New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Replay Protection Implementation #51

Closed
martin-key opened this Issue Oct 20, 2017 · 97 comments

Comments

Projects
None yet
@martin-key
Contributor

martin-key commented Oct 20, 2017

Two-way replay protection must be provided in Bitcoin Gold
Refer to #18

The solution must feature:

  • two-way SIGHASH_FORK_ID replay protection
  • clean and readable code
  • automated tests

Bounty: 250 BTG
Bonus 50 BTG if the task is finished before 25.10.2017 12:00 UTC

@h4x3rotab h4x3rotab added the bounty label Oct 20, 2017

@martin-key martin-key changed the title from Replay Protection Implementation - Bounty to Replay Protection Implementation Oct 20, 2017

@vattay

This comment has been minimized.

Show comment
Hide comment
@vattay

vattay Oct 20, 2017

Contributor

I'll take a stab at this, even though someone with more BTC experience will probably stomp me. Building project now.

Contributor

vattay commented Oct 20, 2017

I'll take a stab at this, even though someone with more BTC experience will probably stomp me. Building project now.

@h4x3rotab

This comment has been minimized.

Show comment
Hide comment
@h4x3rotab

h4x3rotab Oct 20, 2017

Contributor

Great! We also have one person working on this and maybe we can collaborate to speed up the progress. (All the bounty belongs to you.)

Contributor

h4x3rotab commented Oct 20, 2017

Great! We also have one person working on this and maybe we can collaborate to speed up the progress. (All the bounty belongs to you.)

@vattay

This comment has been minimized.

Show comment
Hide comment
@vattay

vattay Oct 20, 2017

Contributor

Collab == good. I'm on Bitcoin Gold slack as LxF77.

Contributor

vattay commented Oct 20, 2017

Collab == good. I'm on Bitcoin Gold slack as LxF77.

@drewdotpro

This comment has been minimized.

Show comment
Hide comment
@drewdotpro

drewdotpro Oct 20, 2017

I thought this was a "work in progress" for the last 2+ weeks?
#18 (comment)

If that's the case, share the branch for bounty hunters to have a starting point.

drewdotpro commented Oct 20, 2017

I thought this was a "work in progress" for the last 2+ weeks?
#18 (comment)

If that's the case, share the branch for bounty hunters to have a starting point.

@LeaTex

This comment has been minimized.

Show comment
Hide comment
@LeaTex

LeaTex Oct 21, 2017

@StarbuckBG where will you get the 250+50 BTG? If you fork the BTC blockchain, you need that amount in BTC today.

LeaTex commented Oct 21, 2017

@StarbuckBG where will you get the 250+50 BTG? If you fork the BTC blockchain, you need that amount in BTC today.

@martin-key

This comment has been minimized.

Show comment
Hide comment
@martin-key

martin-key Oct 21, 2017

Contributor
Contributor

martin-key commented Oct 21, 2017

@LeaTex

This comment has been minimized.

Show comment
Hide comment
@LeaTex

LeaTex Oct 21, 2017

paid whit BTG? ok, where do you get it? you need to make a transaction to my wallet. and the inputs came from another wallet. these 250+50 can not "appear magically", thay need to exists in the BTG blockchain.

LeaTex commented Oct 21, 2017

paid whit BTG? ok, where do you get it? you need to make a transaction to my wallet. and the inputs came from another wallet. these 250+50 can not "appear magically", thay need to exists in the BTG blockchain.

@martin-key

This comment has been minimized.

Show comment
Hide comment
@martin-key

martin-key Oct 21, 2017

Contributor
Contributor

martin-key commented Oct 21, 2017

@LeaTex

This comment has been minimized.

Show comment
Hide comment
@LeaTex

LeaTex Oct 21, 2017

I think you are not answering my question.
Where will you get 250+50 BTG to pay me?

LeaTex commented Oct 21, 2017

I think you are not answering my question.
Where will you get 250+50 BTG to pay me?

@martin-key

This comment has been minimized.

Show comment
Hide comment
@martin-key

martin-key Oct 21, 2017

Contributor
Contributor

martin-key commented Oct 21, 2017

@LeaTex

This comment has been minimized.

Show comment
Hide comment
@LeaTex

LeaTex Oct 21, 2017

ok, thanks for your answer.

LeaTex commented Oct 21, 2017

ok, thanks for your answer.

@notf0und

This comment has been minimized.

Show comment
Hide comment
@notf0und

notf0und Oct 22, 2017

Then, if I solve this I will be payed with 250 BTG locked for the next 3 years? Sounds great!

notf0und commented Oct 22, 2017

Then, if I solve this I will be payed with 250 BTG locked for the next 3 years? Sounds great!

@martin-key

This comment has been minimized.

Show comment
Hide comment
@martin-key

martin-key Oct 22, 2017

Contributor
Contributor

martin-key commented Oct 22, 2017

@EliasZ

This comment has been minimized.

Show comment
Hide comment
@EliasZ

EliasZ Oct 22, 2017

So the premine is not time locked after all? Because otherwise you would need 250 BTC right now.

