From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id AE790EEE for ; Fri, 18 Dec 2015 02:47:18 +0000 (UTC) X-Greylist: from auto-whitelisted by SQLgrey-1.7.6 Received: from d.mail.sonic.net (d.mail.sonic.net [64.142.111.50]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 3862AF3 for ; Fri, 18 Dec 2015 02:47:18 +0000 (UTC) Received: from [IPv6:::1] ([58.96.168.240]) (authenticated bits=0) by d.mail.sonic.net (8.15.1/8.15.1) with ESMTPSA id tBI2keNx012077 (version=TLSv1 cipher=DHE-RSA-AES128-SHA bits=128 verify=NOT); Thu, 17 Dec 2015 18:47:13 -0800 Mime-Version: 1.0 (Mac OS X Mail 7.3 \(1878.6\)) Content-Type: multipart/signed; boundary="Apple-Mail=_59CCC207-43D9-4D5C-B638-997B2622A496"; protocol="application/pgp-signature"; micalg=pgp-sha512 X-Pgp-Agent: GPGMail 2.5.2 From: Jonathan Toomim In-Reply-To: Date: Fri, 18 Dec 2015 10:47:14 +0800 Message-Id: References: To: Pieter Wuille X-Mailer: Apple Mail (2.1878.6) X-Sonic-CAuth: UmFuZG9tSVZ0w+hTuxTCMmY3OnyjJ//vEm08I3OjAIFI1r6zZ5i2nG1rrhLYaT+d8EYOyxyeL8bfB2b3dGoeCmZYoJluXC5A X-Sonic-ID: C;5kT5kDGl5RG9msgxU3XIUw== M;fFjxozGl5RG9msgxU3XIUw== X-Sonic-Spam-Details: 0.0/5.0 by cerberusd X-Spam-Status: No, score=-2.6 required=5.0 tests=BAYES_00,HTML_MESSAGE, RCVD_IN_DNSWL_LOW autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Cc: Bitcoin Dev Subject: Re: [bitcoin-dev] On the security of softforks X-BeenThere: bitcoin-dev@lists.linuxfoundation.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: Bitcoin Development Discussion List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 18 Dec 2015 02:47:18 -0000 --Apple-Mail=_59CCC207-43D9-4D5C-B638-997B2622A496 Content-Type: multipart/alternative; boundary="Apple-Mail=_441D93C9-B0EB-461E-BC6B-8F93BBB66B9C" --Apple-Mail=_441D93C9-B0EB-461E-BC6B-8F93BBB66B9C Content-Transfer-Encoding: quoted-printable Content-Type: text/plain; charset=us-ascii On Dec 18, 2015, at 10:30 AM, Pieter Wuille via bitcoin-dev = wrote: > 1) The risk of an old full node wallet accepting a transaction that is > invalid to the new rules. >=20 > The receiver wallet chooses what address/script to accept coins on. > They'll upgrade to the new softfork rules before creating an address > that depends on the softfork's features. >=20 > So, not a problem. Mallory wants to defraud Bob with a 1 BTC payment for some beer. Bob = runs the old rules. Bob creates a p2pkh address for Mallory to use. = Mallory takes 1 BTC, and creates an invalid SegWit transaction that Bob = cannot properly validate and that pays into one of Mallory's wallets. = Mallory then immediately spends the unconfirmed transaction into Bob's = address. Bob sees what appears to be a valid transaction chain which is = not actually valid. Clueless Carol is one of the 4.9% of miners who forgot to upgrade her = mining node. Carol sees that Mallory included an enormous fee in his = transactions, so Carol makes sure to include both transactions in her = block. Mallory gets free beer. Anything I'm missing? --Apple-Mail=_441D93C9-B0EB-461E-BC6B-8F93BBB66B9C Content-Transfer-Encoding: quoted-printable Content-Type: text/html; charset=us-ascii
On Dec 18, 2015, at 10:30 AM, Pieter = Wuille via bitcoin-dev <bitcoin-dev@lists.li= nuxfoundation.org> wrote:

1) The risk of an old full node wallet accepting a = transaction that is
invalid to the new rules.

The receiver wallet chooses = what address/script to accept coins on.
They'll upgrade to the new = softfork rules before creating an address
that depends on the softfork's = features.

So, not a = problem.

Mallory wants to = defraud Bob with a 1 BTC payment for some beer. Bob runs the old rules. = Bob creates a p2pkh address for Mallory to use. Mallory takes 1 BTC, and = creates an invalid SegWit transaction that Bob cannot properly validate = and that pays into one of Mallory's wallets. Mallory then immediately = spends the unconfirmed transaction into Bob's address. Bob sees what = appears to be a valid transaction chain which is not actually = valid.

Clueless Carol is one of the 4.9% of = miners who forgot to upgrade her mining node. Carol sees that Mallory = included an enormous fee in his transactions, so Carol makes sure to = include both transactions in her = block. 

Mallory gets free = beer.

Anything I'm missing?
= --Apple-Mail=_441D93C9-B0EB-461E-BC6B-8F93BBB66B9C-- --Apple-Mail=_59CCC207-43D9-4D5C-B638-997B2622A496 Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename=signature.asc Content-Type: application/pgp-signature; name=signature.asc Content-Description: Message signed with OpenPGP using GPGMail -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQEcBAEBCgAGBQJWc3OyAAoJEIEuMk4MG0P1r74IAMyiiHOBvE23o4fXdcnszoMq NQpkdui4Z1DWWj7C/YfxlJB06/fO9WIbZ5Dg6GH5eg8OKILx6B541ZfzY0PNpdrN 5gKYHmtdhwCxYR6W5x8d/FT9BmUDRbHfd6P3utb6wieGVwMly/XT7eWhi1gNHZ1E 1oRtLPBMXAfW2r8JsU5uFkCP8iu2CvpJ0PU2VmWyDS96LEI9i9RxDt+jHwmOJnHJ ojkAHNR4nM37VwhVEgJLVcQejG0WF/PZGXznRQy0rACvoquOuqKkbmT+Us8gpPh4 REKoxhlsNwBwkbn5Wt9SPWvMC6uEtAOF9HZe0+WA+cMnPqiSbatkBFdAE1mPgKo= =jx0/ -----END PGP SIGNATURE----- --Apple-Mail=_59CCC207-43D9-4D5C-B638-997B2622A496--