I was merely describing that the only failure mode of using "post-split coinbases from the legacy chain" as seedcoins for cointainting purposes would be a resolution of the coinsplit, thereby rendering the cointainting redundant, therefore this would be an entirely safe approach to cointainting, as the only way coins could become untainted (and therefore subject to the threat of replay attacks) would coincide with a disappearance of the situation that gave rise to such replay attacks in the first place. This should sufficiently answer your concerns regarding lack of replay protection in case of medium-to-long-term chainsplits in general. If you fail to grok, please read again until you don't. Sent with [ProtonMail](https://protonmail.com) Secure Email. -------- Original Message -------- Subject: Re: [bitcoin-dev] Replay attacks make BIP148 and BIP149 untennable Local Time: June 7, 2017 3:38 AM UTC Time: June 7, 2017 12:38 AM From: contact@taoeffect.com To: Kekcoin Anthony Towns , bitcoin-dev@lists.linuxfoundation.org Please read my email more carefully; the replay threat would be moot because there would be no alternative chain to replay the TX on, In order to *get to that point*, you need >51%. Not only that, but, if you started out with <51%, then you need >>51% in order to *catch up* and replace the large number of blocks added to the legacy chain in the mean time. So, since >51% is _required_ for BIP148 to succeed (and likely >>51%)... you might as well do as SegWit did originally, or lower the threshold to 80% or something (as BIP91 does). Without replay protection at the outset, BIP148, as far as I can tell, isn't a threat to miners. -- Please do not email me anything that you are not comfortable also sharing with the NSA. On Jun 6, 2017, at 5:29 PM, Kekcoin wrote: Please read my email more carefully; the replay threat would be moot because there would be no alternative chain to replay the TX on, as the non-148 chain would have been reorganized into oblivion. Sent with [ProtonMail](https://protonmail.com/) Secure Email. -------- Original Message -------- Subject: Re: [bitcoin-dev] Replay attacks make BIP148 and BIP149 untennable Local Time: June 7, 2017 3:26 AM UTC Time: June 7, 2017 12:26 AM From: contact@taoeffect.com To: Kekcoin Anthony Towns , bitcoin-dev@lists.linuxfoundation.org I don't know what you mean by "render the replay threat moot." If you don't have replay protection, replay is always a threat. A very serious one. -- Please do not email me anything that you are not comfortable also sharing with the NSA. On Jun 6, 2017, at 5:19 PM, Kekcoin wrote: Hmm, that's not the difference I was talking about. I was referring to the fact that using "post-chainsplit coinbases from the non-148 chain" to unilaterally (ie. can be done without action on the 148-chain) taint coins is more secure in extreme-adverserial cases such as secret-mining reorg attacks (as unfeasibly expensive they may be); the only large-scale (>100 block) reorganization the non-148 chain faces should be a resolution of the chainsplit and therefore render the replay threat moot.