EliasZ commented Oct 22, 2017

So the premine is not time locked after all? Because otherwise you would need 250 BTC right now.

@martin-key

This comment has been minimized.

Show comment
Hide comment
@martin-key

martin-key Oct 22, 2017

Contributor
Contributor

martin-key commented Oct 22, 2017

@sammy007

This comment has been minimized.

Show comment
Hide comment
@sammy007

sammy007 Oct 22, 2017

Just cherry-pick it from bitcoin-abc what a problem.

sammy007 commented Oct 22, 2017

Just cherry-pick it from bitcoin-abc what a problem.

@krtschmr

This comment has been minimized.

Show comment
Hide comment
@krtschmr

krtschmr Oct 22, 2017

200k premine, that's lots of bounty hunting :>

krtschmr commented Oct 22, 2017

200k premine, that's lots of bounty hunting :>

@andre-amorim

This comment has been minimized.

Show comment
Hide comment
@andre-amorim

andre-amorim Oct 22, 2017

Replay protection has todo with time()
Note that's GNU specific. date +%s%6N for microseconds.

andre-amorim commented Oct 22, 2017

Replay protection has todo with time()
Note that's GNU specific. date +%s%6N for microseconds.

@cryptosi

This comment has been minimized.

Show comment
Hide comment
@cryptosi

cryptosi Oct 22, 2017

Maybe change to "will"

image

cryptosi commented Oct 22, 2017

Maybe change to "will"

image

@leto

This comment has been minimized.

Show comment
Hide comment
@leto

leto Oct 22, 2017

Contributor

mainnet will not launch without 2way replay protection, it's cooking, so is implementing is better

Contributor

leto commented Oct 22, 2017

mainnet will not launch without 2way replay protection, it's cooking, so is implementing is better

@stefek99

This comment has been minimized.

Show comment
Hide comment
@stefek99

stefek99 Oct 22, 2017

Bounty for a critical feature opened 4 days before the planned fork.

What could possibly go wrong?

😇

stefek99 commented Oct 22, 2017

Bounty for a critical feature opened 4 days before the planned fork.

What could possibly go wrong?

😇

@Ashrafnet

This comment has been minimized.

Show comment
Hide comment
@Ashrafnet

Ashrafnet Oct 23, 2017

I don't think you guys going to launch the fork on time, this 2 way replay protection must be done before launch.
I think the whole project is scam, its goal is just to manipulate the market, and it did the goal!

Ashrafnet commented Oct 23, 2017

I don't think you guys going to launch the fork on time, this 2 way replay protection must be done before launch.
I think the whole project is scam, its goal is just to manipulate the market, and it did the goal!

@leto

This comment has been minimized.

Show comment
Hide comment
@leto

leto Oct 23, 2017

Contributor

not_launch

Contributor

leto commented Oct 23, 2017

not_launch

@martin-key

This comment has been minimized.

Show comment
Hide comment
@martin-key

martin-key Oct 23, 2017

Contributor
Contributor

martin-key commented Oct 23, 2017

@EliasZ

This comment has been minimized.

Show comment
Hide comment
@EliasZ

EliasZ Oct 23, 2017

What mechanism is used for timelocking the funds?

EliasZ commented Oct 23, 2017

What mechanism is used for timelocking the funds?

@heyrhett

This comment has been minimized.

Show comment
Hide comment
@heyrhett

heyrhett Oct 23, 2017

working on this

heyrhett commented Oct 23, 2017

working on this

@sammy007

This comment has been minimized.

Show comment
Hide comment
@sammy007

sammy007 Oct 23, 2017

What a scam party, now ZCL/ZEN scammers joined the train.

sammy007 commented Oct 23, 2017

What a scam party, now ZCL/ZEN scammers joined the train.

@heyrhett

This comment has been minimized.

Show comment
Hide comment
@heyrhett

heyrhett Oct 23, 2017

Hi @sammy007 , nice to see you, were you able to get it to compile yet?

heyrhett commented Oct 23, 2017

Hi @sammy007 , nice to see you, were you able to get it to compile yet?

@krtschmr

This comment has been minimized.

Show comment
Hide comment
@krtschmr

krtschmr Oct 23, 2017

nobody were able. not even the fix compile errors commit fixed that shit.

krtschmr commented Oct 23, 2017

nobody were able. not even the fix compile errors commit fixed that shit.

@krtschmr

This comment has been minimized.

Show comment
Hide comment
@krtschmr

krtschmr Oct 23, 2017

@EliasZ mechanism is easy to explain. they promise us to keep the funds.

how dare you questioning this? ;)

krtschmr commented Oct 23, 2017

@EliasZ mechanism is easy to explain. they promise us to keep the funds.

how dare you questioning this? ;)

@martin-key

This comment has been minimized.

Show comment
Hide comment
@martin-key

martin-key Oct 23, 2017

Contributor
Contributor

martin-key commented Oct 23, 2017

@heyrhett

This comment has been minimized.

