Author

Topic: Vulnerability found that affects privacy of OLD miners, including Satoshi (Read 1274 times)

staff
Activity: 4284
Merit: 8808
I hereby grant you exactly the salary I receive for working on Bitcoin. Tongue
hero member
Activity: 555
Merit: 654
so I thought the counter only reset on orphan blocks..
Why did you claim it was only reset on restart?

Because I know nothing about Bitcoin.

If you paid me a salary I would spend time checking every word I said. Because I'm not being paid, I use vague words so people that work on Bitcoin AS A JOB can go and check all the infinite ramifications of my words, and they should, because their money is at stake and I'm a human being that can be mistaken.
 
vip
Activity: 1316
Merit: 1043
👻
Nice find Sergio. Quite old vulnerability through
staff
Activity: 4284
Merit: 8808
so I thought the counter only reset on orphan blocks..
Why did you claim it was only reset on restart?
hero member
Activity: 555
Merit: 654
Great GMaxwell!

Now we see your work with mine work can be complemented.

It didn't understood the "if (hashPrevBlock != pblock->hashPrevBlock)" line of code, so I thought the counter only reset on orphan blocks..
staff
Activity: 4284
Merit: 8808
I haven't checked all versions of the Satoshi client, but I believe  all are affected by the vulnerability.
When you say you haven't checked 'all versions' you mean to say 'any versions except one really old one'?

Currently it's reset on every block:
Code:
    if (hashPrevBlock != pblock->hashPrevBlock)
    {
        nExtraNonce = 0;
        hashPrevBlock = pblock->hashPrevBlock;
    }

I don't mind correcting you because that took all of two seconds ... but ... really?  "vulnerability"?

What is your motivation in not spending two seconds to actually look before claiming that "all are affected by the vulnerability"?

Even back in October 2010 (e.g. v0.3.14):
Code:
            if (nNewTime != pblock->nTime && bnExtraNonce > 10)
                bnExtraNonce = 0;
It also spent some time with the wrap at 0x7f.

legendary
Activity: 1148
Merit: 1018
Sergio: you are brilliant.

Thanks for your work!
hero member
Activity: 555
Merit: 654
Check the thread https://bitcointalksearch.org/topic/the-well-deserved-fortune-of-satoshi-nakamoto-visionary-and-genious-178629 or my blog http://bitslog.wordpress.com/2013/04/17/the-well-deserved-fortune-of-satoshi-nakamoto/.

The loss of anonymity can give Bitcoin economists and historians a great opportunity to compute interesting metrics about mining in general and the role of Satoshi in the project inception years.

The vulnerability relies on the use of the extraNonce field. The extraNonce fields increments every time the nonce fields (which is 32 bits) overflows, so it's a slow realtime clock, until the application is restarted, in which case it goes back to 1.

I haven't checked all versions of the Satoshi client, but I believe  all are affected by the vulnerability.
 
GMaxwell have carefully analyzed each version and found that only the oldest ones were vulnerable, but not after October 2010 (e.g. v0.3.14) .

Best regards, Sergio.
Jump to: