bitcoinj 0.11 released, with p2sh, bip39 and payment protocol support [combined summary]

• bitcoinj 0.11 released, with p2sh, bip39 and payment protocol support Mike Hearn 2014-02-07 10:48:17+00:00
• bitcoinj 0.11 released, with p2sh, bip39 and payment protocol support Peter Todd 2014-02-07 09:21:41+00:00
• bitcoinj 0.11 released, with p2sh, bip39 and payment protocol support Brooks Boyd 2014-02-05 15:09:31+00:00
• bitcoinj 0.11 released, with p2sh, bip39 and payment protocol support Jeremy Spilman 2014-02-05 07:57:36+00:00
• bitcoinj 0.11 released, with p2sh, bip39 and payment protocol support Peter Todd 2014-02-04 16:04:14+00:00
• bitcoinj 0.11 released, with p2sh, bip39 and payment protocol support Natanael 2014-02-04 15:17:47+00:00
• bitcoinj 0.11 released, with p2sh, bip39 and payment protocol support Peter Todd 2014-02-04 14:46:40+00:00
• bitcoinj 0.11 released, with p2sh, bip39 and payment protocol support Jeff Garzik 2014-02-04 14:43:31+00:00
• bitcoinj 0.11 released, with p2sh, bip39 and payment protocol support Peter Todd 2014-02-04 13:17:23+00:00
• bitcoinj 0.11 released, with p2sh, bip39 and payment protocol support Mike Hearn 2014-02-04 13:13:12+00:00
• bitcoinj 0.11 released, with p2sh, bip39 and payment protocol support Peter Todd 2014-02-04 13:03:13+00:00
• bitcoinj 0.11 released, with p2sh, bip39 and payment protocol support Mike Hearn 2014-02-04 12:01:12+00:00

Published on: 2014-02-07T10:48:17+00:00

Summary:

The context provided revolves around various topics related to the Bitcoin community and digital signatures. Firstly, it is mentioned that the v0.11 tag of bitcoinj has been released, signed by Andreas Schildbach's GPG key with a specific fingerprint. The commit hash for this release is also provided. Additionally, it is noted that PGP keys can be identified by short identifiers, which can cause problems.The author then discusses the issues with the release, including a truncated Git commit hash and an incomplete PGP fingerprint. It is explained that these issues can be exploited by attackers, allowing them to modify the bitcoinj source code and generate insecure private keys. The importance of using at least 128 bits to prevent such attacks is emphasized.The discussion moves on to the use of XOR in a Merkle Tree to timestamp data. Concerns are raised about the authenticity of digests at the bottom of the tree, as an attacker can create arbitrary values that XOR together into the root hash and claim that a particular value is part of the tree by providing its sibling. This issue is further illustrated with an example.The security of XOR as a digest scheme is then compared to a proper hash function. It is argued that while XOR may be easy to create collisions with, it becomes problematic when trying to timestamp data in a Merkle tree. The importance of using a proper hash function for greater security is highlighted.The email threads between Peter Todd and Mike Hearn are briefly summarized. Todd raises bonus questions for budding cryptographers and offers rewards for correct responses. The release of bitcoinj 0.11 is announced, along with some updates and improvements. The conversation includes a humorous exchange between Todd and Jeff Garzik regarding Todd's bonus question.Finally, the release of bitcoinj 0.11 is detailed, mentioning its use in various Bitcoin applications and the specific features and improvements it brings. Bug fixes, API changes, and future plans for the library are also mentioned.

Updated on: 2023-08-01T07:34:21.370871+00:00