Show comment
Hide comment
@heyrhett

heyrhett Oct 23, 2017

@krtschmr
cd depends; make ; <wait 30 minutes>
cd ..
./autogen.sh; ./configure --prefix=/home/username/BTCGPU/depends/x86_64-pc-linux-gnu
make

heyrhett commented Oct 23, 2017

@krtschmr
cd depends; make ; <wait 30 minutes>
cd ..
./autogen.sh; ./configure --prefix=/home/username/BTCGPU/depends/x86_64-pc-linux-gnu
make

@3389

This comment has been minimized.

Show comment
Hide comment
@3389

3389 Oct 23, 2017

连重放保护都不会做的垃圾币,傻逼廖翔,自己偷摸挖了这么多币只拿出这点来,下次麻烦多那点钱给搬砖的。

3389 commented Oct 23, 2017

连重放保护都不会做的垃圾币,傻逼廖翔,自己偷摸挖了这么多币只拿出这点来,下次麻烦多那点钱给搬砖的。

@heyrhett

This comment has been minimized.

Show comment
Hide comment
@heyrhett

heyrhett Oct 23, 2017

Please review my pull request: #62

heyrhett commented Oct 23, 2017

Please review my pull request: #62

@sammy007

This comment has been minimized.

Show comment
Hide comment
@sammy007

sammy007 Oct 23, 2017

@heyrhett

were you able to get it to compile yet?

If something smells like shit, you dont have to taste it. (c) FYMIYWF

At least not until there is a functional testnet.

sammy007 commented Oct 23, 2017

@heyrhett

were you able to get it to compile yet?

If something smells like shit, you dont have to taste it. (c) FYMIYWF

At least not until there is a functional testnet.

@philsong

This comment has been minimized.

Show comment
Hide comment
@philsong

philsong Oct 24, 2017

interesting

philsong commented Oct 24, 2017

interesting

@robbaltzer

This comment has been minimized.

Show comment
Hide comment
@robbaltzer

robbaltzer commented Oct 24, 2017

On it.

@ileathan

This comment has been minimized.

Show comment
Hide comment
@ileathan

ileathan Oct 24, 2017

@heyrhett I hope they pay you well (I see no bounty information). Or I guess you have alot of btc like them or the premine IDK... but by definition this is a scam now that it is trading and the information on their website has been shown to be flat dishonest. Wish I held my btc on yobit or bleutrade right now.

ileathan commented Oct 24, 2017

@heyrhett I hope they pay you well (I see no bounty information). Or I guess you have alot of btc like them or the premine IDK... but by definition this is a scam now that it is trading and the information on their website has been shown to be flat dishonest. Wish I held my btc on yobit or bleutrade right now.

@John1231983

This comment has been minimized.

Show comment
Hide comment
@John1231983

John1231983 Oct 24, 2017

:)). Do you receive the BTG,@ileathan. I also think it is the scam because the main feature does not complete but they report on the website that it "has implemented".

John1231983 commented Oct 24, 2017

:)). Do you receive the BTG,@ileathan. I also think it is the scam because the main feature does not complete but they report on the website that it "has implemented".

@bit79

This comment has been minimized.

Show comment
Hide comment
@bit79

bit79 Oct 24, 2017

Isn't this called a "forward looking statement"? There should be a disclaimer, something like: "This website and other items we publish, including through social media outlets, may contain forward-looking statements, the achievement or success of which involves risks, uncertainties, and assumptions. If any such risks or uncertainties materialize or if any of the assumptions proves incorrect, the results of Bitcoin Gold could differ materially from the results expressed or implied by the forward-looking statements we make." (copied from Salesforce.com)

bit79 commented Oct 24, 2017

Isn't this called a "forward looking statement"? There should be a disclaimer, something like: "This website and other items we publish, including through social media outlets, may contain forward-looking statements, the achievement or success of which involves risks, uncertainties, and assumptions. If any such risks or uncertainties materialize or if any of the assumptions proves incorrect, the results of Bitcoin Gold could differ materially from the results expressed or implied by the forward-looking statements we make." (copied from Salesforce.com)

@rfreemobile

This comment has been minimized.

Show comment
Hide comment
@rfreemobile

rfreemobile Oct 24, 2017

If all the people that has spend that many times in writing all the posts has focused to write just 1 line of code for each sentence of hate, we would have replay protection, unique address format, Lightning network and

What...?

Do you think this is how development process works, on complex tricky distributed crypto projects?

rfreemobile commented Oct 24, 2017

If all the people that has spend that many times in writing all the posts has focused to write just 1 line of code for each sentence of hate, we would have replay protection, unique address format, Lightning network and

What...?

Do you think this is how development process works, on complex tricky distributed crypto projects?

@tomywomy

This comment has been minimized.

Show comment
Hide comment
@tomywomy

tomywomy Oct 24, 2017

for i = 1 to 1000;

^ can I get 1/250th of the bounty for my one line of code?

tomywomy commented Oct 24, 2017

for i = 1 to 1000;

^ can I get 1/250th of the bounty for my one line of code?

