From mboxrd@z Thu Jan 1 00:00:00 1970 Delivery-date: Mon, 22 Jul 2024 05:07:49 -0700 Received: from mail-yb1-f190.google.com ([209.85.219.190]) by mail.fairlystable.org with esmtps (TLS1.3) tls TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 (Exim 4.94.2) (envelope-from ) id 1sVrpT-0001ER-Uj for bitcoindev@gnusha.org; Mon, 22 Jul 2024 05:07:49 -0700 Received: by mail-yb1-f190.google.com with SMTP id 3f1490d57ef6-e02b5792baasf9133082276.2 for ; Mon, 22 Jul 2024 05:07:47 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlegroups.com; s=20230601; t=1721650061; x=1722254861; darn=gnusha.org; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:x-original-sender :mime-version:subject:references:in-reply-to:message-id:to:from:date :from:to:cc:subject:date:message-id:reply-to; bh=7xjW5odPstEfY8gOhrXxhwgxRPA+qG2dsL9GHjDYslg=; b=JztG7Cl4J1rW5/GmKPex0z4Fm0FHeCWTEE6EGpiBXBngUBYbdC4FjoG79umdiUmCeu ZGFYjoaANCMeylEDbqNecKibw6D+ZyAMCzavCwh6eJ24H9FT3oHEFbRTfd1LPZttVeLk 87G+r6q+XQDp4UMUrWsmHLrl4OcHgO6U4fXz2oNgGI5v2C53mZ47HmBHmhUXyreiRm2n 9T5X/LNxMgIByU6zdpkbXh7V5W2qy5aPcDqbrySPYYW5KWvLOiYHavEYKUGYMcgTMivK 6SS4vXmScHYw1GFylKp8YKYa0g3H5CaHLVVHz2PXB2nlGIWDt+70P3SH1lkH/8OaJiS2 MnNQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1721650061; x=1722254861; h=list-unsubscribe:list-subscribe:list-archive:list-help:list-post :list-id:mailing-list:precedence:reply-to:x-original-sender :mime-version:subject:references:in-reply-to:message-id:to:from:date :x-beenthere:x-gm-message-state:from:to:cc:subject:date:message-id :reply-to; bh=7xjW5odPstEfY8gOhrXxhwgxRPA+qG2dsL9GHjDYslg=; b=SuB0Ac8Jn2lG36O+ZwOiyTqrOUvK3UiDN+f5qm2wGGNMcVJaRQedujCUORETpewFkt R7s9tLFinSLNsDXVJGPh3WDxntgvCnaeLxXxEjhALDoxqskG/oyrNv1m3A6IuEL0Z4Kp NgVdmEX21KW5i6DqZo/yMp1I8E7PRRC5LdsxJ9gvBUJy8F9ul4ACinWpsRoodZk6cDJI bu2rSyssRgluE6JgJN/0n14u30dZ7mbx/Ex1hnU9OWCgvWqDVJbzJqBmdrD6YlMLHSaF OKVD7AKeDUcvFrWNPt6lSvHIbFv3w1wOjzZKC13+cHvwZ7UdpJ72yI+I2kAr36YEch6I WQiw== X-Forwarded-Encrypted: i=1; AJvYcCX43FZA8yDfTkuhtuj8WqIxkxtEiKcUORmlDlcWsDtk6QShZAnF/tk5urzT/jttUk+X7LYshcXyO8CApsI41UylM1TVBWQ= X-Gm-Message-State: AOJu0YyYw22GitWEDM/AYlSJfQvCudtT239gnN9VEJcDgYCGL92qQYIm Mn6whvyHNowxAcHne96kzmYj2ds2t6Rb1Cewf6R8F7deOCZ42kkX X-Google-Smtp-Source: AGHT+IHhhEp/KgE4j/wXMpuChY0Y9mZo/A6DkcpDGr45RuRCUNGXVWt8Q/O4LHY2+WqgcVt8KbpQXw== X-Received: by 2002:a05:6902:1201:b0:e05:fc30:7057 with SMTP id 3f1490d57ef6-e087067957cmr8267559276.43.1721650061409; Mon, 22 Jul 2024 05:07:41 -0700 (PDT) X-BeenThere: bitcoindev@googlegroups.com Received: by 2002:a25:f912:0:b0:e03:6457:383f with SMTP id 3f1490d57ef6-e05fdb408a3ls6326216276.1.-pod-prod-09-us; Mon, 22 Jul 2024 05:07:40 -0700 (PDT) X-Received: by 2002:a05:690c:d81:b0:61d:4701:5e66 with SMTP id 00721157ae682-66a63a71ec9mr5890037b3.2.1721650060022; Mon, 22 Jul 2024 05:07:40 -0700 (PDT) Received: by 2002:a05:690c:2d11:b0:66a:8967:a513 with SMTP id 00721157ae682-66a8967cff9ms7b3; Sun, 21 Jul 2024 18:59:53 -0700 (PDT) X-Received: by 2002:a05:690c:38b:b0:62d:a29:537e with SMTP id 00721157ae682-66a663575camr4672187b3.4.1721613592511; Sun, 21 Jul 2024 18:59:52 -0700 (PDT) Date: Sun, 21 Jul 2024 18:59:52 -0700 (PDT) From: "'Anonymous User' via Bitcoin Development Mailing List" To: Bitcoin Development Mailing List Message-Id: <3f7d43bd-af9e-4af5-860a-223504bb4fcan@googlegroups.com> In-Reply-To: References: <18fc443d-c347-4a84-94fe-81308ae20b76n@googlegroups.com> <4d950527-4430-49f2-8e38-3755bc58e301n@googlegroups.com> <4f7eddff-9e2d-4beb-bcc6-832584cb939d@achow101.com> <2aa2d6fa-ae72-4aef-9fda-49e2f7c657abn@googlegroups.com> Subject: Re: [bitcoindev] Re: A "Free" Relay Attack Taking Advantage of The Lack of Full-RBF In Core MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="----=_Part_342116_216611184.1721613592246" X-Original-Sender: situo@berkeley.edu X-Original-From: Anonymous User Reply-To: Anonymous User Precedence: list Mailing-list: list bitcoindev@googlegroups.com; contact bitcoindev+owners@googlegroups.com List-ID: X-Google-Group-Id: 786775582512 List-Post: , List-Help: , List-Archive: , List-Unsubscribe: , X-Spam-Score: -1.0 (-) ------=_Part_342116_216611184.1721613592246 Content-Type: multipart/alternative; boundary="----=_Part_342117_6754146.1721613592246" ------=_Part_342117_6754146.1721613592246 Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable I came from some twitter discussion so I think this thread is trending. I= =20 think we need to figure a way out onward.=20 Here is a last resort solution by launching this attack in production. We= =20 should avoid making this last resort solution, but from what Peter Todd=20 said, below seems completely practical. Please treat it as story reading and do not overthink that this is the way= =20 to go. - a few people in the list form a group and fork bitcoin core and apply the= =20 patch from Peter Todd - work with a few miners to massively perform the free relay attacks and=20 other mempool related attacks in an effort to force mining pools and miners= =20 to switch from bitcoin core into the fork in order for their nodes to=20 continue running in a healthy manner - build a free service for file transfer or VPN taking advantage of rbf in= =20 the Bitcoin network and make it a public good that millions of users can=20 use, causing most of the mempool transactions to be conflicting (due to=20 different implementations of rbf) and therefore wallets have to eventually= =20 stop broadcasting transactions to bitcoin core nodes (which could be using= =20 a completely new list of seed nodes, disabling the existing seed node=20 list), and non-bitcoin-core nodes, in order to have more healthy=20 transaction flows and mempool data sharing, would start node-shopping by=20 disconnecting themselves from bitcoin core nodes and refusing to be their= =20 peers=20 - core is forced to find a way onward, or the core gives up and archives=20 the bitcoin core repo The damage is probably just a few days of slower transaction processing,=20 much smaller than the price spike caused by ordinals last year.=20 Democracy starts with people having different opinions that DO NOT need to= =20 reconcile. So, it is not about how we get different people in this mail=20 list, or the non-public security list, to achieve the same opinions, like= =20 whether full RBF is needed. It is about how Bitcoin can allow two groups of= =20 people that have fundamentally different opinions and are unwilling and=20 impossible to reconcile. We can have 5-10 security disclosure mail lists by= =20 different groups of people, and good-faith vulnerability reporters can=20 choose to exclusively report the bugs to some groups that the reporters=20 feel to be knowledgeable and responsive and, importantly, have the capacity= =20 and the motivation to work on it.=20 I feel bad for Peter Todd. If I were him, I wouldn't report the bug. I=20 would sell the bug because I got nothing in return, but probably more=20 jealousy or more retaliation for being the only person serious about an=20 issue.=20 Btw, Peter already has a fork.