public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed
From: Matt Corallo <lf-lists@mattcorallo.com>
To: Tom Zander <tomz@freedommail.ch>,
	Bitcoin Protocol Discussion
	<bitcoin-dev@lists.linuxfoundation.org>
Subject: Re: [bitcoin-dev] (no subject)
Date: Sun, 16 Oct 2016 19:35:52 +0000	[thread overview]
Message-ID: <5803D698.2080102@mattcorallo.com> (raw)
In-Reply-To: <2034434.4WpKWoeOrB@strawberry>

You keep calling flexible transactions "safer", and yet you haven't
mentioned that the current codebase is riddled with blatant and massive
security holes. For example, you seem to have misunderstood C++'s memory
model - you would have no less than three out-of-bound, probably
exploitable memory accesses in your 80-LoC deserialize method at
https://github.com/bitcoinclassic/bitcoinclassic/blob/develop/src/primitives/transaction.cpp#L119
if you were to turn on flexible transactions (and I only reviewed that
method for 2 minutes). If you want to propose an alternative to a
community which has been in desperate need of fixes to many problems for
several years, please do so with something which would not take at least
a year to complete given a large team of qualified developers.

You additionally have not yet bothered to address the discussion of
soft-fork security at
https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2015-December/012014.html
which I believe answers all of your claims about upgrades required in a
much more detailed discussion than I will include here. Please take your
off-topic discussions there instead of this thread.

On 10/16/16 18:20, Tom Zander via bitcoin-dev wrote:
> On Sunday, 16 October 2016 09:47:40 CEST Douglas Roark via bitcoin-dev 
> wrote:
>> Would I want anyone to lose money due to faulty wallets? Of course not.
>> By the same token, devs have had almost a year to tinker with SegWit and
>> make sure the wallet isn't so poorly written that it'll flame out when
>> SegWit comes along. It's not like this is some untested, mostly unknown
>> feature that's being slipped out at the last minute
> 
> There have been objections to the way that SegWit has been implemented for a 
> long time, some wallets are taking a "wait and see" approach.  If you look 
> at the page you linked[1], that is a very very sad state of affairs. The 
> vast majority is not ready.  Would be interesting to get a more up-to-date 
> view.
> Wallets probably won't want to invest resources adding support for a feature 
> that will never be activated. The fact that we have a much safer alternative 
> in the form of Flexible Transactions may mean it will not get activated. We 
> won't know until its actually locked in.
> Wallets may not act until its actually locked in either. And I think we 
> should respect that.
> 
> Even if all wallets support it (and thats a big if), they need to be rolled 
> out and people need to actually download those updates.
> This takes time, 2 months after the lock-in of SegWit would be the minimum 
> safe time for people to actually upgrade.
> 
> 1) https://bitcoincore.org/en/segwit_adoption/
> 


  parent reply	other threads:[~2016-10-16 19:35 UTC|newest]

Thread overview: 32+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2016-10-16 14:31 [bitcoin-dev] Start time for BIP141 (segwit) Pieter Wuille
2016-10-16 14:58 ` Tom Zander
2016-10-16 16:35   ` Gavin Andresen
2016-10-16 16:42     ` Tom Zander
2016-10-16 16:57       ` Johnson Lau
2016-10-16 17:04       ` [bitcoin-dev] On the security of soft forks Matt Corallo
2016-10-16 16:42     ` [bitcoin-dev] Start time for BIP141 (segwit) Eric Voskuil
2016-10-16 16:47     ` Douglas Roark
2016-10-16 18:20       ` Tom Zander
2016-10-16 18:41         ` Jorge Timón
2016-10-16 18:54           ` Tom Zander
2016-10-16 19:11             ` Johnson Lau
2016-10-16 20:08               ` Tom Zander
2016-10-17  3:46                 ` Johnson Lau
2016-10-16 19:35         ` Matt Corallo [this message]
2016-10-16 20:45           ` [bitcoin-dev] (no subject) Tom Zander
2016-10-17 13:13             ` Btc Drak
2016-10-16 19:49         ` [bitcoin-dev] Start time for BIP141 (segwit) Douglas Roark
2016-10-16 20:58           ` Tom Zander
2016-10-16 21:03             ` gb
2016-10-16 21:08             ` Marek Palatinus
2016-10-16 21:19             ` Andrew C
2016-10-17 11:17               ` Tom Zander
2016-10-17 13:09                 ` Peter Todd
2016-10-17 13:19                 ` Andrew C
2016-10-17 13:27                   ` Btc Drak
2016-10-17 13:31                 ` Jorge Timón
2016-10-16 20:14         ` Btc Drak
2016-10-16 16:08 ` Chris Belcher
2016-10-16 17:52 ` Matt Corallo
2016-10-16 21:49 ` Peter Todd
  -- strict thread matches above, loose matches on Subject: below --
2015-10-24 16:30 [bitcoin-dev] (no subject) cAmiLLe miGnon tRixia P. Anecito

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=5803D698.2080102@mattcorallo.com \
    --to=lf-lists@mattcorallo.com \
    --cc=bitcoin-dev@lists.linuxfoundation.org \
    --cc=tomz@freedommail.ch \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox