From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 7F98BB62 for ; Fri, 26 May 2017 06:30:16 +0000 (UTC) X-Greylist: whitelisted by SQLgrey-1.7.6 Received: from mail-lf0-f47.google.com (mail-lf0-f47.google.com [209.85.215.47]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 39853161 for ; Fri, 26 May 2017 06:30:15 +0000 (UTC) Received: by mail-lf0-f47.google.com with SMTP id a5so1102287lfh.2 for ; Thu, 25 May 2017 23:30:15 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=from:content-transfer-encoding:mime-version:subject:message-id:date :to; bh=/1NDAzoVwNjaRTEoQX+jLfl0/sYqYDMG0x9wY1avPfk=; b=BODKSg1hpAj4ayVoR70Gi2LKz3s+qfVdmyjXWLR2QSpDkRT6qtgUU3edd8Z52tCSP0 Lvj9ZS1e7zi4nJZ6YdcwXTSeOIhwQfNcH8LUldqEuwSBc8jn1pejo3pysT8XVrjJkgkE 96ASdCPV1USi+96k79FMhpYaHFzVdunDcrltzVnpRfCLgLlPyzDZhTsp8BW56YMeJW2V AY7oDVCZh7RW4cV/KKzag0Wedjyh45kifYCm8577GSvu7Ge0kG6DWRQMYvVKOnQfYoee 95owxD7wNcX9gEBHBDPzwWZNOh8r08dKQ/EGuxM9FvJJVemzLO3Vo6d2sjKxVXQM8kjb TLjw== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:from:content-transfer-encoding:mime-version :subject:message-id:date:to; bh=/1NDAzoVwNjaRTEoQX+jLfl0/sYqYDMG0x9wY1avPfk=; b=cxocgK0Ag88ZFi0pWkXq6EdW4pErjDID0RG7ihJUwZLtM0m6Rlw5gTdPk55glZLE2c 6Oi6kWUKSI1jtPe0cKNtaFNmtQqWZKudHQuiMxNrCVGn+CaqNYVeDXjsC9KcQWPG98Dh uOwPvS4btYHZ2Ofk5NEBGMzja3XP5R3Lf/grKdXc3xHgVzUjFw+y8WQxSBDbw5mksX7d XBvIknI981VdXgGC7WbwjPQ2aKfl70s85+37dRcOLvWxCi8c+G6gVqJcd83YncEHbutZ uQ8Vgv3pZ927yj2y4bXYSnS8jpz6LSF/C5rOQDI4u099JqcTXDtc7RgY+okLhxCPN4qa 6QKg== X-Gm-Message-State: AODbwcCw7KpK++XhUnvpb9s5C0Ly+bnNVNabrFyxtDD9NUpx1518dspv BkW4jZ8Nkxh/ANon9CA= X-Received: by 10.25.221.198 with SMTP id w67mr122762lfi.114.1495780213123; Thu, 25 May 2017 23:30:13 -0700 (PDT) Received: from [192.168.1.73] (37-145-225-221.broadband.corbina.ru. [37.145.225.221]) by smtp.gmail.com with ESMTPSA id b71sm1806480lfg.32.2017.05.25.23.30.12 for (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Thu, 25 May 2017 23:30:12 -0700 (PDT) From: Cameron Garnham Content-Type: text/plain; charset=utf-8 Content-Transfer-Encoding: quoted-printable Mime-Version: 1.0 (Mac OS X Mail 10.3 \(3273\)) Message-Id: Date: Fri, 26 May 2017 09:30:08 +0300 To: Bitcoin Protocol Discussion X-Mailer: Apple Mail (2.3273) X-Spam-Status: No, score=-1.2 required=5.0 tests=BAYES_00,DKIM_SIGNED, DKIM_VALID,DKIM_VALID_AU,FREEMAIL_ENVFROM_END_DIGIT,FREEMAIL_FROM, RCVD_IN_DNSWL_NONE,RCVD_IN_SORBS_SPAM autolearn=no version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Subject: [bitcoin-dev] Emergency Deployment of SegWit as a partial mitigation of CVE-2017-9230 X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Protocol Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 26 May 2017 06:30:16 -0000 Hello Bitcoin-Dev, CVE-2017-9230 (1) (2), or commonly known as =E2=80=98ASICBOOST=E2=80=99 = is a severe (3) (4) and actively exploited (5) security vulnerability. =20 To learn more about this vulnerability please read Jeremy Rubin=E2=80=99s = detailed report: http://www.mit.edu/~jlrubin//public/pdfs/Asicboost.pdf =20 Andreas Antonopoulos has an excellent presentation on why asicboost is = dangerous: https://www.youtube.com/watch?v=3Dt6jJDD2Aj8k In decisions on the #bitcoin-core-dev IRC channel; It was proposed, = without negative feedback, that SegWit be used as a partial-mitigation = of CVE-2017-9230. SegWit partially mitigates asicboost with the common reasonable = assumption that any block that doesn=E2=80=99t include a witness commit = in it's coinbase transaction was mined using covert asicboost. Making = the use of covert asicboost far more conspicuous. It was also proposed that this partial mitigation should be quickly = strengthened via another soft-fork that makes the inclusion of witness = commits mandatory, without negative feedback. The security trade-offs of deploying a partial-mitigation to = CVE-2017-9230 quickly vs more slowly but more conservatively is under = intense debate. The author of this post has a strong preference to the = swiftest viable option. Cameron. (1) CVE Entry: https://cve.mitre.org/cgi-bin/cvename.cgi?name=3D+CVE-2017-9230 (2) Announcement of CVE to Mailing List: = https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-May/014416.ht= ml (3) Discussion of the perverse incentives created by 'ASICBOOST' by Ryan = Grant: = https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-May/014352.ht= ml (4) Discussion of ASICBOOST's non-independent PoW calculation by Tier = Nolan: = https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-May/014351.ht= ml (5) Evidence of Active Exploit by Gregory Maxwell: = https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2017-April/013996.= html