=20 Ethereum has great software development process as well as its ecosystem.= =20 Smart contracts get heavily audited not because people care about security.= =20 It is because North Korea has successfully stolen probably hundreds of=20 millions of dollars from different projects and even causing some projects= =20 to fall apart. This is in essence similar to, if one day Bitcoin has a=20 memory exploit issue that causes a massive amount of miners to lose coins= =20 that they own, and the network again needs to decide whether to do a hard= =20 fork, that is the time when we will be discussing if stopping development= =20 in C/C++ and limiting Bitcoin core development to Rust and Rust only are=20 the way forward. Thanks, Anonymous user, as the floppy disk guy recommends this might be the best=20 way to engage in the mailing list onward I strongly encourage people to try engaging in this email list anonymously.= =20 It feels great to say things out loud without worrying about retaliation on= =20 unrelated matters. Also, this should be permitted. We still don't know who= =20 Satoshi is. If I were Satoshi, I probably also wouldn't report a bug I=20 know.=20 On Sunday, July 21, 2024 at 1:49:10=E2=80=AFPM UTC-7 Ava Chow wrote: > On 07/20/2024 10:06 PM, Antoine Riard wrote: > > "Naive", as saying this is the _Bitcoin Core_ project list only can onl= y=20 > > provoke blind > > spot among the list members if the security issues are either affecting= =20 > > old part of > > the codebases that younger members have less experiences with (some=20 > > parts like consensus > > or block-relay are modified only every 5 years) or novel factors from= =20 > > upstream or downstream > > (e.g the internet networking stack or implications on deployed contract= =20 > > protocols like > > lightning). On both the former and latter criterias, I think Peter=20 > > overly meets the bar. > > Peter was not the only "senior" person on the security list. Obviously I= =20 > will not disclose non-public information, but certainly there are people= =20 > on the security list who are just as, if not more, senior than Peter. > > Furthermore, the "old parts" still do get changed, and someone who no=20 > longer actively contributes to the project is more likely to be unaware= =20 > of how the code actually works today, even if they are familiar with=20 > components that change infrequently. > > > When you've big sh*t hitting the fan like inflation bugs or level DB=20 > > 2013 unexpected fork you > > prefer have experts with a decade of experience to collaborate with, an= d=20 > > sharing the same cultural > > and ethical norms of the active contributors evaluated by numbers on=20 > > commits on the last single-digit > > years. > > Not being on the list does not preclude him from being consulted if the= =20 > need arises. > > With the two examples you provide, I am not aware of Peter being=20 > actively involved in the resolution of both of those, whereas there are= =20 > current members of the list who were. > > > In general though, it is not clear to me how it was beneficial to have=20 > Peter on the security list, nor how not having him is directly harmful.