From mboxrd@z Thu Jan 1 00:00:00 1970 Received: from sog-mx-2.v43.ch3.sourceforge.com ([172.29.43.192] helo=mx.sourceforge.net) by sfs-ml-1.v29.ch3.sourceforge.com with esmtp (Exim 4.76) (envelope-from ) id 1RhtLm-0002FY-ES for bitcoin-development@lists.sourceforge.net; Tue, 03 Jan 2012 01:39:38 +0000 Received-SPF: pass (sog-mx-2.v43.ch3.sourceforge.com: domain of m.gmane.org designates 80.91.229.12 as permitted sender) client-ip=80.91.229.12; envelope-from=gcbd-bitcoin-development@m.gmane.org; helo=lo.gmane.org; Received: from lo.gmane.org ([80.91.229.12]) by sog-mx-2.v43.ch3.sourceforge.com with esmtp (Exim 4.76) id 1RhtLk-0003DN-VW for bitcoin-development@lists.sourceforge.net; Tue, 03 Jan 2012 01:39:38 +0000 Received: from list by lo.gmane.org with local (Exim 4.69) (envelope-from ) id 1RhtLZ-0008W7-2X for bitcoin-development@lists.sourceforge.net; Tue, 03 Jan 2012 02:39:25 +0100 Received: from 169.229.3.184 ([169.229.3.184]) by main.gmane.org with esmtp (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 03 Jan 2012 02:39:25 +0100 Received: from tyrell.elden by 169.229.3.184 with local (Gmexim 0.1 (Debian)) id 1AlnuQ-0007hv-00 for ; Tue, 03 Jan 2012 02:39:25 +0100 X-Injected-Via-Gmane: http://gmane.org/ To: bitcoin-development@lists.sourceforge.net From: Elden Tyrell Date: Mon, 2 Jan 2012 17:39:09 -0800 Message-ID: References: Mime-Version: 1.0 Content-Type: text/plain; charset=utf-8; format=flowed Content-Transfer-Encoding: 8bit X-Complaints-To: usenet@dough.gmane.org X-Gmane-NNTP-Posting-Host: 169.229.3.184 User-Agent: Unison/2.1.6 X-Spam-Score: -0.7 (/) X-Spam-Report: Spam Filtering performed by mx.sourceforge.net. See http://spamassassin.org/tag/ for more details. -1.5 SPF_CHECK_PASS SPF reports sender host as permitted sender for sender-domain 0.0 FREEMAIL_FROM Sender email is commonly abused enduser mail provider (tyrell.elden[at]gmail.com) -0.0 SPF_HELO_PASS SPF: HELO matches SPF record 0.0 DKIM_ADSP_CUSTOM_MED No valid author signature, adsp_override is CUSTOM_MED -0.0 SPF_PASS SPF: sender matches SPF record 0.9 RCVD_NUMERIC_HELO Received: contains an IP address used for HELO -1.3 RP_MATCHES_RCVD Envelope sender domain matches handover relay domain 1.2 NML_ADSP_CUSTOM_MED ADSP custom_med hit, and not from a mailing list X-Headers-End: 1RhtLk-0003DN-VW Subject: Re: [Bitcoin-development] does "stubbing" off Merkle trees reduce initial download bandwidth? X-BeenThere: bitcoin-development@lists.sourceforge.net X-Mailman-Version: 2.1.9 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 03 Jan 2012 01:39:38 -0000 On 2012-01-02 14:41:10 -0800, Gregory Maxwell said: > make this possible: https://bitcointalk.org/index.php?topic=21995.0 Neat! I had a similar idea but you've clearly beat me to [a big part of] it. > Er, no— if a node controls the private keys for a transaction, and > that transaction makes it into the chain then it can safely assume > that its unspent (at least once its buried a few blocks into the > chain). I'm not so sure about that. If you accept X successor blocks as proof that none of the transactions in a block re-used an output, then the cost of attacking is X*50BTC since the hashpower needed for the attack could have earned that much reward. However, an attacker could use the same faked X-block sequence to attack multiple clients by putting several double-spend transactions in the first faked block. This would spread out the cost over more than one attack. So simply checking that the value of the transaction is less than X*50 isn't necessarily enough, although the logistics of the attack aren't exactly easy. There's also the question of knowing what the difficulty for those X blocks ought to be. If the attacker controls your network connection (e.g. your ISP attacks you) you wouldn't be able to get a second opinion on how high the difficulty ought to be, and might get fooled by X very-low-difficulty blocks that were each produced with a lot less than 50BTC worth of hashpower. - e