[bitcoin-dev] BIP proposal: Inhibiting a covert attack on the Bitcoin POW function

Luke Dashjr luke at dashjr.org
Thu Apr 6 09:17:48 UTC 2017


On Wednesday, April 05, 2017 9:37:45 PM Gregory Maxwell via bitcoin-dev wrote:
> Beginning block X and until block Y the coinbase transaction of
> each block MUST either contain a BIP-141 segwit commitment or a
> correct WTXID commitment with ID 0xaa21a9ef.

Why not simply require the BIP-141 commitment?

> Existing segwit using miners are automatically compatible with
> this proposal.

Not entirely. The commitment is not required until segwit activates.
But this should be trivial to implement at least.

> == Overt attack ==
> 
> The non-covert form can be trivially blocked by requiring that
> the header version match the coinbase transaction version.
> 
> This proposal does not include this block because this method
> may become generally available without restriction in the future,
> does not generally interfere with improvements in the protocol,
> and because it is so easily detected that it could be blocked if
> it becomes an issue in the future.

How does it not interfere with BIP 9? I suppose the versionbits could be moved 
to the generation transaction version, but this would hide them from light 
clients.

> This document is placed in the public domain.

Could you please use one of these?

    https://github.com/bitcoin/bips/blob/master/bip-0002.mediawiki#Recommended_licenses

Luke


More information about the bitcoin-dev mailing list