zcash-hackworks
/
zcash-patched-for-explorer
mirror of https://github.com/zcash-hackworks/zcash-patched-for-explorer.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
zcash-patched-for-explorer/src
History
Gregory Maxwell 71cc9d9fe8
Test LowS in standardness, removes nuisance malleability vector. 
This adds SCRIPT_VERIFY_LOW_S to STANDARD_SCRIPT_VERIFY_FLAGS which
 will make the node require the canonical 'low-s' encoding for
 ECDSA signatures when relaying or mining.

Consensus behavior is unchanged.

The rational is explained in a81cd96805ce6b65cca3a40ebbd3b2eb428abb7b:
 Absent this kind of test ECDSA is not a strong signature as given
 a valid signature {r, s} both that value and {r, -s mod n} are valid.
 These two encodings have different hashes allowing third parties a
 vector to change users txids.  These attacks are avoided by picking
 a particular form as canonical and rejecting the other form(s); in
 the of the LOW_S rule, the smaller of the two possible S values is
 used.

If widely deployed this change would eliminate the last remaining
 known vector for nuisance malleability on boring SIGHASH_ALL
 p2pkh transactions.  On the down-side it will block most
 transactions made by sufficiently out of date software.

Unlike the other avenues to change txids on boring transactions this
 one was randomly violated by all deployed bitcoin software prior to
 its discovery.  So, while other malleability vectors where made
 non-standard as soon as they were discovered, this one has remained
 permitted.  Even BIP62 did not propose applying this rule to
 old version transactions, but conforming implementations have become
 much more common since BIP62 was initially written.

Bitcoin Core has produced compatible signatures since a28fb70e in
 September 2013, but this didn't make it into a release until 0.9
 in March 2014; Bitcoinj has done so for a similar span of time.
 Bitcoinjs and electrum have been more recently updated.

This does not replace the need for BIP62 or similar, as miners can
 still cooperate to break transactions.  Nor does it replace the
 need for wallet software to handle malleability sanely[1]. This
 only eliminates the cheap and irritating DOS attack.

[1] On the Malleability of Bitcoin Transactions
Marcin Andrychowicz, Stefan Dziembowski, Daniel Malinowski, Łukasz Mazurek
http://fc15.ifca.ai/preproceedings/bitcoin/paper_9.pdf