@heyrhett

This comment has been minimized.

Show comment
Hide comment
@heyrhett

heyrhett Oct 24, 2017

Closed my pull request as it did not provide adequate replay protection.

Bitcoin blocks do not currently enforce that a tx version number must be > 0, even though the mempool will reject txns with versions less than 0.

An attacker could therefore mine a block on bitcoin with a txn that has a negative version number, so the simple method implemented in my pull request is not adequate and I closed the pull request.

I believe a SIGHASH_FORKID method is the best approach, though it will require careful review and testing.

heyrhett commented Oct 24, 2017

Closed my pull request as it did not provide adequate replay protection.

Bitcoin blocks do not currently enforce that a tx version number must be > 0, even though the mempool will reject txns with versions less than 0.

An attacker could therefore mine a block on bitcoin with a txn that has a negative version number, so the simple method implemented in my pull request is not adequate and I closed the pull request.

I believe a SIGHASH_FORKID method is the best approach, though it will require careful review and testing.

@AlexanderPoschenrieder

This comment has been minimized.

Show comment
Hide comment
@AlexanderPoschenrieder

AlexanderPoschenrieder Oct 24, 2017

So there's no one working on this right now?

AlexanderPoschenrieder commented Oct 24, 2017

So there's no one working on this right now?

@1hiro

This comment has been minimized.

Show comment
Hide comment
@1hiro

1hiro Oct 24, 2017

Why would anybody be working on this now? The scam is over. The bitcoin gold site is down. Money was made speculating on btc gaining against the alts before the forking block and the alts getting their value back after the forking block.

1hiro commented Oct 24, 2017

Why would anybody be working on this now? The scam is over. The bitcoin gold site is down. Money was made speculating on btc gaining against the alts before the forking block and the alts getting their value back after the forking block.

@AlexanderPoschenrieder

This comment has been minimized.

Show comment
Hide comment
@AlexanderPoschenrieder

AlexanderPoschenrieder Oct 24, 2017

Well, first of all, im bored at work, that's why i asked.
But most important is because if the wallet and the mainnet are released without Replay protection, and this is a scam, people could rob BTCs just asking some BTG. Which is much worse than just price speculation.

AlexanderPoschenrieder commented Oct 24, 2017

Well, first of all, im bored at work, that's why i asked.
But most important is because if the wallet and the mainnet are released without Replay protection, and this is a scam, people could rob BTCs just asking some BTG. Which is much worse than just price speculation.

@martin-key

This comment has been minimized.

Show comment
Hide comment
@martin-key

martin-key Oct 24, 2017

Contributor
Contributor

martin-key commented Oct 24, 2017

@nisenbaum

This comment has been minimized.

Show comment
Hide comment
@nisenbaum

nisenbaum Oct 24, 2017

Your project has devs savvy enough to change PoW algo and to premine, but not to code replay protection?! What gives? You knew the replay protection is a MUST, knew it before any other decisions about the alt coin were made. Please explain.

nisenbaum commented Oct 24, 2017

Your project has devs savvy enough to change PoW algo and to premine, but not to code replay protection?! What gives? You knew the replay protection is a MUST, knew it before any other decisions about the alt coin were made. Please explain.

@jb55

This comment has been minimized.

Show comment
Hide comment
@jb55

jb55 Oct 24, 2017

@nisenbaum protip: it's a scam. carry on.

jb55 commented Oct 24, 2017

@nisenbaum protip: it's a scam. carry on.

@AlexanderPoschenrieder

This comment has been minimized.

Show comment
Hide comment
@AlexanderPoschenrieder

AlexanderPoschenrieder Oct 24, 2017

@StarbuckBG I know that the fork is not yet released that was i asked if someone was working on this.

AlexanderPoschenrieder commented Oct 24, 2017

@StarbuckBG I know that the fork is not yet released that was i asked if someone was working on this.

@martin-key

This comment has been minimized.

Show comment
Hide comment
@martin-key

martin-key Oct 24, 2017

Contributor
Contributor

martin-key commented Oct 24, 2017

@nisenbaum

This comment has been minimized.

Show comment
Hide comment
@nisenbaum

nisenbaum Oct 24, 2017

@jb55 - Let's not be so judgmental. :) Can we call it "ForkDrop"TM? Innovation sometimes hides in the most unlikely places. I liken this to bacteria in the early moments of life on earth. Endless copying and reproducing, rapid decay and occasional viable mutation. There is a downside of course, as the name of bitcoin gets purposely attached to an alt coin, but that's a price of open source freedom.

nisenbaum commented Oct 24, 2017

@jb55 - Let's not be so judgmental. :) Can we call it "ForkDrop"TM? Innovation sometimes hides in the most unlikely places. I liken this to bacteria in the early moments of life on earth. Endless copying and reproducing, rapid decay and occasional viable mutation. There is a downside of course, as the name of bitcoin gets purposely attached to an alt coin, but that's a price of open source freedom.

@lmlsna

This comment has been minimized.

