📅 Original date posted:2014-03-08 📝 Original message:On Sat, Mar 8, 2014 at ...

Gregory Maxwell [ARCHIVE] /

npub1f2n…rwet

2023-06-07 15:14:44

in reply to nevent1q…ld46

📅 Original date posted:2014-03-08
📝 Original message:On Sat, Mar 8, 2014 at 11:34 AM, Luke-Jr <luke at dashjr.org> wrote:
> On Wednesday, March 05, 2014 4:21:52 PM Kevin wrote:
>> How can we patch this issue?
> No need, it is not an issue for Bitcoin.
> Properly used, there is only ever one signature per public key.

Security shouldn't depend on perfect use. There are many things that
result in multiple key use: Bitcoin address authentication (something
which the pool you created uses!), someone spamming you with multiple
payments to a common address which you didn't solicit (what, are you
just going to ignore the extra coins?), ... or just practical
considerations— I note the mining pool you founded continually pays a
single address for 'fall back' payments when it can't pay in the
coinbase transact, I know you consider that a bug, but its the reality
today.

Most security issues aren't the result of one problem but several
problems combined, so it's important to make each layer strong even if
the strength shouldn't be important due to proper use in other layers.

Fortunately, libsecp256k1 has a nearly constant time/constant memory
access multiply for signing which should reduce exposure substantially
(and is generally built in a way that reduces vulnerabilities).

Author Public Key

npub1f2nvlx49er5c7sqa43src6ssyp6snd4qwvtkwm5avc2l84cs84esecrwet

Seen on

wss://relay.noswhere.com

Show more details

Published at

2023-06-07 15:14:44

Kind type

1 Short Text Note

Event JSON

{ "id": "1249c1a0f806f3b0104c6b16509f88d31b7be7eac9ef8e7656be934d73f6550a", "pubkey": "4aa6cf9aa5c8e98f401dac603c6a10207509b6a07317676e9d6615f3d7103d73", "created_at": 1686150884, "kind": 1, "tags": [ [ "e", "d46bd1a40c3d916ca1e2c015ea0a2210ec8d4fdd9116c09aec6725abac0dd67f", "", "root" ], [ "e", "e494d6c6a64b0e620eecf076c5a729c2cb78545fbdcaa67422a15a6471942045", "", "reply" ], [ "p", "6ac6a519b554d8ff726a301e3daec0b489f443793778feccc6ea7a536f7354f1" ] ], "content": "📅 Original date posted:2014-03-08\n📝 Original message:On Sat, Mar 8, 2014 at 11:34 AM, Luke-Jr \u003cluke at dashjr.org\u003e wrote:\n\u003e On Wednesday, March 05, 2014 4:21:52 PM Kevin wrote:\n\u003e\u003e How can we patch this issue?\n\u003e No need, it is not an issue for Bitcoin.\n\u003e Properly used, there is only ever one signature per public key.\n\nSecurity shouldn't depend on perfect use. There are many things that\nresult in multiple key use: Bitcoin address authentication (something\nwhich the pool you created uses!), someone spamming you with multiple\npayments to a common address which you didn't solicit (what, are you\njust going to ignore the extra coins?), ... or just practical\nconsiderations— I note the mining pool you founded continually pays a\nsingle address for 'fall back' payments when it can't pay in the\ncoinbase transact, I know you consider that a bug, but its the reality\ntoday.\n\nMost security issues aren't the result of one problem but several\nproblems combined, so it's important to make each layer strong even if\nthe strength shouldn't be important due to proper use in other layers.\n\nFortunately, libsecp256k1 has a nearly constant time/constant memory\naccess multiply for signing which should reduce exposure substantially\n(and is generally built in a way that reduces vulnerabilities).", "sig": "8774f1f7a256d6980250011eaadc1a4e47bac5599127e857133ea5d3ee63ba79727e0d41a1f00f56d5719262de5b9c4c21f4de98c81d13d757330a7db78022bf" }