Rebased-From: b196b685c9089b74fd4ff3d9a28ea847ab36179b
Github-Pull: #6769
 		2015-10-07 11:21:03 +02:00
..
compat Add an alternate location of endian.h header 2015-06-23 09:03:09 +02:00
config
consensus Consensus: MOVEONLY: Move CValidationState from main consensus/validation 2015-05-15 16:05:28 +02:00
crypto build: Endian compatibility 2015-03-06 15:54:53 +01:00
json json: fail read_string if string contains trailing garbage 2015-06-03 15:16:37 +02:00
leveldb
obj
obj-test
policy PARTIAL: typofixes (found by misspell_fixer) 2015-09-22 00:43:15 +00:00
primitives Consensus: Create consensus/consensus.h with some constants 2015-04-20 21:27:51 +02:00
qt qt: periodic translation update 2015-09-29 12:54:05 +02:00
script Test LowS in standardness, removes nuisance malleability vector. 2015-10-07 11:21:03 +02:00
secp256k1 Update libsecp256k1 2015-04-22 14:03:10 -07:00
support Remove assertion from ~LockedPageManager 2015-05-15 11:44:58 +02:00
test Only use randomly created nonces in CRollingBloomFilter. 2015-10-02 12:17:49 +02:00
univalue
wallet PARTIAL: typofixes (found by misspell_fixer) 2015-09-22 00:43:15 +00:00
.clang-format
Makefile.am Replace boost::reverse_lock with our own. 2015-09-22 00:43:13 +00:00
Makefile.qt.include qt: define QT_NO_KEYWORDS 2015-07-15 10:24:49 +02:00
Makefile.qttest.include
Makefile.test.include Replace boost::reverse_lock with our own. 2015-09-22 00:43:13 +00:00
addrman.cpp Merge pull request #6028 2015-04-24 16:11:23 +02:00
addrman.h PARTIAL: typofixes (found by misspell_fixer) 2015-09-22 00:43:15 +00:00
alert.cpp Chainparams: Decouple CAlert from CChainParams 2015-04-04 12:58:14 +02:00
alert.h Chainparams: Decouple CAlert from CChainParams 2015-04-04 12:58:14 +02:00
amount.cpp
amount.h
arith_uint256.cpp src/arith_256.cpp: bigendian compatibility 2015-03-06 17:21:59 +01:00
arith_uint256.h ensure consistent header comment naming conventions 2015-04-20 13:29:22 +02:00
base58.cpp openssl: abstract out OPENSSL_cleanse 2015-02-15 11:34:02 -05:00
base58.h Non-grammatical language improvements 2015-05-02 15:23:59 +00:00
bitcoin-cli-res.rc Update Windows resource files (and add one for bitcoin-tx) 2015-05-22 02:56:55 +00:00
bitcoin-cli.cpp Separate CTranslationInterface from CClientUIInterface 2015-04-16 19:58:48 +02:00
bitcoin-tx-res.rc Update Windows resource files (and add one for bitcoin-tx) 2015-05-22 02:56:55 +00:00
bitcoin-tx.cpp Avoid leaking file descriptors in RegisterLoad 2015-09-22 00:43:11 +00:00
bitcoind-res.rc Update Windows resource files (and add one for bitcoin-tx) 2015-05-22 02:56:55 +00:00
bitcoind.cpp Create a scheduler thread for lightweight tasks 2015-05-14 12:50:41 -04:00
bloom.cpp Only use randomly created nonces in CRollingBloomFilter. 2015-10-02 12:17:49 +02:00
bloom.h Only use randomly created nonces in CRollingBloomFilter. 2015-10-02 12:17:49 +02:00
chain.cpp
chain.h Non-grammatical language improvements 2015-05-02 15:23:59 +00:00
chainparams.cpp Trivial: Corrected owner of DNS seeder 2015-05-14 01:02:00 -04:00
chainparams.h Chainparams: Refactor: Decouple main::GetBlockValue() from Params() [renamed GetBlockSubsidy] 2015-05-15 16:12:30 +02:00
chainparamsbase.cpp test: Remove UNITTEST params 2015-03-09 16:06:14 +01:00
chainparamsbase.h Bugfix: Grammar fixes 2015-05-01 11:21:27 +00:00
chainparamsseeds.h Hardcoded seeds update June 2015 2015-06-25 17:10:09 +02:00
checkpoints.cpp Merge pull request #6055 2015-05-06 11:38:39 +02:00
checkpoints.h Merge pull request #6055 2015-05-06 11:38:39 +02:00
checkqueue.h Bugfix: Grammar fixes 2015-05-01 11:21:27 +00:00
clientversion.cpp
clientversion.h Bump version to 0.11 2015-06-01 10:25:26 +02:00
coincontrol.h
coins.cpp Keep track of memory usage in CCoinsViewCache 2015-05-11 17:56:48 -07:00
coins.h Keep track of memory usage in CCoinsViewCache 2015-05-11 17:56:48 -07:00
compat.h Fix warning introduced by #6412 2015-07-20 17:11:31 +02:00
compressor.cpp
compressor.h
core_io.h
core_read.cpp
core_write.cpp
eccryptoverify.cpp
eccryptoverify.h
ecwrapper.cpp consensus: cache the openssl EC_GROUP to avoid a race condition for each CECKey instantiation 2015-08-20 16:37:50 +02:00
ecwrapper.h
hash.cpp chaincodes: abstract away more chaincode behavior 2015-05-06 17:22:46 +02:00
hash.h chaincodes: abstract away more chaincode behavior 2015-05-06 17:22:46 +02:00
init.cpp Delay initial pruning until after wallet init 2015-09-22 00:43:12 +00:00
init.h Create a scheduler thread for lightweight tasks 2015-05-14 12:50:41 -04:00
