Posts Tagged Vulnerability
A Bitcoin transaction that takes 5 hours to verify
Posted by SDLerner in Uncategorized on January 8, 2017
In 2013 I found a Bitcoin transaction that takes 3 minutes to verify (CVE-2013-2292) related to O(N^2) hashing in signatures. Since then, the O(N^2) argument has popped up in many contexts, mainly in discussions about a block size increase. Now the problem is partially solved by Segwit. During January 2016 I tried to beat the […]
The Bitcoin Freeze on Transaction Attack (FRONT)
Posted by SDLerner in Uncategorized on October 5, 2014
Two month passed since my last post and the reason is I’ve been terribly busy working for Coinspect and also helping with Bitcoin Core security. A rainy Sunday evening is a great moment to write, so here is my new post, with some new thoughts. People are trying to understand the security guarantees Bitcoin provides. […]
Buggy CVE-2013-4627 patch, open new vectors of attack
Posted by SDLerner in Uncategorized on July 18, 2013
Secure coding is hard. But in Bitcoin, secure coding also means understanding every little detail of the undocumented (or code-documented) rules that Satoshi the great has brought to us mortals. CVE-2013-4627 patches a DoS vulnerability discovered by Peter Todd. The vulnerability is easy to spot once you read the code after the patch was applied. […]
CVE-2012-3789 disclosure
Posted by SDLerner in Uncategorized on January 8, 2013
Given that update ratio from 0.6.2 to 0.6.3+ has probably passed the 80% (*) barrier for a long time, I decided to publish the full CVE-2012-3789 vulnerability report, since that is my obligation with the community. https://en.bitcoin.it/wiki/CVE-2012-3789 I encourage those who are working in the Satoshi client to peer review the report. Also I suggest […]
Bitslog 
Recent Comments