Pages:
Author

Topic: Proposed: We Should Hire Respectable White Hats to Audit Bitcoin's Security - page 2. (Read 2374 times)

donator
Activity: 980
Merit: 1000
Put bounties for proven exploits in a test environment chainblock, under the condition of not making them public until fixed.
donator
Activity: 362
Merit: 250
Here I'll save you the trouble.

BlahBlah security crypto consultants inc. has found the following weaknesses in bitcoin:

1. blah blah hash collision blah blah birthday attack gives us a one-in-one-quadblahdrillionzillion chance of double spending coins when it was previously thought to be one-in-onequadblahbilliondrillion
2. people can walk into your house when you are not home, log onto your laptop and steal your coins
3. any criminal/bank/govt with enough financial resources can easily DDoS the largest pools and execute one of many 51% attacks RIGHT NOW if they wanted


Mitigation summary:

1. encrypt and backup your wallet in the client by default and add multi-sig transactions to the protocol
2. decentralize mining ASAP (encourage use of p2pool, integrate p2p mining in client, etc)
sr. member
Activity: 308
Merit: 250

There are challenges in organizing an audit as the commons, but I imagine high net worth bitcoiners, who have a vested interest in the security of the protocol, could be convinced.

I'll put 10BTC towards this, personally.  Who else is in?
sr. member
Activity: 308
Merit: 250

As a matter of fact, bitcoin would _greatly_ benefit from having actual professional
cryptographers doing not only BIP reviews, but also trying to devise actual attacks
against the whole system.


Can't we hire respectable white hats to do a professional audit (with pledges)?

I would be interested in funding this. And, Gavin thinks it is a good idea.


Good idea. Who wants to volunteer to do the fundraising and organize this, and let me know how I can help?


Who has experience with white-hat security firms?  Who should we approach?  How much would it cost?
Pages:
Jump to: