Does this affect the security model WRT chain reorganizations? In the
classic doublespend attack, an attacker can only redirect UTXOs that they
spent. With this proposal, if I understand it correctly, an attacker could
redirect all funds that have "matured" (revealed the previous preimage in
the
This IS INDEED an attack on Bitcoin. It does not activate CTV - it would
(if users are fooled into using it) give MINERS the OPTION to activate
CTV. Nobody should run this, and if it gets any traction, it would
behoove the community to develop and run a "URSF" making blocks
signalling for it in
> Bob can craft a HTLC-preimage spend of the single offered output spending one
> of 0.1 BTC HTLC payout (and revealing its preimage) while burning all the
> value as fee. This replaces out Alice's honest HTLC-timeout out of network
> mempools, are they're concurrent spend. Bob can repeat this t
You are right to point out that my proposal was lacking defense against
rainbow-table, because there is a simple solution for it:
To take nonces from recent blocks, say, T0-6, ..., T0-13, for salting LSIG, and
ECCPUB to salt LAMPPUB. Salts don't need to be secret, only unknown by the
builder of
Hi Peter,
> Obviously a local replacement cache is a possibility. The whole point of
my
> email is to show that a local replacement cache isn't necessarily needed,
as
> any alturistic party can implement that cache for all nodes.
Sure, note as soon as you start to introduce an altruistic party
re
Hello,
Today we'd like to announce the release of version 0.4.1 of libsecp256k1:
https://github.com/bitcoin-core/secp256k1/releases/tag/v0.4.1
This release slightly increases the speed of the ECDH operation and
significantly enhances the performance of many library functions when using the
Hi Peter,
Thanks for spending time thinking about RBF pinning and v3.
> Enter Mallory. His goal is to grief Alice by forcing her to spend more
money
than she intended...
> ...Thus the total fee of Mallory's package would have
> been 6.6 * 1/2.5 = 2.6x more than Alice's total fee, and to get her
t
On Tue, Dec 19, 2023 at 6:22 PM wrote:
>
> Thank you for putting yourself through the working of carefully analyzing my
> proposition, Boris!
>
> 1) My demonstration concludes 12 bytes is still a very conservative figure
> for the hashes. I'm not sure where did you get the 14 bytes figure. This
Hello World,
Note: This is not an attack on bitcoin. This is an email with some text and
links. Users can decide what works best for themselves. There is also scope for
discussion about changing method or params.
I want to keep it short and no energy left. I have explored different options
for
