On Sat, Sep 27, 2014 at 07:55:44PM -0700, Tom Harding wrote:
> On 9/25/2014 7:37 PM, Aaron Voisine wrote:
> > Of course you wouldn't want nodes to propagate alerts without
> > independently verifying them
> How would a node independently verify a double-spend alert, other than 
> by having access to an actual signed double-spend?
> 
> #4570 relays the first double-spend AS an alert.  Running this branch on 
> mainnet, I have been keeping a live list of relayed double-spend 
> transactions at http://respends.thinlink.com

Speaking of, I ported my replace-by-fee branch the recent v0.9.3
release: https://github.com/petertodd/bitcoin/tree/replace-by-fee-v0.9.3

I actually ported it a few days ago; that release has been running on a
half-dozen or so nodes right now for a few days with no issues.

The v0.9.3 release's scriptSig size limit increase adds a new category
of double-spending exploit. I'm not going to get time to add that
exploit to my replace-by-fee toolkit(1) for at least another week or so
though - pull-reqs accepted.

1) https://github.com/petertodd/replace-by-fee-tools

-- 
'peter'[:-1]@petertodd.org
0000000000000000084778cc7b7394a48d65c9451a59dcf98d0f1e1078f39c3a