theymos [ARCHIVE] on Nostr: π Original date posted:2011-09-08 ποΈ Summary of this message: Alert system is ...
π
Original date posted:2011-09-08
ποΈ Summary of this message: Alert system is crucial for network's security against attackers with >50% computational power. GUI client should restrict transactions during alerts.
π Original message:The alert system will be very important if there are ever any critical
problems in the network. For example, it is currently Bitcoin's only
defense against an attacker with >50% of the computational power, where
alerts would be used to tell people to stop accepting transactions.
Displaying a message is pretty harmless. In fact, I don't think the
message is prominent enough. The GUI client should not allow people to
see received transactions or send new transactions while an alert is in
effect (with an opt-out), and there should be an opt-in feature that
puts RPC into safe mode in response to an alert.
Alerts are no worse than transactions as a DoS attack vector. They're
much safer than typical HTTPS because there are no CAs that can break
its security.
(FYI: I also have a copy of the alert key.)
ποΈ Summary of this message: Alert system is crucial for network's security against attackers with >50% computational power. GUI client should restrict transactions during alerts.
π Original message:The alert system will be very important if there are ever any critical
problems in the network. For example, it is currently Bitcoin's only
defense against an attacker with >50% of the computational power, where
alerts would be used to tell people to stop accepting transactions.
Displaying a message is pretty harmless. In fact, I don't think the
message is prominent enough. The GUI client should not allow people to
see received transactions or send new transactions while an alert is in
effect (with an opt-out), and there should be an opt-in feature that
puts RPC into safe mode in response to an alert.
Alerts are no worse than transactions as a DoS attack vector. They're
much safer than typical HTTPS because there are no CAs that can break
its security.
(FYI: I also have a copy of the alert key.)