From: odinn <odinn.cyberguerrilla@riseup.net>
To: Bitcoin development mailing list <bitcoin-dev@lists.linuxfoundation.org>
Subject: [bitcoin-dev] Ensuring Users have Safe Software and Version
Date: Tue, 18 Aug 2015 23:48:04 -0700 [thread overview]
Message-ID: <55D426A4.3070006@riseup.net> (raw)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Recently I was re-reading the following (which has been edited
periodically):
https://bitcoin.org/en/alerts
It currently reads, "There is no ongoing event on the Bitcoin network."
However, in reading the most recent alert on that page, we are (it
seems) still affected by the issues discussed relative to the 4th of
July event, namely:
https://bitcoin.org/en/alert/2015-07-04-spv-mining
This originally was formulated in alerts via discussion on bitcoin.org
repository, here:
https://github.com/bitcoin-dot-org/bitcoin.org/pull/933
So anyway.
Getting back to this, how do I ensure that I have a safe version?
Thus far I am still using the guidance here from the bitcoin.org alert
shown above. For example, for Electrum, bitcoin.org not only directs
users to wait 30 confirmations more than usual, but also directs users
to the following resource:
https://en.bitcoin.it/w/index.php?title=July_2015_chain_forks&redirect=n
o
This brings me to the "safe software and version." If we understand
this correctly, the safe software and version will be Bitcoin Core at
its most current version. Thus it is vitally important to provide a
way to ensure that users do not inadvertently be misled into
connecting to a XT node.
However, the information (about the software and version, in banner)
is provided voluntarily by the server administrators and thus isn't
validated. How to make sure that you are actually connecting to one
who is running Core with the proper version (and not Core with some
very old version, or XT)?
On the bitcoin wiki, it states in part,
"During a fork, it is possible to use the Get Block Header custom
plugin[3] to authoritatively determine which side of the fork an
Electrum server is on." It refers to this:
https://bitcointalk.org/index.php?topic=1110912.msg11800126
Depending on what wallet people are using, that is, Core, any of the
other wallets... hardware, desktop, web, mobile... there would be
different ways to determine what software is being used to make sure
that you are using Core in the current version (and not inadvertently
using XT for example). The question is, how would this be done most
easily?
Thanks in advance for your answer(s).
- --
http://abis.io ~
"a protocol concept to enable decentralization
and expansion of a giving economy, and a new social good"
https://keybase.io/odinn
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQEcBAEBAgAGBQJV1CakAAoJEGxwq/inSG8CLPUH/RnCMjGSFrPQc9wvRv9NWPYP
Mr+pzIBpiOXvikYXBT6cm/2AmmKhNmOjAHcdb9VrXPbk5ov/+odlcjGKeyXBc8zr
6+FAhDrnmznL1TEn+DL1UUBQlonNf4MFK8YZBusslFA14lSCSywn9IdubPD3ONzc
4f0uHl6c4wk0yLfmlJPbHevaEY/UdIyxPde2Nw+7IImWpdGJjBUiKTGb7/ZC4hTR
dTWmKNKAiXpCd2om86jbo12WP0rgpv66P2DgeetPzv8/dwWoons3FUJL/+tveFlm
SuTmjZWlDtzPm/56eTXUU64y7bSWYLrdQXxUk8zqzlYL5CJuVJ+1fi8OjwYYZH0=
=4J93
-----END PGP SIGNATURE-----
reply other threads:[~2015-08-19 6:48 UTC|newest]
Thread overview: [no followups] expand[flat|nested] mbox.gz Atom feed
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=55D426A4.3070006@riseup.net \
--to=odinn.cyberguerrilla@riseup.net \
--cc=bitcoin-dev@lists.linuxfoundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox