From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-1.v43.ch3.sourceforge.com ([172.29.43.191] helo=mx.sourceforge.net) by sfs-ml-2.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1YEgTA-000664-Qb for bitcoin-development@lists.sourceforge.net; Fri, 23 Jan 2015 15:48:24 +0000 X-ACL-Warn: Received: from mail-ie0-f173.google.com ([209.85.223.173]) by sog-mx-1.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1YEgT9-0004wb-4D for bitcoin-development@lists.sourceforge.net; Fri, 23 Jan 2015 15:48:24 +0000 Received: by mail-ie0-f173.google.com with SMTP id tr6so7766406ieb.4 for ; Fri, 23 Jan 2015 07:48:17 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:sender:in-reply-to:references:from :date:message-id:subject:to:cc:content-type; bh=84ca8hDB6SNcEMd8XaF/vXIFWc/6giODC3iDZ7NVB+s=; b=D2Cn2MkV4+cDzWdLQMCgOqGOpEvE9KwBdp68BfjN9QTw2TU9PhNZgHfYJkzPbp0zme r9PxKVg4PNt9oYlZy/BVK1h6trzWDLCecuWvYCBGAT3RY1RaaPYSmlAquhePYBhKvdUh jbU4LEOAZKY4ThI5ivXFSubt5DtZkGDV1QeHHuf51lRNYIeWjv2o/VCt5xc4wtuPMJHS jQ3pJGD+tSKjKr516O9Fs0IYbrEPEJT1a4AcguZ+u7vWdT7Pd6I9Gg1D4ZdilMPKxfiM KjGAtorQFiTR8bnpKPWINtqU4Xe8DbufgOxSh3KKGaeJhwtp9WKonJAxa+F5yBwQAJf4 bF6w== X-Gm-Message-State: ALoCoQkxeAaNe3opJ49rco20rRVVVcN6kOhcDJbGRTL6ROLpUe3Onzld341L08uR5WxeIroKB9hO X-Received: by 10.50.82.68 with SMTP id g4mr2569999igy.26.1422028091412; Fri, 23 Jan 2015 07:48:11 -0800 (PST) MIME-Version: 1.0 Sender: marek@palatinus.cz Received: by 10.64.31.138 with HTTP; Fri, 23 Jan 2015 07:47:41 -0800 (PST) In-Reply-To: <54C26BFE.1080103@gmail.com> References: <78662993-6C67-4480-8062-55CC9FA63908@bitsofproof.com> <54C26BFE.1080103@gmail.com> From: slush Date: Fri, 23 Jan 2015 16:47:41 +0100 X-Google-Sender-Auth: bi1ZC76a1JwttLLmNe1z87rVbn0 Message-ID: To: Alan Reiner Content-Type: multipart/alternative; boundary=047d7bf18db0400f4a050d53b717 X-Spam-Score: 2.0 (++) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (slush[at]centrum.cz) 1.0 HTML_MESSAGE BODY: HTML included in message 1.0 AWL AWL: Adjusted score from AWL reputation of From: address X-Headers-End: 1YEgT9-0004wb-4D Cc: "bitcoin-development@lists.sourceforge.net" Subject: Re: [Bitcoin-development] SIGHASH_WITHINPUTVALUE X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 23 Jan 2015 15:48:24 -0000 --047d7bf18db0400f4a050d53b717 Content-Type: text/plain; charset=ISO-8859-1 Correct, plus the most likely scenario in such attack is that the malware even don't push such tx with excessive fees to the network, but send it directly to attacker's pool/miner. M. On Fri, Jan 23, 2015 at 4:42 PM, Alan Reiner wrote: > Unfortunately, one major attack vector is someone isolating your node, > getting you to sign away your whole wallet to fee, and then selling it to a > mining pool to mine it before you can figure why your transactions aren't > making it to the network. In such an attack, the relay rules aren't > relevant, and if the attacker can DoS you for 24 hours, it doesn't take a > ton of mining power to make the attack extremely likely to succeed. > > > > > On 01/23/2015 10:31 AM, Tamas Blummer wrote: > > Not a fix, but would reduce the financial risk, if nodes were not relaying > excessive fee transactions. > > Tamas Blummer > > > > > > ------------------------------------------------------------------------------ > New Year. New Location. New Benefits. New Data Center in Ashburn, VA. > GigeNET is offering a free month of service with a new server in Ashburn. > Choose from 2 high performing configs, both with 100TB of bandwidth. > Higher redundancy.Lower latency.Increased capacity.Completely compliant. > http://p.sf.net/sfu/gigenet > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > > --047d7bf18db0400f4a050d53b717 Content-Type: text/html; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable
Correct, plus the most likely scenario in such attack is t= hat the malware even don't push such tx with excessive fees to the netw= ork, but send it directly to attacker's pool/miner.

= M.

On = Fri, Jan 23, 2015 at 4:42 PM, Alan Reiner <etotheipi@gmail.com> wrote:
=20 =20 =20
Unfortunately, one major attack vector is someone isolating your node, getting you to sign away your whole wallet to fee, and then selling it to a mining pool to mine it before you can figure why your transactions aren't making it to the network.=A0 In such an attack, the relay rules aren't relevant, and if the attacker can Do= S you for 24 hours, it doesn't take a ton of mining power to make the attack extremely likely to succeed.




On 01/23/2015 10:31 AM, Tamas Blummer wrote:
=20
Not a fix, but would reduce the financial risk, if nodes were not relaying excessive fee transactions.

Tamas Blummer




-----------------------------------------------------------------------= -------
New Year. New Location. New Benefits. New Data Center in Ashburn, VA.
GigeNET is offering a free month of service with a new server in Ashburn. Choose from 2 high performing configs, both with 100TB of bandwidth.
Higher redundancy.Lower latency.Increased capacity.Completely compliant. http://p.sf.net/s= fu/gigenet
_______________________________________________
Bitcoin-development mailing list
Bitcoin-develo= pment@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/bitcoin-de= velopment


--047d7bf18db0400f4a050d53b717--