From 2b5c33e1016368cce079210cf325614cb2ece631 Mon Sep 17 00:00:00 2001 From: Taylor Hornby Date: Wed, 13 Jul 2016 18:23:11 -0600 Subject: [PATCH] Add the results of #784 to security warnings. --- doc/security-warnings.md | 3 +++ 1 file changed, 3 insertions(+) diff --git a/doc/security-warnings.md b/doc/security-warnings.md index fcf47640..e200c74a 100644 --- a/doc/security-warnings.md +++ b/doc/security-warnings.md @@ -29,6 +29,9 @@ should assume other unprivileged users running on the same hardware as your - Determine which notes you own by observing cache side-channel information leakage from the incremental witnesses as they are updated with new notes. +- Determine which notes you own by observing the trial decryption process of + each note ciphertext on the blockchain. + You should ensure no other users have the ability to execute code (even unprivileged) on the hardware your `zcashd` process runs on until these vulnerabilities are fully analyzed and fixed.