such network. Probably, doing it on testnet4 is the easiest= =20 target, because of 50 tBTC reward (which means: 5 GB spamming ability per= =20 block, if you use 1 sat/vB). poniedzia=C5=82ek, 22 lipca 2024 o 14:07:41 UTC+2 Anonymous User napisa=C5= =82(a): > I came from some twitter discussion so I think this thread is trending. I= =20 > think we need to figure a way out onward.=20 > > Here is a last resort solution by launching this attack in production. We= =20 > should avoid making this last resort solution, but from what Peter Todd= =20 > said, below seems completely practical. > Please treat it as story reading and do not overthink that this is the wa= y=20 > to go. > > - a few people in the list form a group and fork bitcoin core and apply= =20 > the patch from Peter Todd > - work with a few miners to massively perform the free relay attacks and= =20 > other mempool related attacks in an effort to force mining pools and mine= rs=20 > to switch from bitcoin core into the fork in order for their nodes to=20 > continue running in a healthy manner > - build a free service for file transfer or VPN taking advantage of rbf i= n=20 > the Bitcoin network and make it a public good that millions of users can= =20 > use, causing most of the mempool transactions to be conflicting (due to= =20 > different implementations of rbf) and therefore wallets have to eventuall= y=20 > stop broadcasting transactions to bitcoin core nodes (which could be usin= g=20 > a completely new list of seed nodes, disabling the existing seed node=20 > list), and non-bitcoin-core nodes, in order to have more healthy=20 > transaction flows and mempool data sharing, would start node-shopping by= =20 > disconnecting themselves from bitcoin core nodes and refusing to be their= =20 > peers=20 > - core is forced to find a way onward, or the core gives up and archives= =20 > the bitcoin core repo > > The damage is probably just a few days of slower transaction processing,= =20 > much smaller than the price spike caused by ordinals last year.=20 > > Democracy starts with people having different opinions that DO NOT need t= o=20 > reconcile. So, it is not about how we get different people in this mail= =20 > list, or the non-public security list, to achieve the same opinions, like= =20 > whether full RBF is needed. It is about how Bitcoin can allow two groups = of=20 > people that have fundamentally different opinions and are unwilling and= =20 > impossible to reconcile. We can have 5-10 security disclosure mail lists = by=20 > different groups of people, and good-faith vulnerability reporters can=20 > choose to exclusively report the bugs to some groups that the reporters= =20 > feel to be knowledgeable and responsive and, importantly, have the capaci= ty=20 > and the motivation to work on it.=20 > > I feel bad for Peter Todd. If I were him, I wouldn't report the bug. I=20 > would sell the bug because I got nothing in return, but probably more=20 > jealousy or more retaliation for being the only person serious about an= =20 > issue.=20 > Btw, Peter already has a fork.=20 > > Ethereum has great software development process as well as its ecosystem.= =20 > Smart contracts get heavily audited not because people care about securit= y.=20 > It is because North Korea has successfully stolen probably hundreds of=20 > millions of dollars from different projects and even causing some project= s=20 > to fall apart. This is in essence similar to, if one day Bitcoin has a=20 > memory exploit issue that causes a massive amount of miners to lose coins= =20 > that they own, and the network again needs to decide whether to do a hard= =20 > fork, that is the time when we will be discussing if stopping development= =20 > in C/C++ and limiting Bitcoin core development to Rust and Rust only are= =20 > the way forward. > > Thanks, > Anonymous user, as the floppy disk guy recommends this might be the best= =20 > way to engage in the mailing list onward > > I strongly encourage people to try engaging in this email list=20 > anonymously. It feels great to say things out loud without worrying about= =20 > retaliation on unrelated matters. Also, this should be permitted. We stil= l=20 > don't know who Satoshi is. If I were Satoshi, I probably also wouldn't=20 > report a bug I know.=20 > > On Sunday, July 21, 2024 at 1:49:10=E2=80=AFPM UTC-7 Ava Chow wrote: > >> On 07/20/2024 10:06 PM, Antoine Riard wrote:=20 >> > "Naive", as saying this is the _Bitcoin Core_ project list only can=20 >> only=20 >> > provoke blind=20 >> > spot among the list members if the security issues are either affectin= g=20 >> > old part of=20 >> > the codebases that younger members have less experiences with (some=20 >> > parts like consensus=20 >> > or block-relay are modified only every 5 years) or novel factors from= =20 >> > upstream or downstream=20 >> > (e.g the internet networking stack or implications on deployed contrac= t=20 >> > protocols like=20 >> > lightning). On both the former and latter criterias, I think Peter=20 >> > overly meets the bar.=20 >> >> Peter was not the only "senior" person on the security list. Obviously I= =20 >> will not disclose non-public information, but certainly there are people= =20 >> on the security list who are just as, if not more, senior than Peter.=20 >> >> Furthermore, the "old parts" still do get changed, and someone who no=20 >> longer actively contributes to the project is more likely to be unaware= =20 >> of how the code actually works today, even if they are familiar with=20 >> components that change infrequently.=20 >> >> > When you've big sh*t hitting the fan like inflation bugs or level DB= =20 >> > 2013 unexpected fork you=20 >> > prefer have experts with a decade of experience to collaborate with,= =20 >> and=20 >> > sharing the same cultural=20 >> > and ethical norms of the active contributors evaluated by numbers on= =20 >> > commits on the last single-digit=20 >> > years.=20 >> >> Not being on the list does not preclude him from being consulted if the= =20 >> need arises.=20 >> >> With the two examples you provide, I am not aware of Peter being=20 >> actively involved in the resolution of both of those, whereas there are= =20 >> current members of the list who were.=20 >> >> >> In general though, it is not clear to me how it was beneficial to have= =20 >> Peter on the security list, nor how not having him is directly harmful.= =20 >> In the 2 years that I have been on the security list, I was unaware that= =20 >> Peter was a recipient until shortly before he was removed. My=20 >> understanding is that others who have been on the list longer than me=20 >> were also unaware.=20 >> >> Ava=20 >> >> >=20 >> > I'll repropose Peter admission on the security list mailing list in th= e=20 >> > coming weeks by opening an=20 >> > issue on the bitcoin-meta repository, once this current mailing list= =20 >> > thread has slowed down a bit,=20 >> > or at least the technical analysis has been dissociated from the=20 >> > proceedings which have all been=20 >> > bundle in a big message. In my very personal opinion, I still trust=20 >> more=20 >> > Peter competence and experience=20 >> > than some other people I know who are on the security mailing list.=20 >> >=20 >> > All that said I appreciate your answer and I'm satisfied from the=20 >> > personal role you've have played=20 >> > in the matter with, and be reassured I'll keep you among the recipient= =20 >> > of future security issues with=20 >> > a potential impact on bitcoin core that I might find or be aware off.= =20 >> >=20 >> > Best,=20 >> > Antoine=20 >> > ots hash:=20 >> db441b51684ad3a6897f67d42c74ccfcb9a4ffed40d4bdbe30a2edd867ccdd54=20 >> >=20 >> > Le samedi 20 juillet 2024 =C3=A0 01:50:25 UTC+1, Ava Chow a =C3=A9crit= :=20 >> >=20 >> > On 07/19/2024 07:58 PM, Antoine Riard wrote:=20 >> > > As said in one my previous email, I'm still curious about achow101= =20 >> > > explaining publicly=20 >> > > why you have been kicked-out of the bitcoin-security mailing=20 >> > list, when=20 >> > > you were certainly=20 >> > > more senior than achow101 in matters of base-layer security=20 >> > issues or=20 >> > > even hard technical=20 >> > > issues like consensus interactions (e.g bip65). I'll re-iterate my= =20 >> > > respect towards achow101=20 >> > > as a maintainer from years of collaboration, though this is a topic= =20 >> > > worthy of an answer.=20 >> >=20 >> > I am not the one that removed Peter from the mailing list, nor do I=20 >> > even=20 >> > have the login(s) to do so.=20 >> >=20 >> > There was a discussion amongst several members of the security list=20 >> > about who was on the list, and who should be on the list. Given that= =20 >> > the=20 >> > security list is the _Bitcoin Core_ security list, we determined that= =20 >> > the people who should be on the list are people who still actively=20 >> > contribute to the project. As Peter Todd no longer actively contribute= =20 >> > code nor code review to the project, we decided that it didn't make=20 >> > sense to continue to have him on the list.=20 >> >=20 >> > My recollection is that multiple other people were removed from the=20 >> > list=20 >> > for the same reason at the same time.=20 >> >=20 >> > Ava=20 >> >=20 >> > --=20 >> > You received this message because you are subscribed to the Google=20 >> > Groups "Bitcoin Development Mailing List" group.=20 >> > To unsubscribe from this group and stop receiving emails from it, send= =20 >> > an email to bitcoindev+...@googlegroups.com=20 >> > .=20 >> > To view this discussion on the web visit=20 >> >=20 >> https://groups.google.com/d/msgid/bitcoindev/2aa2d6fa-ae72-4aef-9fda-49e= 2f7c657abn%40googlegroups.com=20 >> < >> https://groups.google.com/d/msgid/bitcoindev/2aa2d6fa-ae72-4aef-9fda-49e= 2f7c657abn%40googlegroups.com?utm_medium=3Demail&utm_source=3Dfooter>.=20 >> >> >> --=20 You received this message because you are subscribed to the Google Groups "= Bitcoin Development Mailing List" group. To unsubscribe from this group and stop receiving emails from it, send an e= mail to bitcoindev+unsubscribe@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/= bitcoindev/24cd7816-1912-41f9-a6ef-f740801245e2n%40googlegroups.com. ------=_Part_49951_646384883.1722491878263 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable > Here is a last resort solution by launching this attack in production.=

I hope you will pick some testnet, for example testnet3 or test= net4, or even signet, instead of launching it on mainnet. Also because test= networks are better suited for file sharing scenarios, because if coins ar= e worthless, and there are no real transactions, then pushing data is the o= nly purpose of such network. Probably, doing it on testnet4 is the easiest = target, because of 50 tBTC reward (which means: 5 GB spamming ability per b= lock, if you use 1 sat/vB).

poniedzia=C5=82ek, 22 lipca 2024 o=C2=A014:0= 7:41 UTC+2 Anonymous User napisa=C5=82(a):
I came from some twitter discussion so I= think this thread is trending. I think we need to figure a way out onward.= =C2=A0

Here is a last resort solution by launching= this attack in production. We should avoid making this last resort solutio= n, but from what Peter Todd said, below seems completely practical.
Please treat it as story reading and do not overthink that this is the w= ay to go.

- a few people in the list form a group = and fork bitcoin core and apply the patch from Peter Todd
- work = with a few miners to massively perform the free relay attacks and other mem= pool related attacks in an effort to force mining pools and miners to switc= h from bitcoin core into the fork in order for their nodes to continue runn= ing in a healthy manner
- build a free service for file transfer = or VPN taking advantage of rbf in the Bitcoin network and make it a public = good that millions of users can use, causing most of the mempool transactio= ns to be conflicting (due to different implementations of rbf) and therefor= e wallets have to eventually stop broadcasting transactions to bitcoin core= nodes (which could be using a completely new list of seed nodes, disabling= the existing seed node list), and non-bitcoin-core nodes, in order to have= more healthy transaction flows and mempool data sharing, would start node-= shopping by disconnecting themselves from bitcoin core nodes and refusing t= o be their peers=C2=A0
- core is forced to find a way onward, or = the core gives up and archives the bitcoin core repo

The damage is probably just a few days of slower transaction processing,= much smaller than the price spike caused by ordinals last year.=C2=A0

Democracy starts with people having different opinions= that DO NOT need to reconcile. So, it is not about how we get different pe= ople in this mail list, or the non-public security list, to achieve the sam= e opinions, like whether full RBF is needed. It is about how Bitcoin can al= low two groups of people that have fundamentally different opinions and are= unwilling and impossible to reconcile. We can have 5-10 security disclosur= e mail lists by different groups of people, and good-faith vulnerability re= porters can choose to exclusively report the bugs to some groups that the r= eporters feel to be knowledgeable and responsive and, importantly, have the= capacity and the motivation to work on it.=C2=A0

<= div>I feel bad for Peter Todd. If I were him, I wouldn't report the bug= . I would sell the bug because I got nothing in return, but probably more j= ealousy or more=C2=A0retaliation for being the only person serious about an= issue.=C2=A0
Btw, Peter already has a fork.=C2=A0

=
Ethereum has great software development process as well as its e= cosystem. Smart contracts get heavily audited not because people care about= security. It is because North Korea has successfully stolen probably hundr= eds of millions of dollars from different projects and even causing some pr= ojects to fall apart. This is in essence similar to, if one day Bitcoin has= a memory exploit issue that causes a massive amount of miners to lose coin= s that they own, and the network again needs to decide whether to do a hard= fork, that is the time when we will be discussing if stopping development = in C/C++ and limiting Bitcoin core development to Rust and Rust only are th= e way forward.

Thanks,
Anonymous user, a= s the floppy disk guy recommends this might be the best way to engage in th= e mailing list onward

I strongly encourage people = to try engaging in this email list anonymously. It feels great to say thing= s out loud without worrying about retaliation on unrelated matters. Also, t= his should be permitted. We still don't know who Satoshi is. If I were = Satoshi, I probably also wouldn't report a bug I know.=C2=A0

<= div class=3D"gmail_quote">
On Sunday,= July 21, 2024 at 1:49:10=E2=80=AFPM UTC-7 Ava Chow wrote:
On 07/20/2024 10:06 PM, Antoine Riard = wrote:
> "Naive", as saying this is the _Bitcoin Core_ project li= st only can only=20
> provoke blind
> spot among the list members if the security issues are either affe= cting=20
> old part of
> the codebases that younger members have less experiences with (som= e=20
> parts like consensus
> or block-relay are modified only every 5 years) or novel factors f= rom=20
> upstream or downstream
> (e.g the internet networking stack or implications on deployed con= tract=20
> protocols like
> lightning). On both the former and latter criterias, I think Peter= =20
> overly meets the bar.

