[bitcoin-dev] Disclosure: consensus bug indirectly solved by BIP66

Adam Back adam at cypherspace.org
Wed Jul 29 13:46:46 UTC 2015


I believe the idea is to replace openSSL with
https://github.com/bitcoin/secp256k1 that Pieter and Greg spent quite
some time rigorously testing and have at this point better confidence
in than *SSL libraries.

I think the lessons learned from it as concluded by Pieter and Greg
are that openSSL and derivatives are not focussed on consensus
consistency, such that even if actively maintained and security
reviewed, their own bug fixes can break bitcoin.

Adam

On 29 July 2015 at 06:41, Mike Hearn via bitcoin-dev
<bitcoin-dev at lists.linuxfoundation.org> wrote:
>> This solved the vulnerability, and opens the door to using non-OpenSSL
>> signature verification in the near future.
>
>
> Great work!
>
> It also means the remaining usages of OpenSSL can be safely replaced with
> something like LibreSSL or (perhaps better) BoringSSL.
>
> _______________________________________________
> bitcoin-dev mailing list
> bitcoin-dev at lists.linuxfoundation.org
> https://lists.linuxfoundation.org/mailman/listinfo/bitcoin-dev
>


More information about the bitcoin-dev mailing list