[Bitcoin-development] Miners MiTM

Luke Dashjr luke at dashjr.org
Fri Aug 8 01:01:15 UTC 2014

On Friday, August 08, 2014 12:29:31 AM slush wrote:
> AFAIK the only protection is SSL + certificate validation on client side.
> However certificate revocation and updates in miners are pain in the ass,
> that's why majority of pools (mine including) don't want to play with
> that...

Certificate validation isn't needed unless the attacker can do a direct MITM 
at connection time, which is a lot harder to maintain than injecting a 
client.reconnect. This, combined with your concern about up to date 
certs/revokes/etc, is why BFGMiner defaults to TLS without cert checking for 


More information about the bitcoin-dev mailing list