<div dir="ltr"><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;font-size:small;color:#666666">Hey Rusty, </div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;font-size:small;color:#666666">
<br></div><div class="gmail_default" style="font-family:arial,helvetica,sans-serif;font-size:small;color:#666666">This is intriguing, do you have a writeup somewhere I can read more about ? </div></div><div class="gmail_extra">
<br clear="all"><div><div dir="ltr"><div><span style="color:rgb(102,102,102);font-family:arial,helvetica,sans-serif;font-size:13px;background-color:rgb(255,255,255)">Thanks, </span><br></div><div><span style="color:rgb(102,102,102);font-family:arial,helvetica,sans-serif;font-size:13px;background-color:rgb(255,255,255)"><br>
</span></div><div><span style="color:rgb(102,102,102);font-family:arial,helvetica,sans-serif;font-size:13px;background-color:rgb(255,255,255)">Charlie</span></div><div><span style="color:rgb(102,102,102);font-family:arial,helvetica,sans-serif;font-size:13px;background-color:rgb(255,255,255)"><br>
</span></div><div><span style="color:rgb(102,102,102);font-family:arial,helvetica,sans-serif"><a href="http://CharlieShrem.com" target="_blank">CharlieShrem.com</a> | </span><font color="#666666" face="arial, helvetica, sans-serif"><i>Please </i></font><i><span style="color:rgb(102,102,102);font-family:arial,helvetica,sans-serif">encrypt messages with </span><a href="http://charlieshrem.com/contact/" style="font-family:arial,helvetica,sans-serif" target="_blank">my PGP key</a></i></div>
</div></div>
<br><br><div class="gmail_quote">On Tue, Jun 3, 2014 at 8:45 AM, Rusty Russell <span dir="ltr"><<a href="mailto:rusty@rustcorp.com.au" target="_blank">rusty@rustcorp.com.au</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">
Luke Dashjr <<a href="mailto:luke@dashjr.org">luke@dashjr.org</a>> writes:<br>
> On Tuesday, June 03, 2014 4:29:55 AM xor wrote:<br>
>> Hi,<br>
>><br>
>> I thought a lot about the worst case scenario of SHA256d being broken in a<br>
>> way which could be abused to<br>
>> A) reduce the work of mining a block by some significant amount<br>
>> B) reduce the work of mining a block to zero, i.e. allow instant mining.<br>
><br>
> C) fabricate past blocks entirely.<br>
><br>
> If SHA256d is broken, Bitcoin as it is fails entirely.<br>
<br>
I normally just lurk, but I looked at this issue last year, so thought<br>
I'd chime in. I never finished my paper though...<br>
<br>
In the event of an *anticipated* weakening of SHA256, a gradual<br>
transition is possible which avoids massive financial disruption.<br>
<br>
My scheme used a similar solve-SHA256-then-solve-SHA3 (requiring an<br>
extra nonce for the SHA3), with the difficulty of SHA256 ramping down<br>
and SHA3 ramping up over the transition (eg for a 1 year transition,<br>
start with 25/26 SHA2 and 1/26 SHA3).<br>
<br>
The hard part is to estimate what the SHA3 difficulty should be over<br>
time. My solution was to adjust only the SHA3 target on every *second*<br>
difficulty change (otherwise assume that SHA2 and SHA3 have equally<br>
changed rate and adjust targets on both).<br>
<br>
This works reasonably well even if the initial SHA3 difficulty is way<br>
off, and also if SHA2 breaks completely halfway through the transition.<br>
<br>
I can provide more details if anyone is interested.<br>
<br>
Cheers,<br>
Rusty.<br>
<br>
------------------------------------------------------------------------------<br>
Learn Graph Databases - Download FREE O'Reilly Book<br>
"Graph Databases" is the definitive new guide to graph databases and their<br>
applications. Written by three acclaimed leaders in the field,<br>
this first edition is now available. Download your free book today!<br>
<a href="http://p.sf.net/sfu/NeoTech" target="_blank">http://p.sf.net/sfu/NeoTech</a><br>
_______________________________________________<br>
Bitcoin-development mailing list<br>
<a href="mailto:Bitcoin-development@lists.sourceforge.net">Bitcoin-development@lists.sourceforge.net</a><br>
<a href="https://lists.sourceforge.net/lists/listinfo/bitcoin-development" target="_blank">https://lists.sourceforge.net/lists/listinfo/bitcoin-development</a><br>
</blockquote></div><br></div>