key.cpp Merge pull request #6034 2015-05-06 18:37:49 +02:00
key.h Merge pull request #6034 2015-05-06 18:37:49 +02:00
keystore.cpp wallet: move crypter to wallet 2015-03-22 15:18:55 -04:00
keystore.h c++11: don't forward-declare types used in maps 2015-02-03 23:30:59 -05:00
leveldbwrapper.cpp Handle leveldb::DestroyDB() errors on wipe failure 2015-09-22 00:43:13 +00:00
leveldbwrapper.h
limitedmap.h
main.cpp Move recentRejects initialization to top of InitBlockIndex 2015-10-02 12:27:20 +02:00
main.h Use best header chain timestamps to detect partitioning 2015-06-15 10:34:07 +02:00
memusage.h Add memusage.h 2015-05-11 17:56:48 -07:00
merkleblock.cpp PARTIAL: typofixes (found by misspell_fixer) 2015-09-22 00:43:15 +00:00
merkleblock.h Bugfix: Grammar fixes 2015-05-01 11:21:27 +00:00
miner.cpp Be stricter in processing unrequested blocks 2015-06-03 16:23:46 +02:00
miner.h miner.h: fix clang warning because of class/struct mix 2015-04-16 10:32:47 +02:00
mruset.h Revert "Cache transaction validation successes" 2015-07-28 20:15:51 +02:00
net.cpp Make CRollingBloomFilter set nTweak for you 2015-10-02 12:17:44 +02:00
net.h Use CScheduler for net's DumpAddresses 2015-05-14 12:50:42 -04:00
netbase.cpp Merge pull request #6703 2015-09-23 14:12:55 +02:00
netbase.h Simplify code for CSubnet 2015-05-26 08:59:13 +02:00
noui.cpp
noui.h
pow.cpp Use equivalent PoW for non-main-chain requests 2015-04-22 03:53:25 -07:00
pow.h Use equivalent PoW for non-main-chain requests 2015-04-22 03:53:25 -07:00
protocol.cpp nLastTry is only used for addrman entries 2015-04-19 11:10:23 -07:00
protocol.h nLastTry is only used for addrman entries 2015-04-19 11:10:23 -07:00
pubkey.cpp chaincodes: abstract away more chaincode behavior 2015-05-06 17:22:46 +02:00
pubkey.h chaincodes: abstract away more chaincode behavior 2015-05-06 17:22:46 +02:00
random.cpp WIN32 Seed Cleanup: Move nLastPerfmon behind win32 ifdef. 2015-02-25 18:37:06 -05:00
random.h
rest.cpp [REST] remove json input for getutxos, limit to query max. 15 outpoints 2015-05-27 20:10:02 +02:00
reverselock.h Replace boost::reverse_lock with our own. 2015-09-22 00:43:13 +00:00
rpcblockchain.cpp Consensus: MOVEONLY: Move CValidationState from main consensus/validation 2015-05-15 16:05:28 +02:00
rpcclient.cpp Merge pull request #6022 2015-04-30 16:37:18 +02:00
rpcclient.h
rpcmining.cpp Be stricter in processing unrequested blocks 2015-06-03 16:23:46 +02:00
rpcmisc.cpp privacy: Stream isolation for Tor 2015-04-17 13:26:47 +02:00
rpcnet.cpp privacy: Stream isolation for Tor 2015-04-17 13:26:47 +02:00
rpcprotocol.cpp
rpcprotocol.h
rpcrawtransaction.cpp Consensus: MOVEONLY: Move CValidationState from main consensus/validation 2015-05-15 16:05:28 +02:00
rpcserver.cpp PARTIAL: typofixes (found by misspell_fixer) 2015-09-22 00:43:15 +00:00
rpcserver.h Merge pull request #5420 2015-05-06 16:50:05 +02:00
scheduler.cpp Replace boost::reverse_lock with our own. 2015-09-22 00:43:13 +00:00
scheduler.h More robust CScheduler unit test 2015-05-16 17:59:23 -04:00
serialize.h fix header include groups 2015-05-14 01:02:01 -04:00
streams.h allocators: split allocators and pagelocker 2015-03-20 12:23:44 +01:00
sync.cpp Remove broken+useless lock/unlock log prints 2015-04-24 02:28:47 -07:00
sync.h PARTIAL: typofixes (found by misspell_fixer) 2015-09-22 00:43:15 +00:00
threadsafety.h
timedata.cpp Do not store more than 200 timedata samples. 2015-08-20 17:14:22 +02:00
timedata.h
tinyformat.h
txdb.cpp Consensus: Refactor: Decouple pow.o from chainparams.o 2015-03-26 00:47:51 +01:00
txdb.h Cache tweak and logging improvements 2015-05-11 17:58:14 -07:00
txmempool.cpp Make sure LogPrintf strings are line-terminated 2015-09-22 00:43:11 +00:00
txmempool.h Create new BlockPolicyEstimator for fee estimates 2015-05-13 10:36:24 -04:00
ui_interface.h Separate CTranslationInterface from CClientUIInterface 2015-04-16 19:58:48 +02:00
uint256.cpp BUGFIX: Stack around the variable 'rv' was corrupted 2015-03-12 22:17:22 +06:00
uint256.h
undo.h
util.cpp Merge pull request #6703 2015-09-23 14:12:55 +02:00
util.h Use CScheduler for net's DumpAddresses 2015-05-14 12:50:42 -04:00
utilmoneystr.cpp
utilmoneystr.h
utilstrencodings.cpp
utilstrencodings.h
utiltime.cpp Trivial: useless cast (ptime)(I'm ptime) 2015-04-30 23:11:52 +03:00
utiltime.h
validationinterface.cpp Regression test for ResendWalletTransactions 2015-03-24 15:29:20 -04:00
validationinterface.h fix IDE/compiler warning "extra ';'" in validationinterface.h 2015-05-14 01:02:00 -04:00
version.h