Even so, it is unlikely that the MRL-0001 chain reaction has anything to do with this, as a "time warp" attack doesn't relate to it.
The two are related by the fact that the alleged ability to crack sent private keys isn't enabled until the anonymity of the ring signatures is broken by the correlation of the sender. And TW is needed to rewind the blockchain to re-spend those cracked. Again I reiterate and concur that we don't know if private keys can be cracked and have good reason to be very skeptical. Normally it is implausible to factor P=xG mod l where P is the public key and x is the private key. If it were, all popular public key crypto would be at risk. However the difference in this case is that the CN ring signatures create another equation, I=xH(P) mod l. Normally that equation can't be correlated to P=xG because we don't know which P from the ring inputs is the Pi where i == s. But when we break the anonymity with the amplification, then we can correlate those two equations. Now I don't know if there is any trick to combine the factoring of those two equations such that it becomes plausible. The second equation adds information, so my math intuition tells me there is a risk.
Gmaxell hasn't posted. Have you all heard from him on this?
And, too, thus far we have seen no evidence that BCX actually has an exploit. All we have are disjointed breadcrumbs that don't fit an overall picture of how the proposed attack would play out.
He has stated he has a GPU farm ready and only needs < 20% of the hashrate to accomplish an attack. He is only one of two guys (the other being ArtFortz who apparently taught him how to TW attack) that ever successfully performed a TW attack on any coin in the past.
Given the lack of evidence we are certainly not discounting the remote possibility that there actually is an exploit, but just as with
each of Bitcoin's 26 very serious exploits we will analyse an attack if there is one, patch it, and move on.
The TW attack issue can probably be fixed in any case. But there is a possibility that the anonymity issue can't be fixed. This is what BCX said in the prior closed thread and I am seeing some possibility he might be correct. I need to spend some time trying to characterize the amplification.
Between now and 60 hours time we are not going to "rapidly evolve" just because BCX claims he has an exploit but won't give us the technical details. We are, instead, going to continue our work on incrementally documenting and refactoring the codebase, as well as our independent research into edge-case cryptographic weaknesses, and deal with an attack if there is one.
Are you telling XMR investors you don't care if BCX steals their money and you will just fix it after the fact?
Sorry I know BCX hasn't given us any proof so normally we should ignore him, but this is BCX a guy who has done it before.