Show comment
Hide comment
@lmlsna

lmlsna commented Oct 24, 2017

😂

@Riocloud

This comment has been minimized.

Show comment
Hide comment
@Riocloud

Riocloud Oct 25, 2017

Ok, I am working on this part, we can share our code, this is only a small part of the code

Riocloud commented Oct 25, 2017

Ok, I am working on this part, we can share our code, this is only a small part of the code

@BTCGReplayUS

This comment has been minimized.

Show comment
Hide comment
@BTCGReplayUS

BTCGReplayUS Oct 25, 2017

Please see the pull request at #83.

This should be the completion of this bounty. Without a running node system some of the automated tests might fail, but the entire implementation is there and very likely correct:

DISCLAIMER: Should you choose to use it: none of this code has any warrantee, express or implied, usability for a particular purpose,etc blah blah

The pull request also fixes the vast majority of the warnings reported in #47

The task includes updating the test suite to use SIGHASH_FORKID, is clear and readable code, and the task is finished before 25.10.2017 12:00 UTC. It uses a FORKID=79, for the atomic number for gold.

Please review and let me know how to recieve the 300 BTG. We can make arrangements via PM.

EDIT: Due to the relative difficulty of making an account to exchange BTG for BTC, and the fact that no wallets exist yet, and the presumption that you already have such an account, I prefer to receive the equivalent value in BTC at the address 1Nphe82XxmoJSyWa5KgzsDEHV328oWWzxP using a market BTG/BTC exchange rate selected within 24 hours of the date the pull request is merged.

Presumably, if BTG both 1) has value, 2) is available to you on an exchange and 3) the value will increase, honoring this request will actually save you money by allowing you to keep your BTG tokens, so I would appreciate it.

BTCGReplayUS commented Oct 25, 2017

Please see the pull request at #83.

This should be the completion of this bounty. Without a running node system some of the automated tests might fail, but the entire implementation is there and very likely correct:

DISCLAIMER: Should you choose to use it: none of this code has any warrantee, express or implied, usability for a particular purpose,etc blah blah

The pull request also fixes the vast majority of the warnings reported in #47

The task includes updating the test suite to use SIGHASH_FORKID, is clear and readable code, and the task is finished before 25.10.2017 12:00 UTC. It uses a FORKID=79, for the atomic number for gold.

Please review and let me know how to recieve the 300 BTG. We can make arrangements via PM.

EDIT: Due to the relative difficulty of making an account to exchange BTG for BTC, and the fact that no wallets exist yet, and the presumption that you already have such an account, I prefer to receive the equivalent value in BTC at the address 1Nphe82XxmoJSyWa5KgzsDEHV328oWWzxP using a market BTG/BTC exchange rate selected within 24 hours of the date the pull request is merged.

Presumably, if BTG both 1) has value, 2) is available to you on an exchange and 3) the value will increase, honoring this request will actually save you money by allowing you to keep your BTG tokens, so I would appreciate it.

@jl777

This comment has been minimized.

Show comment
Hide comment
@jl777

jl777 Oct 25, 2017

I was the one that came up with the idea initially for the SIGHASH_FORKID

https://steemit.com/bitcoin/@jl777/bitcoin-spinoff-fork-how-to-make-a-clean-fork-without-any-replay-attack-and-no-blockchain-visible-changes

Just make sure to use a different forkid and also different default ports will simplify people running both BTC and BTG at the same time.

Let me know if you need help

jl777 commented Oct 25, 2017

I was the one that came up with the idea initially for the SIGHASH_FORKID

https://steemit.com/bitcoin/@jl777/bitcoin-spinoff-fork-how-to-make-a-clean-fork-without-any-replay-attack-and-no-blockchain-visible-changes

Just make sure to use a different forkid and also different default ports will simplify people running both BTC and BTG at the same time.

Let me know if you need help

@alexeyvip

This comment has been minimized.

Show comment
Hide comment
@alexeyvip

alexeyvip Oct 25, 2017

Is BTG developers don't know how do it? o_O

alexeyvip commented Oct 25, 2017

Is BTG developers don't know how do it? o_O

@martin-key

This comment has been minimized.

Show comment
Hide comment
@martin-key

martin-key Oct 25, 2017

Contributor
Contributor

martin-key commented Oct 25, 2017

@darorl89

This comment has been minimized.

Show comment
Hide comment
@darorl89

darorl89 Oct 25, 2017

Parody shit coin, take this coin and throw to the dumpster :)

darorl89 commented Oct 25, 2017

Parody shit coin, take this coin and throw to the dumpster :)

@flufy3d

This comment has been minimized.

Show comment
Hide comment
@flufy3d

flufy3d Oct 25, 2017

too shame on BTG team.hope the BTC core dev team will help you secretly.

flufy3d commented Oct 25, 2017

too shame on BTG team.hope the BTC core dev team will help you secretly.

@cjsin

This comment has been minimized.

