From: Tamas Blummer <tamas@bitsofproof.com>
To: slush <slush@centrum.cz>
Cc: "bitcoin-development@lists.sourceforge.net"
<bitcoin-development@lists.sourceforge.net>
Subject: Re: [Bitcoin-development] SIGHASH_WITHINPUTVALUE
Date: Fri, 23 Jan 2015 17:08:50 +0100 [thread overview]
Message-ID: <954BF4E3-8DF2-4927-9E25-C5D66127FFA5@bitsofproof.com> (raw)
In-Reply-To: <CAJna-HiXxt5E=FBiDuWMCKrK4C0dcvhHEjTAoK3LGQLafJOqtQ@mail.gmail.com>
[-- Attachment #1.1: Type: text/plain, Size: 1185 bytes --]
You mean an isolated signing device without memory right?
An isolated node would still know the transactions substantiating its coins, why would it sign them away to fees ?
Tamas Blummer
On Jan 23, 2015, at 4:47 PM, slush <slush@centrum.cz> wrote:
> Correct, plus the most likely scenario in such attack is that the malware even don't push such tx with excessive fees to the network, but send it directly to attacker's pool/miner.
>
> M.
>
> On Fri, Jan 23, 2015 at 4:42 PM, Alan Reiner <etotheipi@gmail.com> wrote:
> Unfortunately, one major attack vector is someone isolating your node, getting you to sign away your whole wallet to fee, and then selling it to a mining pool to mine it before you can figure why your transactions aren't making it to the network. In such an attack, the relay rules aren't relevant, and if the attacker can DoS you for 24 hours, it doesn't take a ton of mining power to make the attack extremely likely to succeed.
>
>
>
>
> On 01/23/2015 10:31 AM, Tamas Blummer wrote:
>> Not a fix, but would reduce the financial risk, if nodes were not relaying excessive fee transactions.
>>
>> Tamas Blummer
>>
>>
>
>
[-- Attachment #1.2: Type: text/html, Size: 3624 bytes --]
[-- Attachment #2: Message signed with OpenPGP using GPGMail --]
[-- Type: application/pgp-signature, Size: 496 bytes --]
next prev parent reply other threads:[~2015-01-23 16:09 UTC|newest]
Thread overview: 20+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-01-23 14:51 [Bitcoin-development] SIGHASH_WITHINPUTVALUE slush
2015-01-23 15:24 ` Alan Reiner
2015-01-23 15:40 ` slush
2015-01-23 16:05 ` Gregory Maxwell
2015-01-23 16:18 ` slush
2015-01-23 16:52 ` Gregory Maxwell
2015-01-23 17:40 ` slush
2015-01-23 18:51 ` Gregory Maxwell
2015-01-23 19:19 ` slush
2015-01-23 16:23 ` Alan Reiner
2015-01-23 16:27 ` Alan Reiner
2015-01-23 16:33 ` Alan Reiner
2015-01-23 16:35 ` slush
2015-01-23 17:49 ` Peter Todd
2015-01-23 15:31 ` Tamas Blummer
2015-01-23 15:42 ` Alan Reiner
2015-01-23 15:47 ` slush
2015-01-23 16:08 ` Tamas Blummer [this message]
2015-01-23 16:12 ` Adam Back
2015-01-23 16:17 ` Adam Back
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=954BF4E3-8DF2-4927-9E25-C5D66127FFA5@bitsofproof.com \
--to=tamas@bitsofproof.com \
--cc=bitcoin-development@lists.sourceforge.net \
--cc=slush@centrum.cz \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox