On Tue, Feb 04, 2014 at 01:01:12PM +0100, Mike Hearn wrote:The above makes for a great homework problem for budding cryptographers:
> Hello,
>
> I'm pleased to announce the release of bitcoinj 0.11, a library for writing Bitcoin applications that run on the JVM. BitcoinJ is widely used across the Bitcoin community; some users include Bitcoin Wallet for Android, MultiBit, Hive, blockchain.info, the biteasy.com block explorer (written in Lisp!), Circle, Neo/Bee (Cypriot payment network), bitpos.me, Bitcoin Touch, BlueMatt's relay network and DNS crawler, academic advanced contracts research and more.
>
> The release-0.11 git tag is signed by Andreas Schildbach's GPG key. The commit hash is 410d4547a7dd. This paragraph is signed by the same Bitcoin key as with previous releases (check their release announcements to establish continuity). Additionally, this email is signed using DKIM and for the first time, a key that was ID verified by the Swiss government.
>
> Key: 16vSNFP5Acsa6RBbjEA7QYCCRDRGXRFH4m
> Signature for last paragraph: H3DvWBqFHPxKW/cdYUdZ6OHjbq6ZtC5PHK4ebpeiE+FqTHyRLJ58BItbC0R2vo77h+DthpQigdEZ0V8ivSM7VIg=
Why did the three forms of signature, DKIM, long-lived bitcoin address,
and Official Swiss Government Identity fail to let you actually verify
you have the right code? (but make for great security theater)
Bonus question: Who has the smallest work-factor for such an attack?
Two rewards of 25mBTC for correct responses to each question from a
crypto newbie.
> Thanks to Mike Belshe, the wallet can now send to P2SH addresses.
Thanks
> Generated signatures now use canonical S values. This will aid a future hard-forking rule change which bans malleable signatures.Soft-forking rule change.
--
'peter'[:-1]@petertodd.org
000000000000000075829f6169c79d7d5aaa20bfa8da6e9edb2393c4f8662ba0