= =20 > In the 2 years that I have been on the security list, I was unaware that= =20 > Peter was a recipient until shortly before he was removed. My=20 > understanding is that others who have been on the list longer than me=20 > were also unaware. > > Ava > > >=20 > > I'll repropose Peter admission on the security list mailing list in the= =20 > > coming weeks by opening an > > issue on the bitcoin-meta repository, once this current mailing list=20 > > thread has slowed down a bit, > > or at least the technical analysis has been dissociated from the=20 > > proceedings which have all been > > bundle in a big message. In my very personal opinion, I still trust mor= e=20 > > Peter competence and experience > > than some other people I know who are on the security mailing list. > >=20 > > All that said I appreciate your answer and I'm satisfied from the=20 > > personal role you've have played > > in the matter with, and be reassured I'll keep you among the recipient= =20 > > of future security issues with > > a potential impact on bitcoin core that I might find or be aware off. > >=20 > > Best, > > Antoine > > ots hash:=20 > db441b51684ad3a6897f67d42c74ccfcb9a4ffed40d4bdbe30a2edd867ccdd54 > >=20 > > Le samedi 20 juillet 2024 =C3=A0 01:50:25 UTC+1, Ava Chow a =C3=A9crit = : > >=20 > > On 07/19/2024 07:58 PM, Antoine Riard wrote: > > > As said in one my previous email, I'm still curious about achow101 > > > explaining publicly > > > why you have been kicked-out of the bitcoin-security mailing > > list, when > > > you were certainly > > > more senior than achow101 in matters of base-layer security > > issues or > > > even hard technical > > > issues like consensus interactions (e.g bip65). I'll re-iterate my > > > respect towards achow101 > > > as a maintainer from years of collaboration, though this is a topic > > > worthy of an answer. > >=20 > > I am not the one that removed Peter from the mailing list, nor do I > > even > > have the login(s) to do so. > >=20 > > There was a discussion amongst several members of the security list > > about who was on the list, and who should be on the list. Given that > > the > > security list is the _Bitcoin Core_ security list, we determined that > > the people who should be on the list are people who still actively > > contribute to the project. As Peter Todd no longer actively contribute > > code nor code review to the project, we decided that it didn't make > > sense to continue to have him on the list. > >=20 > > My recollection is that multiple other people were removed from the > > list > > for the same reason at the same time. > >=20 > > Ava > >=20 > > --=20 > > You received this message because you are subscribed to the Google=20 > > Groups "Bitcoin Development Mailing List" group. > > To unsubscribe from this group and stop receiving emails from it, send= =20 > > an email to bitcoindev+...@googlegroups.com=20 > > . > > To view this discussion on the web visit=20 > >=20 > https://groups.google.com/d/msgid/bitcoindev/2aa2d6fa-ae72-4aef-9fda-49e2= f7c657abn%40googlegroups.com=20 > < > https://groups.google.com/d/msgid/bitcoindev/2aa2d6fa-ae72-4aef-9fda-49e2= f7c657abn%40googlegroups.com?utm_medium=3Demail&utm_source=3Dfooter > >. > > --=20 You received this message because you are subscribed to the Google Groups "= Bitcoin Development Mailing List" group. To unsubscribe from this group and stop receiving emails from it, send an e= mail to bitcoindev+unsubscribe@googlegroups.com. To view this discussion on the web visit https://groups.google.com/d/msgid/= bitcoindev/3f7d43bd-af9e-4af5-860a-223504bb4fcan%40googlegroups.com. ------=_Part_342117_6754146.1721613592246 Content-Type: text/html; charset="UTF-8" Content-Transfer-Encoding: quoted-printable
I came from some twitter discussion so I think this thread is trending= . I think we need to figure a way out onward.=C2=A0

