Talk:Contingency plans: Difference between revisions
Add request to reconsider wording on why miners should stop mining. |
No edit summary |
||
(4 intermediate revisions by 2 users not shown) | |||
Line 1: | Line 1: | ||
The use of the words "must stop mining" might be more effective stating that continuing to mine may yield coins that will never confirm and adding to the troubled block chain may make it more difficult to reverse once a fix becomes available. - [[User:Sgornick|Sgornick]] 19:24, 4 September 2011 (GMT) | The use of the words "must stop mining" might be more effective stating that continuing to mine may yield coins that will never confirm and adding to the troubled block chain may make it more difficult to reverse once a fix becomes available. - [[User:Sgornick|Sgornick]] 19:24, 4 September 2011 (GMT) | ||
:I'll add something like that when I next work on this. (This text is very unfinished: I have done absolutely no editing, and I plan to add more contingencies.) [[User:Theymos|theymos]] 08:43, 5 September 2011 (GMT) | |||
---------------------------------------------- | |||
"ECDSA is broken: | |||
Situation: an attacker can sign for a public key that he does not own the private key for in only a few days of work. " | |||
I can see that the alert system would be compromised, but how could an attacker spend money that is not his? He would not have a public key until a transaction is transmitted. It would then be a race to crack it '''and then''' get it to miners before the existing transaction, no? The ability to spend money due to ECDSA's failure would only be a problem if a valid signature can be found within seconds of learning of a public key or signature I think. Still worth mentioning though. | |||
--[[User:Atheros|Atheros]] 21:20, 17 November 2011 (GMT) | |||
:Most people reuse addresses at least a few times, I think. I'd guess that 25-50% of unspent transactions would be vulnerable to a slower ECDSA attack. Might be something to mention in the article, though. [[User:Theymos|theymos]] 03:43, 18 November 2011 (GMT) | |||
::Oh Yes, I had forgotten that people reuse addresses. --[[User:Atheros|Atheros]] 08:18, 18 November 2011 (GMT) |
Latest revision as of 08:18, 18 November 2011
The use of the words "must stop mining" might be more effective stating that continuing to mine may yield coins that will never confirm and adding to the troubled block chain may make it more difficult to reverse once a fix becomes available. - Sgornick 19:24, 4 September 2011 (GMT)
- I'll add something like that when I next work on this. (This text is very unfinished: I have done absolutely no editing, and I plan to add more contingencies.) theymos 08:43, 5 September 2011 (GMT)
"ECDSA is broken: Situation: an attacker can sign for a public key that he does not own the private key for in only a few days of work. "
I can see that the alert system would be compromised, but how could an attacker spend money that is not his? He would not have a public key until a transaction is transmitted. It would then be a race to crack it and then get it to miners before the existing transaction, no? The ability to spend money due to ECDSA's failure would only be a problem if a valid signature can be found within seconds of learning of a public key or signature I think. Still worth mentioning though. --Atheros 21:20, 17 November 2011 (GMT)
- Most people reuse addresses at least a few times, I think. I'd guess that 25-50% of unspent transactions would be vulnerable to a slower ECDSA attack. Might be something to mention in the article, though. theymos 03:43, 18 November 2011 (GMT)
- Oh Yes, I had forgotten that people reuse addresses. --Atheros 08:18, 18 November 2011 (GMT)