Re: [bitcoin-dev] Mock introducing vulnerability in important Bitcoin projects

public inbox for bitcoindev@googlegroups.com
 help / color / mirror / Atom feed

From: ZmnSCPxj <ZmnSCPxj@protonmail•com>
To: Luke Dashjr <luke@dashjr•org>,
	Bitcoin Protocol Discussion
	<bitcoin-dev@lists•linuxfoundation.org>
Cc: Prayank <prayank@tutanota•de>
Subject: Re: [bitcoin-dev] Mock introducing vulnerability in important Bitcoin projects
Date: Mon, 04 Oct 2021 03:59:34 +0000	[thread overview]
Message-ID: <sez9AuvBEnKKkLkJ4aivnaLJz5M5VFz3yTOdreTGmFb6RzwMv7h0dRFbEiB1_aup4Daw7t9YwlZKp2YvbgCu1fzym28cHhlzRVC3efmfBpE=@protonmail.com> (raw)
In-Reply-To: <202110032133.44726.luke@dashjr.org>

Good morning Luke,

> All attempts are harmful, no matter the intent, in that they waste
> contributors' time that could be better spent on actual development.
>
> However, I do also see the value in studying and improving the review process
> to harden it against such inevitable attacks. The fact that we know the NSA
> engages in such things, and haven't caught one yet should be a red flag.

Indeed, I believe we should take the position that "review process is as much a part of the code as the code itself, and should be tested regularly".

> Therefore, I think any such a scheme needs to be at least opt-out, if not
> opt-in. Please ensure there's a simple way for developers with limited time
> (or other reasons) to be informed of which PRs to ignore to opt-out of this
> study. (Ideally it would also prevent maintainers from merging - maybe
> possible since we use a custom merging script, but what it really needs to
> limit is the push, not the dry-run.)

Assuming developers are normal humans with typical human neurology (in particular a laziness circuit), perhaps this would work?

Every commit message is required to have a pair of 256-bit hex words.

Public attempts at attack / testing of the review process will use the first 256-bit as a salt, and when the salt is prepended to the string "THIS IS AN ATTACK" and then hashed with e.g. SHA256, should result in the second 256-bit word.

Non-attacks / normal commits just use random 256-bit numbers.

Those opting-out to this will run a script that checks commit messages for whether the first 256-bit hexword concatenated with "THIS IS AN ATTACK", then hashed, is the second 256-bit hexword.

Those opting-in will not run that script and ignore the numbers.

The script can be run as well at the maintainer.

Hopefully, people who are not deliberately opting out will be too lazy to run the script (as is neurotypical for humans) and getting "spoilered" on this.

***HOWEVER***

We should note that a putative NSA attack would of course not use the above protocol, and thus no developer can ever opt out of an NSA attempt at inserting vulnerabilities; thus, I think it is better if all developers are forced to opt in on the "practice rounds", as they cannot opt out of "the real thing" other than to stop developing entirely.

Regards,
ZmnSCPxj

next prev parent reply	other threads:[~2021-10-04  3:59 UTC|newest]

Thread overview: 14+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2021-09-27  1:52 Prayank
2021-09-27 10:13 ` ZmnSCPxj
2021-09-27 23:19   ` Prayank
2021-09-30 20:36     ` Ruben Somsen
2021-10-01  3:03       ` Prayank
2021-10-01 12:27         ` ZmnSCPxj
2021-10-01 15:55           ` Prayank
2021-10-01 20:15             ` Ryan Grant
2021-10-02  9:19               ` Prayank
2021-10-03  9:11                 ` Manuel Costa
2021-10-03 21:33                   ` Luke Dashjr
2021-10-04  3:59                     ` ZmnSCPxj [this message]
2021-11-18 20:29                       ` Prayank
2022-08-19  3:09                         ` Anthony Towns

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to='sez9AuvBEnKKkLkJ4aivnaLJz5M5VFz3yTOdreTGmFb6RzwMv7h0dRFbEiB1_aup4Daw7t9YwlZKp2YvbgCu1fzym28cHhlzRVC3efmfBpE=@protonmail.com' \
    --to=zmnscpxj@protonmail$(echo .)com \
    --cc=bitcoin-dev@lists$(echo .)linuxfoundation.org \
    --cc=luke@dashjr$(echo .)org \
    --cc=prayank@tutanota$(echo .)de \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox