Author: James Hilliard 2017-05-18 13:57:08
Published on: 2017-05-18T13:57:08+00:00
Cameron Garnham, a member of the Bitcoin Development Mailing List, expressed concern over the current approach to ASICBOOST, which he believes does not comply with established best practices for security vulnerabilities. He argued that deviations from the Bitcoin Security Model should be considered security vulnerabilities and that general ASIC optimization cannot be considered a vulnerability, but being able to craft inputs that are significantly easier to check than alternative inputs is a vulnerability. Therefore, 'ASICBOOST' should be assigned a CVE as it attacks Bitcoin's security assumptions and exploits the Proof-of-Work Function. Garnham recommends that the Bitcoin Community fix this vulnerability with expediency, and he provided a list of things to do, including adding extra data in the Coinbase Transaction, locking the Version, locking the lower-bits on the Timestamp, and making a deterministic ordering of transaction chains within a block. However, he believes that if there is a hard-fork, the Proof-of-Work internal merkle structure should be considered directly. In his opinion, locking the lower bits on the timestamp will likely break existing hardware that relies on being able to roll ntime.
Updated on: 2023-06-12T00:51:24.815962+00:00