Show comment
Hide comment
@cjsin

cjsin Oct 25, 2017

(updated 3. below with suggestion from bit79 below)

Any possibility one of the devs who understands the tech can comment on whether the following strategy would work for splitting coins currently in an exchange (or a local wallet) into separate wallets for each of BTC and BTG? I am a newbie to cryptocurrencies but this seems to me to be a valid strategy for avoiding the whole replay issue altogether:

  • Before or after Oct 25 / block 491407 (note, this has already passed, so not useful unless you had a local wallet before this time)
  1. if you don't have a local wallet, create one with a client such as electrum (or, other people seem to be suggesting coinomi?). give it a name something like for example "pre_fork_wallet"

  2. withdraw BTC from any exchanges into an address from your 'pre_fork_wallet' local wallet file

  • After Oct 25,26 / block 491407, but BEFORE Nov 1
  1. open pre_fork_wallet and use your client to export the addresses/private keys into a text format that will be able to be loaded into a BTG client at a later date. This will be used to create/import addresses into the BTG wallet after the BTG network launches on Nov 1. (The addresses in this wallet had BTC associated with them at the time of the fork, and will have BTG associated with them when the new network is operating). (and if the client uses a deterministic wallet with a seed and reproducible addresses, perhaps it is enough to simply have a very accurate record of this seed, noting that it will, later, be the seed to use for the BTG wallet?)

  2. create a new local wallet file, naming it something like "btc_wallet". (This will be your BTC wallet which will contain addresses with BTC only and which do not have any BTG associated).

  3. open pre_fork_wallet, and btc_wallet

  4. use your local client to perform transactions/transfers to transfer all BTC from the addresses in pre_fork_wallet, to new address(es) in the new "btc_wallet" wallet.

  5. now you can use 'btc_wallet' for BTC only transactions, without concern for using them on the wrong network. (The addresses in this wallet never existed on the BTG blockchain because this wallet was created after the snapshot, and your BTC balances were transferred to these addresses only after the snapshot, and before the BTG network was operating).

  • After the BTG network launches (approx Nov 1)
  1. use 'btg_wallet' (or address/private-key combinations exported from it) with a (new?) client that supports BTG, for BTG transactions only. (The addresses in this wallet were those which had a balance associated at the time of the blockchain snapshort/fork, and hence do have a BTG balance after the new network launched.

Does this sound reasonable? Any mistakes in the suggested strategy above? Publicising some simple strategy like this (if it would do the trick) that users can take themselves would assist in stopping people worrying too much about the replay stuff. But the strategy above relies on steps being taken between Oct 25 and Nov 1, which is coming up pretty quickly.

cjsin commented Oct 25, 2017

(updated 3. below with suggestion from bit79 below)

Any possibility one of the devs who understands the tech can comment on whether the following strategy would work for splitting coins currently in an exchange (or a local wallet) into separate wallets for each of BTC and BTG? I am a newbie to cryptocurrencies but this seems to me to be a valid strategy for avoiding the whole replay issue altogether:

  • Before or after Oct 25 / block 491407 (note, this has already passed, so not useful unless you had a local wallet before this time)
  1. if you don't have a local wallet, create one with a client such as electrum (or, other people seem to be suggesting coinomi?). give it a name something like for example "pre_fork_wallet"

  2. withdraw BTC from any exchanges into an address from your 'pre_fork_wallet' local wallet file

  • After Oct 25,26 / block 491407, but BEFORE Nov 1
  1. open pre_fork_wallet and use your client to export the addresses/private keys into a text format that will be able to be loaded into a BTG client at a later date. This will be used to create/import addresses into the BTG wallet after the BTG network launches on Nov 1. (The addresses in this wallet had BTC associated with them at the time of the fork, and will have BTG associated with them when the new network is operating). (and if the client uses a deterministic wallet with a seed and reproducible addresses, perhaps it is enough to simply have a very accurate record of this seed, noting that it will, later, be the seed to use for the BTG wallet?)

  2. create a new local wallet file, naming it something like "btc_wallet". (This will be your BTC wallet which will contain addresses with BTC only and which do not have any BTG associated).

  3. open pre_fork_wallet, and btc_wallet

  4. use your local client to perform transactions/transfers to transfer all BTC from the addresses in pre_fork_wallet, to new address(es) in the new "btc_wallet" wallet.

  5. now you can use 'btc_wallet' for BTC only transactions, without concern for using them on the wrong network. (The addresses in this wallet never existed on the BTG blockchain because this wallet was created after the snapshot, and your BTC balances were transferred to these addresses only after the snapshot, and before the BTG network was operating).

  • After the BTG network launches (approx Nov 1)
  1. use 'btg_wallet' (or address/private-key combinations exported from it) with a (new?) client that supports BTG, for BTG transactions only. (The addresses in this wallet were those which had a balance associated at the time of the blockchain snapshort/fork, and hence do have a BTG balance after the new network launched.

Does this sound reasonable? Any mistakes in the suggested strategy above? Publicising some simple strategy like this (if it would do the trick) that users can take themselves would assist in stopping people worrying too much about the replay stuff. But the strategy above relies on steps being taken between Oct 25 and Nov 1, which is coming up pretty quickly.

