From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192] helo=mx.sourceforge.net) by sfs-ml-3.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from <mh.in.england@gmail.com>) id 1VdQTS-0003K9-T9 for bitcoin-development@lists.sourceforge.net; Mon, 04 Nov 2013 20:10:10 +0000 Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of gmail.com designates 209.85.219.44 as permitted sender) client-ip=209.85.219.44; envelope-from=mh.in.england@gmail.com; helo=mail-oa0-f44.google.com; Received: from mail-oa0-f44.google.com ([209.85.219.44]) by sog-mx-2.v43.ch3.sourceforge.com with esmtps (TLSv1:RC4-SHA:128) (Exim 4.76) id 1VdQTR-00047q-HT for bitcoin-development@lists.sourceforge.net; Mon, 04 Nov 2013 20:10:10 +0000 Received: by mail-oa0-f44.google.com with SMTP id l20so7742187oag.31 for <bitcoin-development@lists.sourceforge.net>; Mon, 04 Nov 2013 12:10:04 -0800 (PST) MIME-Version: 1.0 X-Received: by 10.60.50.168 with SMTP id d8mr57932oeo.77.1383595804123; Mon, 04 Nov 2013 12:10:04 -0800 (PST) Sender: mh.in.england@gmail.com Received: by 10.76.156.42 with HTTP; Mon, 4 Nov 2013 12:10:04 -0800 (PST) In-Reply-To: <5277FB21.3050306@monetize.io> References: <CANEZrP3iYBdg3p7Ru4O-UENY_yyQDA8=9PGn=KDKGGTrZ-xkRw@mail.gmail.com> <20131104115314.GA1013@savin> <CANEZrP1uqee1UO=zb+50t9BNtv2voTHoCKQCTQExNyoL=Y0=PA@mail.gmail.com> <20131104181649.GA3847@petertodd.org> <CANEZrP18Tz6OwOE7jeS3-Z2m=HuQiue+ZwRzS01mpqbCoPteZQ@mail.gmail.com> <5277FB21.3050306@monetize.io> Date: Mon, 4 Nov 2013 21:10:04 +0100 X-Google-Sender-Auth: PlccMg81o68fH7oT8HjYVK4allM Message-ID: <CANEZrP17hEuFmWiN1scq42mJzcXOBEHHAK8aLd_idCQ6ZqvpYw@mail.gmail.com> From: Mike Hearn <mike@plan99.net> To: Mark Friedenbach <mark@monetize.io> Content-Type: multipart/alternative; boundary=001a11c30bf06aed0804ea5f8024 X-Spam-Score: -0.5 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. 0.0 URIBL_BLOCKED ADMINISTRATOR NOTICE: The query to URIBL was blocked. See http://wiki.apache.org/spamassassin/DnsBlocklists#dnsbl-block for more information. [URIs: doubleclick.net] -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (mh.in.england[at]gmail.com) -0.0 SPF_PASS SPF: sender matches SPF record 1.0 HTML_MESSAGE BODY: HTML included in message 0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid -0.1 DKIM_VALID Message has at least one valid DKIM or DK signature X-Headers-End: 1VdQTR-00047q-HT Cc: Bitcoin Dev <bitcoin-development@lists.sourceforge.net> Subject: Re: [Bitcoin-development] Committing to extra block data/a better merge-mine standard X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: <bitcoin-development.lists.sourceforge.net> List-Unsubscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>, <mailto:bitcoin-development-request@lists.sourceforge.net?subject=unsubscribe> List-Archive: <http://sourceforge.net/mailarchive/forum.php?forum_name=bitcoin-development> List-Post: <mailto:bitcoin-development@lists.sourceforge.net> List-Help: <mailto:bitcoin-development-request@lists.sourceforge.net?subject=help> List-Subscribe: <https://lists.sourceforge.net/lists/listinfo/bitcoin-development>, <mailto:bitcoin-development-request@lists.sourceforge.net?subject=subscribe> X-List-Received-Date: Mon, 04 Nov 2013 20:10:11 -0000 --001a11c30bf06aed0804ea5f8024 Content-Type: text/plain; charset=UTF-8 Yes, sure. I was talking about the case of transiently relayed data, like IP addresses. On Mon, Nov 4, 2013 at 8:53 PM, Mark Friedenbach <mark@monetize.io> wrote: > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > On 11/4/13 11:38 AM, Mike Hearn wrote: > > The Merkle branch doesn't get stored indefinitely though, whereas > > the coinbase hash does. The data stored in the coinbase [output] > > can always just be the 256-bit root hash truncated to less. > > > > I doubt the additional bytes make much difference really, so the > > additional complexity may not be worth it. But it wouldn't be an > > issue to do. > > The bits make a difference if you are merged mining. You can use the > birthday attack to construct two data trees whose hash match the > (truncated) value, each containing separate aux block headers. This > allows you to double-count the bitcoin PoW for more than one aux block > on the same chain, potentially facilitating aux chain attacks. > > If you want 128 bits of security for merged mined aux chains, you need > 256 bits of hash in the coinbase. > -----BEGIN PGP SIGNATURE----- > Version: GnuPG/MacGPG2 v2.0.19 (Darwin) > Comment: GPGTools - http://gpgtools.org > Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/ > > iQIcBAEBAgAGBQJSd/shAAoJEAdzVfsmodw48a0P/RaCOctBDvhU0THnsUw6nRBm > A8oH3Kpio4ZltU4oIT0tznZbUOG2j2xVrmATqXDYOZQ6FuGihjmkKJ9jHgl57pb5 > 0qDdCBiEuWtLIh2+Awrb3Y0s8czyCQP9/1CJyzdEFmI8rSwCaqJMa6B2Ny6Xz6+8 > eiK45YdXCPgdTAb56FKOi9WzOe0g1aOO5KiUOci22xRkXvh4qPYrt2F0LIgjZTdC > koyXU6dcKON9H8Cecu+ag7jJ5A9ZDj7oIq5rflEyolh2V4ie0tGQ50rFGg/ii6iQ > Tz9AWwigsHEkuinBTuN5041Xb8nAgHLvA60RQ41lWUHJxfAvDE+wN6NqgHmMVaRo > NHqlZcCuEl1jn7HW81XQTpgarrXHk1G7b2vK10pB/lUxUNIstZvCSjcp8QdtmC9v > tIhC2czSnsQaE6kIBuHxDNZxOlZ8DxBYCAgXSkycwznwzGhFPP0xB1lV9HfaP5+i > aikmx5SQmqBXQQKsxmIacoykrfu5x+O2TB/bq8JhJ1ak2jG9LVFyQqjorABVAgA7 > pLEN6EomWht5qstaLVfHYpNsLMf6WA7UzRG08HKItUeDPtG7bDx8vBx5TvIUjT44 > A0i09bOt8ZIgp+lJ8lFLWiPLChViAoy7fqKy2vrdsZerOF3l4LUQeQO/xnfZc+dG > AEG+7iCBOMxJSVoJ5bP6 > =nydG > -----END PGP SIGNATURE----- > > > ------------------------------------------------------------------------------ > Android is increasing in popularity, but the open development platform that > developers love is also attractive to malware creators. Download this white > paper to learn more about secure code signing practices that can help keep > Android apps secure. > http://pubads.g.doubleclick.net/gampad/clk?id=65839951&iu=/4140/ostg.clktrk > _______________________________________________ > Bitcoin-development mailing list > Bitcoin-development@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/bitcoin-development > --001a11c30bf06aed0804ea5f8024 Content-Type: text/html; charset=UTF-8 Content-Transfer-Encoding: quoted-printable <div dir=3D"ltr">Yes, sure. I was talking about the case of transiently rel= ayed data, like IP addresses.