<div dir="ltr"><div class="gmail_extra"><div class="gmail_quote">On Thu, Apr 6, 2017 at 7:02 AM, Luv Khemani via bitcoin-dev <span dir="ltr"><<a href="mailto:bitcoin-dev@lists.linuxfoundation.org" target="_blank">bitcoin-dev@lists.linuxfoundation.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><p><span style="font-family:calibri,arial,helvetica,sans-serif,"apple color emoji","segoe ui emoji",notocoloremoji,"segoe ui symbol","android emoji",emojisymbols;font-size:16px">Could you elaborate on why you consider ASICBOOST to be an attack?
Attack here implies ill-intent by the practitioner towards the network as a primary motivating factor.</span><br>
</p>
<p></p></blockquote></div><br>See <a href="https://www.reddit.com/r/Bitcoin/comments/63otrp/gregory_maxwell_major_asic_manufacturer_is/dfwcki3/">https://www.reddit.com/r/Bitcoin/comments/63otrp/gregory_maxwell_major_asic_manufacturer_is/dfwcki3/</a></div><div class="gmail_extra"><br></div><div class="gmail_extra">"""</div><div class="gmail_extra"><div class="gmail_extra">I think that it is an attack is a completely unambiguous technical description of what it is. If a signature is supposed to resist forgery against 2^128 operations, but you find a way to do it with 2^80 instead, this is an attack. It is, perhaps, not a very concerning attack and you may or may not change your signature scheme to avoid it or may just instead say the scheme has 2^80 security. But there is no doubt that it would be called an attack, especially if it was not described in the original proposal.</div><div class="gmail_extra"><br></div><div class="gmail_extra">In Bitcoin's Proof of Work, you are attempting to prove a certain amount of work has been done. This shortcut significantly reduces the amount of work. It's an attack. Normally it wouldn't be a serious attack-- it would just get appended to the defacto definition of what the Bitcoin Proof of work is-- similar to the signature system just getting restarted as having 2^80 security-- but in it's covert form it cannot just be adopted because it blocks many further improvements (not just segwit, but the vast majority of other proposals), and additional the licensing restrictions inhibit adoption.</div><div class="gmail_extra"><br></div><div class="gmail_extra">The proposal I posted does not prevent the technique, only the covert form: That is, it doesn't even attempt to solve the patented tech eventually will centralize the system problem. It is narrowly targeted at the interference with upgrades.</div><div class="gmail_extra"><br></div><div class="gmail_extra">Taking a step back-- even ignoring my geeking out about the technical definition of 'attack' in crypographic contexts, we have a set of issues here that left addressed will seriously harm the system going forward for the the significant monetary benefit of an exploiting party. I think that also satisfies a lay definition of the term: Something someone does, that none one expected, that makes them money at everyone elses expense.</div></div><div class="gmail_extra">"""<br><div><br></div><div class="gmail_signature">- Bryan<br><a href="http://heybryan.org/" target="_blank">http://heybryan.org/</a><br>1 512 203 0507</div>
</div></div>