@bit79

This comment has been minimized.

Show comment
Hide comment
@bit79

bit79 Oct 25, 2017

You don't really need a copy of the wallet - just the private key of your address of step 2. After block 491407 (already happened), move your bitcoins to another address, and never reuse the address of step 2. When (if) BTG releases a wallet, import the private key of step 2.

bit79 commented Oct 25, 2017

You don't really need a copy of the wallet - just the private key of your address of step 2. After block 491407 (already happened), move your bitcoins to another address, and never reuse the address of step 2. When (if) BTG releases a wallet, import the private key of step 2.

@cjsin

This comment has been minimized.

Show comment
Hide comment
@cjsin

cjsin Oct 25, 2017

yeah I thought that was likely the case however as I'm not aware of the binary format for the wallet files of any of the clients, I thought it's possible they might store cached balances and such in a binary format, so after the transfer from one wallet to another, the client might think the wallet is empty unless it is a full node that checks the actual blockchain? So thought it safest to just take a copy before the transfer. But yeah that would be unnecessary if the addresses/keys are being imported into a new btg-supporting client app anyway. I'll edit the above to add that simplification.

cjsin commented Oct 25, 2017

yeah I thought that was likely the case however as I'm not aware of the binary format for the wallet files of any of the clients, I thought it's possible they might store cached balances and such in a binary format, so after the transfer from one wallet to another, the client might think the wallet is empty unless it is a full node that checks the actual blockchain? So thought it safest to just take a copy before the transfer. But yeah that would be unnecessary if the addresses/keys are being imported into a new btg-supporting client app anyway. I'll edit the above to add that simplification.

@notmike-5

This comment has been minimized.

Show comment
Hide comment
@notmike-5

notmike-5 Oct 25, 2017

@cjsin

Let's call your 'pre_fork_wallet' X and your 'btc_wallet' Y. What we want to do is transfer value X->Y in such a way that no attacker can rebroadcast the valid transaction from one chain onto another and steal (or strand) our value on the other chain. We call this 'replay protection.'

In the example you gave, value is transferred X->Y and Y->Z, where X and Y are locally controlled wallets and Z may be controlled by a third-party (like an exchange). Your assumption is that, because addresses in Y have not existed on the BTG blockchain, this protocol would provide replay protection. However, an attacker who rebroadcasts the valid transaction X->Y on the other chain introduces those addresses to that chain. By itself, this is a mere inconvenience. Provided they possess the seed, one could recreate Y later in a client and regain their value. However, a valid transaction Y->Z that were rebroadcast, where Z is third-party controlled, runs a real risk of stranding value or facilitating its theft.

For this reason, your protocol does not provide replay protection.

notmike-5 commented Oct 25, 2017

@cjsin

Let's call your 'pre_fork_wallet' X and your 'btc_wallet' Y. What we want to do is transfer value X->Y in such a way that no attacker can rebroadcast the valid transaction from one chain onto another and steal (or strand) our value on the other chain. We call this 'replay protection.'

In the example you gave, value is transferred X->Y and Y->Z, where X and Y are locally controlled wallets and Z may be controlled by a third-party (like an exchange). Your assumption is that, because addresses in Y have not existed on the BTG blockchain, this protocol would provide replay protection. However, an attacker who rebroadcasts the valid transaction X->Y on the other chain introduces those addresses to that chain. By itself, this is a mere inconvenience. Provided they possess the seed, one could recreate Y later in a client and regain their value. However, a valid transaction Y->Z that were rebroadcast, where Z is third-party controlled, runs a real risk of stranding value or facilitating its theft.

For this reason, your protocol does not provide replay protection.

quadrigahacker referenced this issue in realBitcoinGold/BTCGPU Oct 26, 2017

Remove Premine from Bitcoin Gold
Bitcoin Gold developers added a premine to the blockchain.  This patch is a minimal edit to remove that.

If the majority of Bitcoin Gold GPU miners use this client, there will be no premine on the Bitcoin Gold blockchain.

It is up to the miners to decide which client they want to use to mine.
@ileathan

This comment has been minimized.

Show comment
Hide comment
@ileathan

ileathan Oct 29, 2017

Total scam.

ileathan commented Oct 29, 2017

Total scam.

@ileathan

This comment has been minimized.

Show comment
Hide comment
@ileathan

ileathan Oct 29, 2017

@jl777 I guess you have the btc so i understand your help, but they are by definition dishonest and have continued to be so for many weeks now. If you actually help them, tell them to atleast make some sort of apology, I wanted to keep my BTG but i was forced to sell out when I saw a public bounty like that (in the coin sold as having the protection), just banking off some btc whale like you saving them.

I mean am I the only one who noticed (BTG) Bitgem was the better buy out of this btc gold news...

ileathan commented Oct 29, 2017

@jl777 I guess you have the btc so i understand your help, but they are by definition dishonest and have continued to be so for many weeks now. If you actually help them, tell them to atleast make some sort of apology, I wanted to keep my BTG but i was forced to sell out when I saw a public bounty like that (in the coin sold as having the protection), just banking off some btc whale like you saving them.