</div><div class=3D"gmail_extra"><br><br><div = class=3D"gmail_quote">On Mon, Nov 4, 2013 at 8:53 PM, Mark Friedenbach <spa= n dir=3D"ltr"><<a href=3D"mailto:mark@monetize.io" target=3D"_blank">mar= k@monetize.io</a>></span> wrote:<br> <blockquote class=3D"gmail_quote" style=3D"margin:0 0 0 .8ex;border-left:1p= x #ccc solid;padding-left:1ex"><div class=3D"im">-----BEGIN PGP SIGNED MESS= AGE-----<br> Hash: SHA1<br> <br> </div><div class=3D"im">On 11/4/13 11:38 AM, Mike Hearn wrote:<br> > The Merkle branch doesn't get stored indefinitely though, whereas<= br> > the coinbase hash does. The data stored in the coinbase [output]<br> > can always just be the 256-bit root hash truncated to less.<br> ><br> > I doubt the additional bytes make much difference really, so the<br> > additional complexity may not be worth it. But it wouldn't be an<b= r> > issue to do.<br> <br> </div>The bits make a difference if you are merged mining. You can use the<= br> birthday attack to construct two data trees whose hash match the<br> (truncated) value, each containing separate aux block headers. This<br> allows you to double-count the bitcoin PoW for more than one aux block<br> on the same chain, potentially facilitating aux chain attacks.<br> <br> If you want 128 bits of security for merged mined aux chains, you need<br> 256 bits of hash in the coinbase.<br> <div class=3D"im">-----BEGIN PGP SIGNATURE-----<br> Version: GnuPG/MacGPG2 v2.0.19 (Darwin)<br> Comment: GPGTools - <a href=3D"http://gpgtools.org" target=3D"_blank">http:= //gpgtools.org</a><br> Comment: Using GnuPG with Thunderbird - <a href=3D"http://www.enigmail.net/= " target=3D"_blank">http://www.enigmail.net/</a><br> <br> </div>iQIcBAEBAgAGBQJSd/shAAoJEAdzVfsmodw48a0P/RaCOctBDvhU0THnsUw6nRBm<br> A8oH3Kpio4ZltU4oIT0tznZbUOG2j2xVrmATqXDYOZQ6FuGihjmkKJ9jHgl57pb5<br> 0qDdCBiEuWtLIh2+Awrb3Y0s8czyCQP9/1CJyzdEFmI8rSwCaqJMa6B2Ny6Xz6+8<br> eiK45YdXCPgdTAb56FKOi9WzOe0g1aOO5KiUOci22xRkXvh4qPYrt2F0LIgjZTdC<br> koyXU6dcKON9H8Cecu+ag7jJ5A9ZDj7oIq5rflEyolh2V4ie0tGQ50rFGg/ii6iQ<br> Tz9AWwigsHEkuinBTuN5041Xb8nAgHLvA60RQ41lWUHJxfAvDE+wN6NqgHmMVaRo<br> NHqlZcCuEl1jn7HW81XQTpgarrXHk1G7b2vK10pB/lUxUNIstZvCSjcp8QdtmC9v<br> tIhC2czSnsQaE6kIBuHxDNZxOlZ8DxBYCAgXSkycwznwzGhFPP0xB1lV9HfaP5+i<br> aikmx5SQmqBXQQKsxmIacoykrfu5x+O2TB/bq8JhJ1ak2jG9LVFyQqjorABVAgA7<br> pLEN6EomWht5qstaLVfHYpNsLMf6WA7UzRG08HKItUeDPtG7bDx8vBx5TvIUjT44<br> A0i09bOt8ZIgp+lJ8lFLWiPLChViAoy7fqKy2vrdsZerOF3l4LUQeQO/xnfZc+dG<br> AEG+7iCBOMxJSVoJ5bP6<br> =3DnydG<br> <div class=3D"HOEnZb"><div class=3D"h5">-----END PGP SIGNATURE-----<br> <br> ---------------------------------------------------------------------------= ---<br> Android is increasing in popularity, but the open development platform that= <br> developers love is also attractive to malware creators. Download this white= <br> paper to learn more about secure code signing practices that can help keep<= br> Android apps secure.<br> <a href=3D"http://pubads.g.doubleclick.net/gampad/clk?id=3D65839951&iu= =3D/4140/ostg.clktrk" target=3D"_blank">http://pubads.g.doubleclick.net/gam= pad/clk?id=3D65839951&iu=3D/4140/ostg.clktrk</a><br> _______________________________________________<br> Bitcoin-development mailing list<br> <a href=3D"mailto:Bitcoin-development@lists.sourceforge.net">Bitcoin-develo= pment@lists.sourceforge.net</a><br> <a href=3D"https://lists.sourceforge.net/lists/listinfo/bitcoin-development= " target=3D"_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-de= velopment</a><br> </div></div></blockquote></div><br></div> --001a11c30bf06aed0804ea5f8024--