<= div>Here is a last resort solution by launching this attack in production. = We should avoid making this last resort solution, but from what Peter Todd = said, below seems completely practical.
Please treat it as story = reading and do not overthink that this is the way to go.

- a few people in the list form a group and fork bitcoin core and = apply the patch from Peter Todd
- work with a few miners to massi= vely perform the free relay attacks and other mempool related attacks in an= effort to force mining pools and miners to switch from bitcoin core into t= he fork in order for their nodes to continue running in a healthy manner
- build a free service for file transfer or VPN taking advantage of= rbf in the Bitcoin network and make it a public good that millions of user= s can use, causing most of the mempool transactions to be conflicting (due = to different implementations of rbf) and therefore wallets have to eventual= ly stop broadcasting transactions to bitcoin core nodes (which could be usi= ng a completely new list of seed nodes, disabling the existing seed node li= st), and non-bitcoin-core nodes, in order to have more healthy transaction = flows and mempool data sharing, would start node-shopping by disconnecting = themselves from bitcoin core nodes and refusing to be their peers=C2=A0
- core is forced to find a way onward, or the core gives up and arch= ives the bitcoin core repo

The damage is probabl= y just a few days of slower transaction processing, much smaller than the p= rice spike caused by ordinals last year.=C2=A0

D= emocracy starts with people having different opinions that DO NOT need to r= econcile. So, it is not about how we get different people in this mail list= , or the non-public security list, to achieve the same opinions, like wheth= er full RBF is needed. It is about how Bitcoin can allow two groups of peop= le that have fundamentally different opinions and are unwilling and impossi= ble to reconcile. We can have 5-10 security disclosure mail lists by differ= ent groups of people, and good-faith vulnerability reporters can choose to = exclusively report the bugs to some groups that the reporters feel to be kn= owledgeable and responsive and, importantly, have the capacity and the moti= vation to work on it.=C2=A0

I feel bad for= Peter Todd. If I were him, I wouldn't report the bug. I would sell the bug= because I got nothing in return, but probably more jealousy or more=C2=A0r= etaliation for being the only person serious about an issue.=C2=A0
Btw, Peter already has a fork.=C2=A0

Ethereum = has great software development process as well as its ecosystem. Smart cont= racts get heavily audited not because people care about security. It is bec= ause North Korea has successfully stolen probably hundreds of millions of d= ollars from different projects and even causing some projects to fall apart= . This is in essence similar to, if one day Bitcoin has a memory exploit is= sue that causes a massive amount of miners to lose coins that they own, and= the network again needs to decide whether to do a hard fork, that is the t= ime when we will be discussing if stopping development in C/C++ and limitin= g Bitcoin core development to Rust and Rust only are the way forward.
=

Thanks,
Anonymous user, as the floppy disk = guy recommends this might be the best way to engage in the mailing list onw= ard

I strongly encourage people to try engaging = in this email list anonymously. It feels great to say things out loud witho= ut worrying about retaliation on unrelated matters. Also, this should be pe= rmitted. We still don't know who Satoshi is. If I were Satoshi, I probably = also wouldn't report a bug I know.=C2=A0

On Sunday, July 21, 2024 at 1:49= :10=E2=80=AFPM UTC-7 Ava Chow wrote:
On 07/20/2024 10:06 PM, Antoine Riard wrote:
> "Naive", as saying this is the _Bitcoin Core_ project li= st only can only=20
> provoke blind
> spot among the list members if the security issues are either affe= cting=20
> old part of
> the codebases that younger members have less experiences with (som= e=20
> parts like consensus
> or block-relay are modified only every 5 years) or novel factors f= rom=20
> upstream or downstream
> (e.g the internet networking stack or implications on deployed con= tract=20
> protocols like
> lightning). On both the former and latter criterias, I think Peter= =20
> overly meets the bar.

Peter was not the only "senior" person on the security list. = Obviously I=20
will not disclose non-public information, but certainly there are peopl= e=20
on the security list who are just as, if not more, senior than Peter.

Furthermore, the "old parts" still do get changed, and someon= e who no=20
longer actively contributes to the project is more likely to be unaware= =20
of how the code actually works today, even if they are familiar with=20
components that change infrequently.

> When you've big sh*t hitting the fan like inflation bugs or le= vel DB=20
> 2013 unexpected fork you
> prefer have experts with a decade of experience to collaborate wit= h, and=20
> sharing the same cultural
> and ethical norms of the active contributors evaluated by numbers = on=20
> commits on the last single-digit
> years.

Not being on the list does not preclude him from being consulted if the= =20
need arises.

With the two examples you provide, I am not aware of Peter being=20
actively involved in the resolution of both of those, whereas there are= =20
current members of the list who were.


In general though, it is not clear to me how it was beneficial to have= =20
Peter on the security list, nor how not having him is directly harmful.= =20
In the 2 years that I have been on the security list, I was unaware tha= t=20
Peter was a recipient until shortly before he was removed. My=20
understanding is that others who have been on the list longer than me= =20
were also unaware.

Ava

>=20
> I'll repropose Peter admission on the security list mailing li= st in the=20
> coming weeks by opening an
> issue on the bitcoin-meta repository, once this current mailing li= st=20
> thread has slowed down a bit,
> or at least the technical analysis has been dissociated from the= =20
> proceedings which have all been
> bundle in a big message. In my very personal opinion, I still trus= t more=20
> Peter competence and experience
> than some other people I know who are on the security mailing list= .
>=20
> All that said I appreciate your answer and I'm satisfied from = the=20
> personal role you've have played
> in the matter with, and be reassured I'll keep you among the r= ecipient=20
> of future security issues with
> a potential impact on bitcoin core that I might find or be aware o= ff.
>=20
> Best,
> Antoine
> ots hash: db441b51684ad3a6897f67d42c74ccfcb9a4ffed40d4bdbe30a2edd8= 67ccdd54
>=20
> Le samedi 20 juillet 2024 =C3=A0 01:50:25 UTC+1, Ava Chow a =C3=A9= crit=C2=A0:
>=20
> On 07/19/2024 07:58 PM, Antoine Riard wrote:
> > As said in one my previous email, I'm still curious = about achow101
> > explaining publicly
> > why you have been kicked-out of the bitcoin-security mai= ling
> list, when
> > you were certainly
> > more senior than achow101 in matters of base-layer secur= ity
> issues or
> > even hard technical
> > issues like consensus interactions (e.g bip65). I'll= re-iterate my
> > respect towards achow101
> > as a maintainer from years of collaboration, though this= is a topic
> > worthy of an answer.
>=20
> I am not the one that removed Peter from the mailing list, nor= do I
> even
> have the login(s) to do so.
>=20
> There was a discussion amongst several members of the security= list
> about who was on the list, and who should be on the list. Give= n that
> the
> security list is the _Bitcoin Core_ security list, we determin= ed that
> the people who should be on the list are people who still acti= vely
> contribute to the project. As Peter Todd no longer actively co= ntribute
> code nor code review to the project, we decided that it didn&#= 39;t make
> sense to continue to have him on the list.
>=20
> My recollection is that multiple other people were removed fro= m the
> list
> for the same reason at the same time.
>=20
> Ava
>=20
> --=20
> You received this message because you are subscribed to the Google= =20
> Groups "Bitcoin Development Mailing List" group.
> To unsubscribe from this group and stop receiving emails from it, = send=20
> an email to bitcoindev+= ...@googlegroups.com=20
> <mailto:bitcoindev+.= ..@googlegroups.com>.
> To view this discussion on the web visit=20
> https://groups.google.com/d/msgid/b= itcoindev/2aa2d6fa-ae72-4aef-9fda-49e2f7c657abn%40googlegroups.com <= https://groups.google.com/d/msgid/b= itcoindev/2aa2d6fa-ae72-4aef-9fda-49e2f7c657abn%40googlegroups.com?utm_medi= um=3Demail&utm_source=3Dfooter>.

--
You received this message because you are subscribed to the Google Groups &= quot;Bitcoin Development Mailing List" group.
To unsubscribe from this group and stop receiving emails from it, send an e= mail to bitcoind= ev+unsubscribe@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msg= id/bitcoindev/3f7d43bd-af9e-4af5-860a-223504bb4fcan%40googlegroups.com.=
------=_Part_342117_6754146.1721613592246-- ------=_Part_342116_216611184.1721613592246--