Peter was not the only "senior" person on the security list. = Obviously I=20
will not disclose non-public information, but certainly there are peopl= e=20
on the security list who are just as, if not more, senior than Peter.

Furthermore, the "old parts" still do get changed, and someon= e who no=20
longer actively contributes to the project is more likely to be unaware= =20
of how the code actually works today, even if they are familiar with=20
components that change infrequently.

> When you've big sh*t hitting the fan like inflation bugs or le= vel DB=20
> 2013 unexpected fork you
> prefer have experts with a decade of experience to collaborate wit= h, and=20
> sharing the same cultural
> and ethical norms of the active contributors evaluated by numbers = on=20
> commits on the last single-digit
> years.

Not being on the list does not preclude him from being consulted if the= =20
need arises.

With the two examples you provide, I am not aware of Peter being=20
actively involved in the resolution of both of those, whereas there are= =20
current members of the list who were.


In general though, it is not clear to me how it was beneficial to have= =20
Peter on the security list, nor how not having him is directly harmful.= =20
In the 2 years that I have been on the security list, I was unaware tha= t=20
Peter was a recipient until shortly before he was removed. My=20
understanding is that others who have been on the list longer than me= =20
were also unaware.

Ava

>=20
> I'll repropose Peter admission on the security list mailing li= st in the=20
> coming weeks by opening an
> issue on the bitcoin-meta repository, once this current mailing li= st=20
> thread has slowed down a bit,
> or at least the technical analysis has been dissociated from the= =20
> proceedings which have all been
> bundle in a big message. In my very personal opinion, I still trus= t more=20
> Peter competence and experience
> than some other people I know who are on the security mailing list= .
>=20
> All that said I appreciate your answer and I'm satisfied from = the=20
> personal role you've have played
> in the matter with, and be reassured I'll keep you among the r= ecipient=20
> of future security issues with
> a potential impact on bitcoin core that I might find or be aware o= ff.
>=20
> Best,
> Antoine
> ots hash: db441b51684ad3a6897f67d42c74ccfcb9a4ffed40d4bdbe30a2edd8= 67ccdd54
>=20
> Le samedi 20 juillet 2024 =C3=A0 01:50:25 UTC+1, Ava Chow a =C3=A9= crit=C2=A0:
>=20
> On 07/19/2024 07:58 PM, Antoine Riard wrote:
> > As said in one my previous email, I'm still curious = about achow101
> > explaining publicly
> > why you have been kicked-out of the bitcoin-security mai= ling
> list, when
> > you were certainly
> > more senior than achow101 in matters of base-layer secur= ity
> issues or
> > even hard technical
> > issues like consensus interactions (e.g bip65). I'll= re-iterate my
> > respect towards achow101
> > as a maintainer from years of collaboration, though this= is a topic
> > worthy of an answer.
>=20
> I am not the one that removed Peter from the mailing list, nor= do I
> even
> have the login(s) to do so.
>=20
> There was a discussion amongst several members of the security= list
> about who was on the list, and who should be on the list. Give= n that
> the
> security list is the _Bitcoin Core_ security list, we determin= ed that
> the people who should be on the list are people who still acti= vely
> contribute to the project. As Peter Todd no longer actively co= ntribute
> code nor code review to the project, we decided that it didn&#= 39;t make
> sense to continue to have him on the list.
>=20
> My recollection is that multiple other people were removed fro= m the
> list
> for the same reason at the same time.
>=20
> Ava
>=20
> --=20
> You received this message because you are subscribed to the Google= =20
> Groups "Bitcoin Development Mailing List" group.
> To unsubscribe from this group and stop receiving emails from it, = send=20
> an email to bitcoindev+...@googlegroups.com=20
> <mailto:bitcoindev+...@googlegroups.com= >.
> To view this discussion on the web visit=20
> https://groups.google.com/d/msgid/b= itcoindev/2aa2d6fa-ae72-4aef-9fda-49e2f7c657abn%40googlegroups.com <= https://groups.google.com/d/msgid/b= itcoindev/2aa2d6fa-ae72-4aef-9fda-49e2f7c657abn%40googlegroups.com?utm_medi= um=3Demail&utm_source=3Dfooter>.

--
You received this message because you are subscribed to the Google Groups &= quot;Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an e= mail to bitcoind= ev+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msg= id/bitcoindev/24cd7816-1912-41f9-a6ef-f740801245e2n%40googlegroups.com.=
------=_Part_49951_646384883.1722491878263-- ------=_Part_49950_456227870.1722491878263--