Author: Mike Hearn 2014-01-01 15:10:05
Published on: 2014-01-01T15:10:05+00:00
The conversation between Mike Hearn and Jeremy Spilman from December 31, 2013, focused on improving the security of Bitcoin protocol during updates. The issue discussed was using deterministic builds with threshold signed updates to ensure that the update process is secure. However, this approach was deemed overly complicated, and instead, an update engine using a CHECKMULTISIG type approach was suggested. Spilman suggested forward-validation of updates using the blockchain as a less 'security theater' approach. This would require users to verify the provenance of binaries/source before installation, but afterward, the wallet could detect and validate updates automatically. One method suggested was announcing updates in the UI and providing a button for users to verify that the binary matches its expected hash. Another suggestion was click-to-download and upgrade after verifying the hashes. Regarding hosting downloads, AppEngine was suggested as an alternative capable of handling both high load and TLS. Applebaum's talk was also mentioned, where he pushed for the use of TLS, indicating that it raises the bar and makes bulk MITM and rewrite of downloads more challenging.
Updated on: 2023-06-07T22:06:33.524655+00:00