Topic: [ALERT] Alert System Retirement (Read 1087 times)

So revealing the key to the public serves two purposes. First, it removes the existing suspicion that the key might have been used for something other than sending alerts to people (for example, arbitrarily changing difficulty). And, second, it eliminates the possibility of someone holding this key privately to sign a loaded message and thus negatively affect Bitcoin.

Below is a part of the email that throws some light in regard to reputation attacks:


That makes sense, after all.

Yes, in fact it is possible to check the authenticity of the key. The public key was hard coded into the software. You can still go back in the git tree and find the commits where the key was in the code. The private key for the public key will be released. That public key for the private key can be derived and checked to see if it matches the public key that was hard coded. Here is one place the alert public key is hard coded: https://github.com/bitcoin/bitcoin/blob/0.12/src/chainparams.cpp#L104 That is the 0.12 branch of Bitcoin Core.

Ahh. Yes, I did not think of that. Someone who holds the key could sign a message and post it somewhere claiming something which could be bad for Bitcoin. Because the key would still be held privately, the person who made that message could claim that the core devs want people to follow the signed message because people may think the key still holds some significance. By revealing the key publicly, this potential attack vector is completely removed.

That makes sense provided that this key is the key. But really paranoid people could still claim that the key disclosed has nothing to do with the real Alert key, or whatever else it might have been used for. And because the whole system will already be dismantled by the time the key is released to the public, it won't be possible to check that. Maybe, I'm missing something here, and there are ways to actually prove the authenticity of the key even if the system has already been removed from Bitcoin. I just don't know, that's why I'm asking.

I think what reputation attacks mean is, somebody that has a reputation in the bitcoin ecosystem (like Gavin Andressen for example) could use their key to push a certain agenda.

If nobody has the key, then nobody can do that sort of attack anymore.

I'm not quite sure what Greg exactly meant with further potential reputation attacks.

The issue with the "special trusted source of authority" is that some people thought that the alert key holders could use their key to influence important aspects of Bitcoin. For example (from the email), one person asked the devs whether they could use the key to reset the difficulty. So the thinking goes: if the key is still held secret after the alert system is dead, people may still think that it holds some special importance and can still be used as a centralizing trusted authority. The goal is to avoid this and to kill off any significance the key may have by publishing it publicly.

me neither new or needed this services as bitcoins are becoming more many stream then either now
so this type of  system is not needed anymore
so I guess that's why is being shut down as 1000 others site are doing the same sort of things
but thanks to op for informing us so that the users that did use it now to look somewhere else for the info.

Got it.


Missed that part somehow (emphasis added):


I still don't understand two things. 1) what further potential reputation attacks are possible, and 2) which seems to me the most important here, wasn't the key exactly that? I mean, a special trusted source of authority? Regarding the first, just mentioning further reputation attacks is already telling a lot by itself. Regarding the second, I think just because the key was available only to a few core developers and due to the fact that it served a special purpose of alerting users, it implies that it should have been trusted and authoritative. Otherwise, it couldn't function as a true Alert key as far as I get it.

The pre final alert has been sent.

Good ... Nanos can not shutdown Bitcoin in the future.

Great idea as this may have been used in the future by someone with malicious intent.  although to be honest i didnt even know that it existed.   

The key has never been changed. You can follow the commits in the git tree. The only change to it has been its removal.

Now all we need is to find out if the Alert key has ever been changed. If it hasn't been, then there is no evidence as to what might have happened, then let's call it a day, for the lack of evidence, obviously. If they changed the key and disclosed the old one, that would mean one thing, but if they changed it and didn't disclose the old key, that would mean something totally different, correct?

Read the last paragraph of this email: https://lists.linuxfoundation.org/pipermail/bitcoin-dev/2016-September/013104.html

As I explained earlier, no this cannot happen. The final alert is a maximum sequence alert which cannot be overridden. It displays a static message "Alert Key Compromised" which is hard coded into the alert handler. The final alert will be broadcast by all 0.14 nodes to ensure that everyone gets the alert. This process renders the entire alert system useless and thus safe to disclose the alert key.

There are no individual alert keys for each person. There is one singular key and you cannot prove that you don't have the key. A major issue is that when an alert is sent, it is impossible to know who actually sent it. Gavin has the key, and will always have the key. Mark Karpeles has the key, and will always have the key.

How is it a childish act? It isn't retaliating against anyone, it is to provide transparency and to show how the alert system has been successfully retired.

Yes, I would want the developers to release the old inactive key if they changed. If they changed the key, they would follow a process very similar to what is being done now; the developers aren't stupid and do think of the consequences. They would have the max sequence alert broadcast to have the "Alert key compromised". The next version of the software would have that same alert hard coded and continuously broadcast to make sure all old nodes get the message. That new release would also have the new key, or, in this case, no key and the whole thing gone.

This is the "official version", which is meaningless, in my view. And it is a childish act as well since this key was not intended to be made public in the first place, as I got it. To further clarify my point, would the developers want to release the old inactive key if they decided just to change it, for whatever reason (let's assume that it is possible to change the key)?

Would you believe them if they said they would release it to the public to demonstrate that the old key is no longer useful?

But like other people pointed at, it's just not a good idea anymore. Back in the day, there was barely no sites reporting bitcoin stuff, now you have millions of bitcoin sites with constant news, even bitcoin core has its own website, back then all there was was the bitcoin client really... so it was needed, today not so much.

It somehow feels wrong to undo Satoshi's master plan to inform users when major events happens, but I can see how some people might misuse

this system, if they cannot be properly removed. I was under the impression Gavin's key was removed and he could not access that system... or do

they mean that a rogue developer might try to sabotage Bitcoin whilst he or she still has the key? Well I hope there are a good replacement that can

be properly verified with a PGP key.  

I guess they give out the key to demonstrate that the key is useless after they remove the alert system. What I don't get is... wouldn't the key will still be useful to trigger alerts in the pre 0.13 software??

But what is the real purpose of giving out the key? I remember a time when the Linux iptables had a feature that allowed to send back the offending packets to the source (it was called MIRROR or something to that tune, if I'm not mistaken), but it got soon removed since that had been a silly idea right from the start. Why not just abandon this Alert system without making it look like a personal vendetta?

A really good decision, because the alert system has become a potential risk considering that there are people in possession of the alert key that have proven to stand against the original idea of Bitcoin as a decentralized and fully fungible currency. The consequences of even a singular abuse could be dramatic, because a lot of users would trust it as a credible source and may even give information of the alert system preference over other sources of information.

In my opinion, the alert key is a classic example of a feature that is added to increase security in one respect but at the same time is adding a another form of insecurity. The alert key made sense at the time Bitcoin was in experimental stage and used by few people, having a limited number of developers. Its removal is overdue.

ya.ya.yo!

The system will be sufficiently dead by the time that the key is released. A maximum sequence alert cannot be overridden. Bitcoin Core 0.14 will be constantly broadcasting that final alert so that all nodes receive it by the time the hey is released.