Author: theymos 2017-04-05 23:05:18
Published on: 2017-04-05T23:05:18+00:00
Gregory Maxwell, a Bitcoin Core developer, has proposed a solution to a potential Bitcoin security problem caused by a design oversight in the proof of work function. The vulnerability could allow a miner to save up to 30% of energy costs. Maxwell claims that this exploitation could result in a payout of up to $100m per year. Reverse engineering of a mining ASIC from a major manufacturer revealed that it contains an undisclosed ability to make use of the attack. On that basis, Maxwell's proposal inhibits the covert exploitation of the vulnerability in order to prevent interference with useful improvements such as segregated witness. The proposal does not prevent the attack in general but only inhibits covert forms of it which are incompatible with improvements to the Bitcoin protocol. The specific activation height is currently unspecified. The proposal would automatically sunset so it would not accumulate technical debt if enforcement of the rule was no longer needed. Maxwell’s proposal is for a flag-day soft fork to be included in Bitcoin Core as soon as version 0.14.1. A trigger period of three to six months from release should allow sufficient time for enough of the economy to upgrade given the severity of the issue. This proposal blocks the final optimisation of the SHA2-256 merkle damgard hash function, which virtually eliminates all tree related overhead, and is the method used for covert exploitation of the vulnerability. At present SegWit-ready miners will always produce the commitment even when optional according to BIP 141. Non-SegWit miners can become compatible by simply including an additional output matching a default commitment value returned as part of getblocktemplate. Miners should not automatically discontinue the commitment at the expiration height.
Updated on: 2023-06-11T23:39:53.206726+00:00