I mean am I the only one who noticed (BTG) Bitgem was the better buy out of this btc gold news...

@mjoh090

This comment has been minimized.

Show comment
Hide comment
@mjoh090

mjoh090 Oct 29, 2017

@ileathan I think it is more the case of ambition exceeding ability. While the launch of this project has been shambolic, their engagement at times with the community is abysmal.

I was on the slack channel before, and the question was asked about when BTG will be added to the Bittrex Exchange. Someone said "Never" at which point the founder Jack Liao jumps in with following response:

" suppprt or not, its up to exchange.but they need to give btg to their client.this is bottom"

I know English is not his first language, but there is still an astonishing lack of care in his response.

He was provided with context and therefore with opportunity to remind the community of the particular issues prohibiting uptake by Bittrex and the other major Exchanges, and how they were addressing those issues to win their confidence and encourage future uptake by those major Exchanges. Instead he writes something tonally belligerent that borders on unintelligible.

For such a high profile new coin release, the seeming lack of organisation (Martin indicated elsewhere that he hardly communicates with Jack) and professionalism of the team behind this coin is surprising, and alarming.

mjoh090 commented Oct 29, 2017

@ileathan I think it is more the case of ambition exceeding ability. While the launch of this project has been shambolic, their engagement at times with the community is abysmal.

I was on the slack channel before, and the question was asked about when BTG will be added to the Bittrex Exchange. Someone said "Never" at which point the founder Jack Liao jumps in with following response:

" suppprt or not, its up to exchange.but they need to give btg to their client.this is bottom"

I know English is not his first language, but there is still an astonishing lack of care in his response.

He was provided with context and therefore with opportunity to remind the community of the particular issues prohibiting uptake by Bittrex and the other major Exchanges, and how they were addressing those issues to win their confidence and encourage future uptake by those major Exchanges. Instead he writes something tonally belligerent that borders on unintelligible.

For such a high profile new coin release, the seeming lack of organisation (Martin indicated elsewhere that he hardly communicates with Jack) and professionalism of the team behind this coin is surprising, and alarming.

@ileathan

This comment has been minimized.

Show comment
Hide comment
@ileathan

ileathan Oct 29, 2017

@mjoh090 I hope your right. - since I feel like its a scam - The point is they are offering a bounty in BTG for replay protection when they already sold BTG as having replay protection. I do hope things go well, but this bounty is scam/clownish. If you don't know how to make the signatures exclusive in your crypto you should slow way the heck down.

ileathan commented Oct 29, 2017

@mjoh090 I hope your right. - since I feel like its a scam - The point is they are offering a bounty in BTG for replay protection when they already sold BTG as having replay protection. I do hope things go well, but this bounty is scam/clownish. If you don't know how to make the signatures exclusive in your crypto you should slow way the heck down.

@BTCGReplayUS

This comment has been minimized.

Show comment
Hide comment
@BTCGReplayUS

BTCGReplayUS Oct 30, 2017

I wanted to write here (and on the PR page) to confirm that with the code implemented and the bounty completed, the BTG team has followed through with payment of the bounty in full, on time, in the manner that I preferred. This instills a significant amount of faith (to me) that the project is being run by people who have a deep sense of professionalism, and I am grateful to them for the opportunity.

Thank you very much.

BTCGReplayUS commented Oct 30, 2017

I wanted to write here (and on the PR page) to confirm that with the code implemented and the bounty completed, the BTG team has followed through with payment of the bounty in full, on time, in the manner that I preferred. This instills a significant amount of faith (to me) that the project is being run by people who have a deep sense of professionalism, and I am grateful to them for the opportunity.

Thank you very much.

@mjoh090

This comment has been minimized.

Show comment
Hide comment
@mjoh090

mjoh090 Oct 30, 2017

@BTCGReplayUS Thanks for the update, and congratulations on your windfall.

I for one never doubted that they would follow through on paying the bounty - it would have been 'lights-out' if they didn't.

Your comment's inclusion of 'to me' qualifies your graciousness and gratitude with an awareness that this payment in reality does not invalidate persistent concerns for the rest of us, and therefore does not diminish the need for continued vigilance.

mjoh090 commented Oct 30, 2017

@BTCGReplayUS Thanks for the update, and congratulations on your windfall.

I for one never doubted that they would follow through on paying the bounty - it would have been 'lights-out' if they didn't.

Your comment's inclusion of 'to me' qualifies your graciousness and gratitude with an awareness that this payment in reality does not invalidate persistent concerns for the rest of us, and therefore does not diminish the need for continued vigilance.

@darxis

This comment has been minimized.

Show comment
Hide comment
@darxis

darxis commented Nov 1, 2017

#109 Close?

@h4x3rotab

This comment has been minimized.

Show comment
Hide comment
@h4x3rotab

h4x3rotab Nov 1, 2017

Contributor

Sure.

Contributor

h4x3rotab commented Nov 1, 2017

Sure.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment